[BillingsLUG] WAN to WAN help question

[Pippin Wallace]

Dan, if you are ever up the Bozeman way and have time for pfsense LUG
lab please let us know.

Pippin

On Tue, Jul 20, 2010 at 11:34 AM, dan <dandenson at gmail.com> wrote:
> On Tue, Jul 20, 2010 at 1:12 AM, Mike Berry <madeinmontana at bresnan.net>
> wrote:
>>
>> I would probably be looking at the pre-builds. Lol, I'm not that versed in
>> the build-ur-own.
>
> Actually, getting a pfsense box setup is easier than a cisco.  If you pop
> into #ubuntu-montana on freenode or even post on montana linux you could get
> someone to put one together for you local to Billings or Bozeman.  I would
> offer BUT because I suggested it you might see some sort of scandal :) also,
> #pfsense on freenode is an excellent irc chan and they are very willing to
> help.  You wont find the same with a Cisco.
>>
>> When you say re: the ciSCo, If you want multiple WAN, you will need an
>> 1821 or better, does blgs to bzmn count as multiple?
>
> No, its the number of seperate internet connections you can use.  If you get
> a box that can multi-wan you can have say a DSL and a Cable connection, or a
> T1 and DSL, and you can load balance or fail over the connections.   An 881
> has a single WAN port and wont let you VLAN out your WAN port or anything so
> it can only have 1 WAN IP address, aka 1 WAN.  The 1821 and higher routers
> allow you to add Ethernet modules, which means you can do up to 5 WAN ports
> on a 1821 with 2 Ethernet WIC cards.  This is BIG$$$.  $1500 router + about
> $500-$800 each for the WIC cards.
> With Cisco I would say that it is *practically impossible to load balance
> VPN, but you can do failover.  With pfsense, you can create two tunnels, one
> on each WAN, and then load balance between them, if one goes down it
> compensates.  For that matter, you can put a third connection on dialup,
> give it a lower priority in the loadbalance/failover mechanism, and pfsense
> can dial that when the other connection(s) are down.  You can add a droid
> phone with wifi tether and install a wireless adapter in pfsense, again with
> a lower priority, put that in the loadbalancing mechanism, and you can stack
> those and have 2 WAN priority 1, Verizon on priority 2, and dialup on
> priority 3, or even two dial ups on priority 3.  I have seen people using
> pfsense to 'shotgun' 6 or more dial up modems in the forums.  basically,
> pfsense is EXTREMELY flexible, much more so than a Cisco.  Also, you can
> setup your pfsense box to a final, production state in no time flat.  Nice,
> easy web GUI.
> excuse the tangent there!
>>
>> And who is a reputable outlet for these? Any one?
>
>  http://www.newegg.com/Product/Product.aspx?Item=N82E16833150036&Tpk=cisco%20881
> http://www.cdw.com/shop/products/default.aspx?EDC=1482835
> **note, if the picture shows wireless, it is the wrong picture.  That is the
> 881W and is about $200-$250 more.
> I would also caution you that if you have not worked on cisco IOS it may be
> tough to configure yourself.  There is a web gui but it will only do VERY
> basic things.  As soon as you put a specific route, or acl, or vpn option,
> the webgui wont let you configure anything anymore.
>>
>> I will have to talk to you more, later, about the other OS, maybe I could
>> suggest a LUG meeting demo from someone for those of us not so
>> knowledgeable?
>
> Bozeman and Billings both have a LUG that has some skilled regulars.  I have
> a conference room in Billings and would be more than happy to do the August
> LUG on pfsense.  I think that it would be more appropriate to do a lab
> instead of just a demo though, get some hands dirty :)
>
> I currently have 37 VPN tunnels on Cisco and a few on ipsec with pfsense and
> a few mobile setups with openvpn in production.
> _______________________________________________
> BillingsLUG mailing list
> BillingsLUG at billingslug.org
> http://lists.billingslug.org/mailman/listinfo/billingslug
> http://www.billingslug.org group information
>