OPNsense Forum

English Forums => Hardware and Performance => Topic started by: MikeA on November 12, 2015, 05:42:54 pm

Title: Questions regarding Hardware to use
Post by: MikeA on November 12, 2015, 05:42:54 pm
Hi,

  I've been playing with pfSense a bit and wanted to compare and play with OPNsense as well.  I have an older Sonicwall TZ180 that has been acting up lately.  I wanted to implement a firewall that can also do Web Caching and VPN.

First, here is some info on the current setup.

WAN1 25/25 EoC Connection
WAN2 10/2 DSL (Backup/Mail Traffic)
LAN  30 users
1 Site to Site VPN tunnel via IPSEC

Here is the Hardware I was planning on running OPNsense on

Gigabyte GA-P55M-UD2 w/ Intel i7 930
8GB Ram
480 SSD
Onboard Nic Disabled
(2) IntelĀ® PRO/1000 PT Dual Port Server Adapter

We plan to possible grow to a max of 50-60 users over the next year, but should be no more than that.

What I'm looking for is mainly a Firewall with VPN (few users) and possibly Web caching.  From what I've read OPNsense should be able to handle this, just wanted advice on Hardware and if Site to Site VPN was possible.


Thank you

Title: Re: Questions regarding Hardware to use
Post by: MikeA on November 12, 2015, 05:45:38 pm
Oh, one more question.  Can I export or Duplicate the Config to a VM for failover?  If the hardware should die, would be nice to spin up a preconfigured VM to handle the load while being repaired.  If not, I can keep the Sonicwall around for that.
Title: Re: Questions regarding Hardware to use
Post by: franco on November 12, 2015, 10:04:05 pm
Hi Mike,

Your specs look fine, though these days you can get away with less, but then again the specs are helpful for elaborate and effective web caching. Good choice on the Intel cards and disabling the internal port. :)

You can do a couple of things to retain your configs:

o Export the config manually.
o Back up your configs automatically to Google Drive.
o Sync your config to a CARP backup node in the VM.

Last one is your best bet, because in that case you'll have the VM take over instantly with the latest config if you can have it running all the time.

You can read about how to set up CARP here: https://wiki.opnsense.org/index.php/Configure_CARP


Cheers,
Franco
Title: Re: Questions regarding Hardware to use
Post by: MikeA on November 13, 2015, 04:16:37 pm
Thx Franco.  Going to get it up and running today.