[clug] low power device for VPN end point
Dale Shaw
dale.shaw at gmail.com
Mon Jan 23 23:03:36 UTC 2017
Hi Peter,
On 24 January 2017 at 09:06, Peter Barker <pbarker at barker.dropbear.id.au>
wrote:
>
> On Mon, 23 Jan 2017, Dale Shaw wrote:
>
>> On Mon, 9 Jan 2017 at 10:23 pm, Tony Lewis <tony at lewistribe.com> wrote:
>>
>>> I'm looking for a low power device to be a VPN end point, and I am after
>>> recommendations, please.
>>
>> This is not quite what you've asked for -- it's not even Linux -- but
have
>> you considered something like this?
>> Juniper SRX110H2 (used, includes TransACT and NBN compatible VDSL2
>> interface)
>> https://www.ebay.com.au/itm/292001464825
>
>
> That's fast ethernet only.
That's correct. I wish being limited to only 100 Mb/s (65 Mb/s of IPsec VPN
[full packet size], according to the data sheet[1]) was a problem I needed
to work around. I assumed, perhaps incorrectly, that the requirement for
VPN implied a requirement for Internet.
[...]
>
> I've just purchased a mini-itx, supposedly-15W system from China. 6
"ethernet cards". ~$200 sans-disks.
>
>
https://www.aliexpress.com/item/Firewall-Motherboar-J1900-10w-processor-based-firewall-motherboard-with-onboard-2GB-Ram/32749040807.html
>
Interesting. Let us know how you go with that.
> This is to replace my ailing Fit-PC which has served well for a decade,
but looks to be unsupported by the next Debian. I'm hoping to replace a
managed 24-port gigabit ethernet switch with this and a 5W 8-port gigabit
switch, resulting in lower overall power consumption (and a *much* simpler
setup!)
If you were looking at collapsing it all into a single device, then I would
understand why the 8-port 10/100 Mb/s switch inside the SRX110 would be
seen as a limitation.
Vaguely related: Last I picked up a pair of Supermicro E200-8D mini
servers. They're in a different league, price-wise, but they've been great.
In theory you could run a virtual instance of your favourite
router/firewall and, with AES-NI support, build a very high performance VPN
endpoint.
Cheers,
Dale
[1] http://www.juniper.net/assets/us/en/local/pdf/datasheets/1000281-en.pdf
More information about the linux
mailing list