Recommendation
-
I recently started at a company that is looking to dump their current config for an all *nix solution. They have a cisco 2600 that they want to get rid of and replace with a *nix solution. They currently have a T1 line and are considering satellite or DSL as a backup.
I noted somewhere in the forum that pfsense doesn't support T1 adapters and was wondering what the solution would be? I am hoping to set up two pfsense firewall/routers in a failover setup. I was looking at the wrap and soekris platforms but I didn't see any mention of T1 adapters. So how do I do this?
Thanks in advance
-
Why get rid of the 2600? If I understand you correctly, the 2600 is currently running NAT, access lists, etc. I would reload the 2600 with a minimal config: ip for the serial, ip for the ethernet, default route.
Then put your pfSense box behind it on another public ip from your lan block.
T1>>>serial0-Cisco2600-ethernet0>>>wan-pfSense-lan>>>LAN Switches -
Sangoma make T1 cards that they say work with FreeBSD. Maybe one of the cards here http://www.sangoma.com/main/solutions/DataIp is something that could be used with pfSense
-
Why get rid of the 2600? If I understand you correctly, the 2600 is currently running NAT, access lists, etc. I would reload the 2600 with a minimal config: ip for the serial, ip for the ethernet, default route.
Then put your pfSense box behind it on another public ip from your lan block.
T1>>>serial0-Cisco2600-ethernet0>>>wan-pfSense-lan>>>LAN SwitchesThe problem is that they are a relatively small business and they don't want to rely on a second hand router. They can't afford to replace the router if it should fail.
-
It's been my experience that even a used 2600 is more reliable than most pc hardware. You could probably ebay a backup router dirt cheap- a 1600 with a t1 wic will hold up a T just fine, but whatever. I'm sure it will be cheaper and easier to get two pci/pcie T cards, then install the vendor-provided driver, and hope everything works well with pfSense…
It may work great, and let us know how the T1 card you use works, but if it was me, I would let a router hold up the T, and let pfSense be the firewall. -
Yeah, Cisco hardware "just works". Pick up another 2600 and WIC-1DSU-T1, load up your config on it, and leave it there ready to go should the primary fail. That'll run under $200 shipped on ebay. It'll be cheaper than a Sangoma T1 card, and just as, if not more reliable.
I would get rid of the NAT, ACL's, etc. on the Cisco and put in the pfsense behind it, like dotdash suggested.
-
Thanks everyone after giving them some ebay prices and telling them that it would be better to keep the cisco they decided to stay with it and use pfsense and a firewall behind.
