The best UTM Firewall solution

After setting up a good LAN I wanted utilize it fully with a good software UTM Firewall. There are some requirements:

  • Ability handle Vlan
  • Contentfiltering (preferably with different filters on vlans)
  • Addblocking
  • GUI – even though I like Linux, I prefer GUI over CLI
  • Be able to run in VMWare

I had some experience with PFSense, so why not start with that, I had some issues with setting up Vlan in the beginning (turned out to be rookie mistakes 😉  ) But luckily I was able to find a good guide on both PFsense and Vlan; I can only recommend  Calvins guide

I played around with PFSense for a while and it has a lot of features, some of them way above my level of competency and it can be tricky to configure -good guides can be found by googling 😉

It seemed there was some issues with Squid and Squidguard causing trouble when rebooting the firewall.

I then turned to Untangle, it has a very nice gui and easy to configure, it has content filtering and a separate add-blocker. It wasn’t until my 30-day trial expired and I had to use the free/lite version I discovered that you can only setup on policy and not separate policies per Vlan.

Currently I can live with that but I’m exploring other options and have been looking at ClearOS community edition and

I have been running both in a test environment in VMWare but still haven’t made a descision, I hope to rate them later.

Setting up LAN at home

I’ve always wanted a good setup at home, and since I’m a big fan of fast connections and stability I’ve tried to cable where possible. In my previous house it was a bit cumbersome to get the cables where I wanted them – I also started without laying a masterplan 🙂

However I recently moved to another house – my plan was to do the cabling at first to be sure it was done the right way from the beginning.  Many ideas was in my head – thought about doing pulling cables down in the cornes of the rooms and then add the outlet on the wall, however a small trip to the addict got me thinking of other solutions. I noticed there was rubbertubes leading phone cables down the wall – who needs phone-outlets in 2016 ?   Long story short – removed the phone cables and pulled cables down that way ; other places there was tubes with cable-tv – the tube was big enough for 2 Cat 6 😉

now the house is cables with at least 16 outlets where I need them – and no cable mess everywhere.

I found the optimum place for my patchpanel; this was installed in a small 9U Rack together with a 24Port Switch and a 8Port POE switch.  This also contains the cable modem and my Mac-mini “server”.  Next to the rack is my NAS.

Wifi is handled via Edimax Pro Cap 1200 located centrally in the living room. I was in doubt whether it should be this one or a Ubiquity, I decided to go for the Edimax as I was not that fond of the Ubiquity interface and the Edimax had the feature of turning off the LED.

So far very satisfied with the setup – speedtest says Gigabit on Lan and also good speeds on wifi – so far maxing out the 150 Mbps of my wlan.