To all, I''ve just recently finished my "Security Gateway Server" project which separates a 10 laptop WLAN subnet from our main LAN/Internet network. I used Debian Sarge with kernel 2.6.9/ipsec-netfilter patched, and Shorewall 2.2.0-RC3 on a Asus P4S533, 2.4 GHz PenIV and 512MB memory. The Toshiba A60-S166, PenIV, 2.4G laptops run Windows XP Pro and have internal Atheros based wireless cards with SuperG technology and Netscreen-Remote VPN Client software. By using a Linksys AP that has the same chipset as the laptops and connected to the server WLAN interface, I''m able to run in Turbo Mode and obtain 20 Mbs average and sustained speeds, 23Mbs peak, when testing 100 MB file transfers while using IPSec-AES-SHA1. Thanks to Shorewall/Netfilter, I have great flexibility in processing and regulating traffic. Thanks, Tom, for all your hard work making Shorewall and it''s documentation so great, and to all the list members whose postings that I''ve read to gain enough knowledge to complete this project. Sincere regards, Mitch Martin IS Technician City of Monroe, NC
> -----Original Message----- > From: Mitch Martin > Sent: Friday, January 07, 2005 8:35 AM > To: Shorewall Mail List > Subject: [Shorewall-users] Shorewall & IPSec gateway > > To all, > > I''ve just recently finished my "Security Gateway Server" > project which separates a 10 laptop WLAN subnet from our main > LAN/Internet network. I used Debian Sarge with kernel > 2.6.9/ipsec-netfilter patched, and Shorewall 2.2.0-RC3 on a > Asus P4S533, 2.4 GHz PenIV and 512MB memory. > The Toshiba A60-S166, PenIV, 2.4G laptops run Windows XP Pro > and have internal Atheros based wireless cards with SuperG > technology and Netscreen-Remote VPN Client software. By using > a Linksys AP that has the same chipset as the laptops and > connected to the server WLAN interface, I''m able to run in > Turbo Mode and obtain 20 Mbs average and sustained speeds, > 23Mbs peak, when testing 100 MB file transfers while using > IPSec-AES-SHA1. Thanks to Shorewall/Netfilter, I have great > flexibility in processing and regulating traffic. Thanks, > Tom, for all your hard work making Shorewall and it''s > documentation so great, and to all the list members whose > postings that I''ve read to gain enough knowledge to complete > this project. > > Sincere regards, > > Mitch Martin > IS Technician > City of Monroe, NC > >-----CORRECTION---- I used a D-Link DWL-2100AP. Not a Linksys! Mitch
Mitch Martin wrote:> Thanks, Tom, for all your hard > work making Shorewall and it''s documentation so great, and to all the > list members whose postings that I''ve read to gain enough knowledge to > complete this project. >You''re welcome Mitch -- thank you for the report. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key