This tutorial covers the post installation basic configuration of Monowall (M0n0wall). This segment covers changing the default password, setting the time zone of the firewall. It also covers setting static IP address mappings via DHCP as well as configuring port forwarding. This is the second part in a series of tutorials which will range from basic configuration of the firewall to more advanced topics such as IPSEC tunnels and VPN clients.
This tutorial covers the installation of Monowall (M0n0wall) onto a compact flash card utilizing a Mac and assembling the firewall. The firewall is being built utilizing an ALIX embedded system. This is the first part in a series of tutorials which will range from basic configuration of the firewall to more advanced topics such as IPSEC tunnels and VPN clients.
I am in the process of creating an updated video tutorial on installing Monowall (m0n0wall) firewall on an ALIX embedded system. While I am at it, I will also doing the same for the pfSense firewall installed on the same platform. There will also be written guides to go along with these video tutorials. These forthcoming guides will come in segments ranging from copying the firewall to a CF card that will be inserted into the system board to more advanced topics such as configuring IPSEC tunnels. You should see the first of these tutorials released on July 15th.
Enjoy the tutorials and should you have any recommendations or things you would like to see included in these tutorials just leave a comment.
UPDATE: I ran into a personal matter which had delayed the production of the first segment. I should have it completed and posted within the next couple of days. Sorry about the unexpected delay.
This tutorial will guide you through copying the m0n0wall image to a compact flash card and the initial configuration of the m0n0wall on the ALIX embedded board. I will be using a VPN accelerator card since I will have about 10 IPsec tunnels actively running at one time. I would only recommend using the VPN accelerator card if you plan on maintaining several VPN tunnels at one time, otherwise it is overkill. The following is a list of the items that were used:
I just finished my initial tutorial on setting up a m0n0wall firewall on a PC Engines ALIX 2C3 board. I have setup several of these using a Mac. There was a lot of research I had to do to figure out how accomplish it using OS/X. Most of the documentation I found online referenced using Windows systems. So I decided to take what I learned and write a “How-To” on the topic as well as a video to accompany it. You can find the How-To by following this link: http://www.techunplugged.com/tutorials/embeded-m0n0wall-firewall-on-alix-hardware/
In part of my quest to simplify my life I moved away from Windows workstations and servers to Macs. With the number of systems that were removed it had a large impact on the acoustics of the room as well as power consumption. I still had one relic left behind and that was a firewall running on a PC to keep my IPSEC tunnels up with all my clients. I decided I could replace that unit as well with something that was at least fanless. During my research I found something that would be fanless and work with a 15w power adapter so it would have a small electrical footprint. The hardware I used was a PC Engines ALIX 2c3 board on which I installed the m0n0wall embedded firewall OS. I also used a Soekris VPN1411 mini-pci card to offload the encryption processing from the CPU. It is very small and runs super smooth on a 30mbit connection with 10 tunnels running. The CPU never goes above 40% utilization on a full load. It is fairly inexpensive and quite simple to assemble and program. I am in the middle of doing a video tutorial on putting one of these together and programing it. I should have the video done along with support pages tomorrow, so check back.
I have implemented various firewalls through out the years, but I can say with confidence that the Symantec lines of firewalls are the worst I have ever used. Well at least the 1620, but the entire line utilizes the same software which seems to be the underlying problem. I was installing two units in a failover configuration for an insurance company I service as well as a media buying firm. Both were being setup using content filtering with user authentication against their Active Directory. That’s when I came across a bug that dumb founded the Symantec support desk. Evidently there is an issue with having different levels of content filtering depending on which Active Directory group a user belongs to. I couldn’t believe that no one else has come across this bug before. They bumped this up to their global support group and to the developers. Three days later they still couldn’t give me a fix even though they were able to replicate the problem in their own labs. The real fun part was when I was informed by the support tech that Symantec was ceasing selling their hardware firewalls. That was enough for me to pack up the units and move to a Sonicwall solution for both clients. We have been extremely happy with the Sonicwall solution thus far.
I am in the process of creating an updated video tutorial on installing Monowall (m0n0wall) firewall on an ALIX embedded system. While I am at it, I will also doing the same for the pfSense firewall installed on the same platform. There will also be written guides to go along with these video tutorials. These forthcoming guides will come in segments ranging from copying the firewall to a CF card that will be inserted into the system board to more advanced topics such as configuring IPSEC tunnels. You should see the first of these tutorials released on July 15th.
