Results 1 to 7 of 7
  1. #1
    Untangler
    Join Date
    Nov 2009
    Posts
    90

    Default Untangle features list vs pfSense?

    I have a pfSense box as my firewall and I'm trying to decide if I should put UT in transparent mode behind it, or replace pfSense altogether. There are a couple features of pfSense that I require, even to the point I prefer it over my Cisco ASA box.

    Does Untangle has any of these?

    • IPSEC support (site-to-site tunnels)
    • UPnP support
    • Dynamic DNS (dyndns.org) support
    • DNSmasq
    • PPTP Server

  2. #2
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,244

    Default

    I can answer a few.

    Untangle dose not have:
    PPTP Server
    IPSEC support
    UPnP support

    Untangle Have:
    Dynamic DNS (dyndns.org) support
    DNSmasq (in advanced mode)
    OpenVPN

  3. #3
    Untangler
    Join Date
    Nov 2009
    Posts
    90

    Default

    OK, thanks. Those are enough not to use Untangle for a firewall.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,162

    Default

    Correction, NEITHER PRODUCT has uPNP support. If you want a router that is game friendly toss PFSense in the garbage, it is strict NAT and impossible to work with for certain titles.

    If you enable the PPTP server on PFSense you cannot connect to any PPTP servers out in the world. Even if you don't turn on the PPTP server you can only have one client behind PFSense connected to any given PPTP server.

    There are only 2 reasons why you would keep PFSense as a primary router.

    1.) You need PFSense's (I should say Monowall's) more advanced layer 3 features to do far more advanced QoS.
    2.) You need an IPSec terminator at the edge of your network.

    If you aren't using either of those, toss PFSense into the trash and make the switch. Heck, if you DO need those two features and you aren't using any of the advanced plugins for PFSense like the squidguard or something similar... Toss PFSense in the trash anyway and switch to monowall. It's smaller, lighter, and a thousand times more stable.

    I've used Monowall and PFsense in production for the last 5 years. I've used Untangle for the last year and a half. Not one of them is perfect, learn what they are good for and use them appropriately and you can save a silly amount of money of stupidly expensive commercial equipment that does the same thing.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Untangler
    Join Date
    Nov 2009
    Posts
    90

    Default

    Actually, pfSense's upnp support works fine for me. Utorrent, Sage Server, Video chat programs, etc. I don't game through it. And I do use it as a PPTP Server as well as IPSEC endpoint to connect to work. All works well. I can't give up those features.

  6. #6
    Untangle Ninja YeOldeStonecat's Avatar
    Join Date
    Aug 2007
    Posts
    1,554

    Default

    Quote Originally Posted by sky-knight View Post
    Correction, NEITHER PRODUCT has uPNP support. If you want a router that is game friendly toss PFSense in the garbage, it is strict NAT and impossible to work with for certain titles.

    If you enable the PPTP server on PFSense you cannot connect to any PPTP servers out in the world. Even if you don't turn on the PPTP server you can only have one client behind PFSense connected to any given PPTP server.

    There are only 2 reasons why you would keep PFSense as a primary router.

    1.) You need PFSense's (I should say Monowall's) more advanced layer 3 features to do far more advanced QoS.
    2.) You need an IPSec terminator at the edge of your network.

    If you aren't using either of those, toss PFSense into the trash and make the switch. Heck, if you DO need those two features and you aren't using any of the advanced plugins for PFSense like the squidguard or something similar... Toss PFSense in the trash anyway and switch to monowall. It's smaller, lighter, and a thousand times more stable.

    I've used Monowall and PFsense in production for the last 5 years. I've used Untangle for the last year and a half. Not one of them is perfect, learn what they are good for and use them appropriately and you can save a silly amount of money of stupidly expensive commercial equipment that does the same thing.
    PFSense does support UPnP, and it does it well. I'm logged onto mine right now, and looking at the boys XBox and XFire ports listed right in the UPnP services page.

    I'm a hardcore online gamer, as well as the boy, I've gone through more routers than most IT people can name off the top of their head..and nothing...nothing..can come close to the gaming performance I have with PFSense. Its QoS/traffic shaping is quote potent and works well.

    The PPTP limitation is 1x concurrent connection to a PPTP server out on the internet at a time. You can have several people connected to several different PPTP servers out on the internet at the same time..just not 2 or more to the same PPTP server.

    I find it equally as stable as m0n0wall...or Untangle...but for that matter, I chalk stability up to the quality of the hardware you run it on. If you use solid supported hardware, your only reboots should be when doing upgrades.....and probably years apart. IPSec tunnel is solid as a rock too.

  7. #7
    Master Untangler Evil_Bert's Avatar
    Join Date
    Nov 2007
    Location
    Sydney, Australia
    Posts
    119

    Default

    pfSense is a great product, IMO. I prefer it over m0n0wall because of packet scrubbing and extensibility (via packages like snort). At least it can be locked down to a much greater extent than UT, which, to my mind, makes it more suitable as a front-line firewall.

    As has been commented on several times in this forum, though UT is great at what it does, it can't do everything perfectly. To choose between UT and pfSense, you really have to understand your needs very well and match them to the products' capabilities. Personally, I prefer to use both in series and leverage from the strengths of both products, and avoid having "all my eggs in one basket".
    There are many alternate universes, but only this one has beer.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2