For my growing network I was in need of a better router than the Fritz!Box 7390 provided by my ISP. I decided to build my own router that should support:
- separate networks for private computers, public available servers and wireless
- a proper VPN implementation
- a proper, configurable firewall
- regular updates
- as low as possible power consumption
Between many choices I’ve decided to use the quite popular firewall distribution IPfire on a Alix APU1c. Connection to the internet will be managed using a Draytek Vigor 130 (V)DSL modem.
The content however is old and might be outdated.
IPfire is a quite modern firewall distribution with a modular concept. There are modules available for almost any usecase so you can built not only routers but also access points and appliances like print, mail or data servers. It’s using quite recent kernels and works on most hardware.
The Alix APU1c is a small yet powerful embedded board by PCEngines sporting
- CPU: AMD G series T40e (1Ghz dual Bobcat Core, 64bit)
- RAM: 1GB DDR3-1066
- Network: 3 (!) Gigabit NICs (Realtek RTL8111E)
- Interfaces: mSata, SDCard, 2xUSB external, 1xUSB internal, DB9 Serial-Port, 2xminiPCI express
Especially the miniPCI interface is great to add a WLAN card.
Beside the Alix APU1c board an a fitting case I used:
- a mSATA SSD with 16GB
- a mSATA to USB adaptor
- a miniPCIe WLAN card (Compex WLE200NX IEEE 802.11a/b/g/n)
- two WLAN antennas
- a null modem cable with R232 USB adaptor. The Alix APU1c doesn’t have a graphic card we will have to use a serial console for installation and configuration.
Connect the Alix APU1c board to your PC using the null modem cable and the R232 serial adaptor. Make sure the adapter gets’s recognised as a serial device (
/dev/ttyUSB1 on linux). In case it does not work as intended have a look here: http://blog.mypapit.net/2008/05/how-to-use-usb-serial-port-converter-in-ubuntu.html
Installation of IPfire
Installation was pretty easy then.
- Download the latest disk image from http://downloads.ipfire.org/latest. Make sure to download the image with serial console enabled:
- Connect the SSD to your PC, find the device name (eg using
lsblk) and dump the disk image to the SSD. On Linux use
sudo dd if=ipfire-v.vv.1gb-ext4-scon.i586-full-corexx.img of=/dev/sdx
Use your device name instead of
sdxwithout partition number.
- Insert the SSD into the Alix board as well as the WLAN card.
- Open a serial connection to the Alix board. Make sure to set the baud rate correctly to 115200 8N1. I’ve been using putty successfully for this task. Power on the Alix board and watch it booting on the serial connection.
Installation is already done by now. During first boot the system will resize the partitions and then start the setup assistant.