For SMBs, there are many free open source router and firewall solutions--and even a few options for enterprises. Many of these also offer other LAN services, such as a VPN server, hotspot gateway and captive portal.
Here, we'll discover some free and open router projects, covering those suitable for small businesses, medium-sized, and even enterprise-level comparable to Cisco and Juniper.
DD-WRT is a Linux-based firmware replacement for consumer-level wireless routers, suitable for use by small businesses. In addition to serving as an Internet gateway and network router, it also features an OpenVPN server and client, SSH server, FTP server, and hotspot and captive portal services. Other general features support multiple SSIDs, VLANs, and the ability to customize the startup and firewall scripts.
You can check their router database to see which wireless routers are supported and the DD-WRT variants they support. They also offer a Wiki with a FAQ and installation and configuration help. Some routers can easily be flashed with the aftermarket firmware via the router's web-based control panel while others require you to connect via TFTP. They even offer hardware specific instructions.
ZeroShell is a Linux distribution you can load onto PCs, servers and embedded devices. In addition to providing basic LAN services, it offers a RADIUS server for enterprise-level Wi-Fi security, a HTTP Proxy server with antivirus, OpenVPN server and client, and captive portal services. Other general features include load balancing and failover of multiple Internet connections and Wi-Fi AP mode with multiple SSID and VLAN support.
You can download ZeroShell as a Live CD, hard disk image, VMware Virtual Machine, or Compact Flash image. They offer some limited documentation in the form of developer and community contributed articles. You may also want to check out my article series on ZeroShell.
RouterOS is the Linux-based operating system used by the RouterBOARD product line by MikroTik. It can also be installed onto and run from X86-based PCs and servers. Along with the basic firewall and network services, it supports many VPN protocols, RADIUS server and client, TFTP server, and a hotspot gateway. Additionally, it offers various routing protocols and multiple wireless modes.
A basic feature-set of RouterOS is freely available and additional functionality is offered via multiple license levels.
You can install RouterOS onto a machine via a bootable install disc or use the Netinstall utility to install onto a secondary from within Windows and then put into your router PC or server. There are several configuration mediums: local access, serial console, Telnet, SSH access, GUI configuration tool called Winbox, and web-based interface. You can even build your own control application with their API programming interface.
You can try RouterOS by accessing its online demo routers via Telnet or downloading and using their graphical application Winbox. They offer a Wiki for documentation, along with other community and developer resources.
Untangle is an open source OS that can install and run on X86-based PCs and servers. It can serve as your network's router and firewall or run with your existing router as a transparent bridge. Aside from the general LAN services, the free Lite package provides spam, ad, malware, and intrusion protection, and includes OpenVPN and a captive portal. The premium packages add Web filtering, enhanced malware protection, IPsec VPN, and WAN balancing and failover.
You can install Untangle on a dedicated PC or server via a bootable install disc. Configuration can be made locally via a drag and drop GUI command center. You can find comprehensive documentation on their Wiki. You can also refer to a pervious article of mine for more information and to see how to get started.
Endian offers a free community version of its network and security appliance software, providing Unified Threat Management (UTM) functionality. It's a Linux distribution that gives you NAT, DHCP, firewall, VPN, antivirus, antispam, and web security and content filtering. It requires a dedicated or virtual machine with minimal system resources.
You can discover some of the Endian functionality by accessing its online demoof the
ClearOS provides three editions of its network OS: ClearOS Home (coming soon), ClearOS Enterprise and ClearOS Core--all completely open and free. They provide antivirus, antispam, VPN and content filtering, as well as the basic routing and network services.
Vyatta provides a free community version of its enterprise-level network OS, comparable to commercial solutions such as Cisco and Juniper. It's a Debian-based Linux distribution that can run on X86 platforms or on VMware, Citrix XenServer, Xen, KVM, and other hypervisors. In addition to the routing protocols and other typical network services, it provides web filtering and IPsec Site-to-Site VPN, Remote Access VPN, and OpenVPN.
Vyatta is available to download as a Live CD or virtualization image as 32-bit and experimental 64-bit. They also offer comprehensive documentation.