As it turns out, I have two routers on my home LAN. The one I have had in place for a long time is a Netgear WNDR4300. It is not the best router in the world, but it has been very stable for me over the years. The other router is a Netgear WNDR4500. I purchased this one for use at my parent’s house. My dad recently switched back to Comcast and decided to go with their WiFi in the cable modem. Whatevs. That freed up the 4500 for me, which I used to replace my ancient Linksys WRT54GL, which I was using in the living room as a WiFi AP and for hanging the Roku off of (yes, I like wired connections).
In my quest for VPN access from work to home for Internet access, I discovered that while DD-WRT (and so Tomato) do not support either of my Netgears, OpenWRT supports the 4300. Hmmm… I find this interesting, as the 4500 is the better router in specs, but it is not supported in either DD-WRT or OpenWRT worlds. And, as Tomato is to DD-WRT, there is a fork of OpenWRT that has a nicer GUI. This is called Gargoyle-Router. A super cool part of all of this is that Gargoyle supports plugins, similar to the way that pfSense does. One of these plugins is OpenVPN.
SoftEther has done everything that I have asked of it. And since I discovered the missing ports to open on the router, it has worked flawlessly and easily. The only problem is that it is running on my desktop PC. What if Microsoft kicks out an update and the box reboots in the middle of the night and I do not know this until I get to work and try to establish the VPN tunnel? Well, I suppose I have some options, but the end result is the same. My VPN server should be running at the edge of my LAN, not on a PC in user space. It should be on the router and that is just that.
As far as pfSense goes, I am still wicked interested in playing with this. In fact, last night I spent several hours looking for the missing power brick for my old ThinkPad X61t laptop so that I could see how pfSense handled this hardware. This laptop might be a bit too old for what I have in mind, which is eventually going to be more than a simple router with a VPN server running on it. I am thinking IDS/IPS, which will certainly require some beefier hardware. Anyway, I could not find the power brick, so I turned to eBay and ordered a Lenovo branded one (not a cheap knock-off) for $13 and free shipping. In the meantime, I think I am flashing my 4300 tonight after my wife is asleep.