I give up, I've spent weeks trialing various things in virtual machines and I can't find a distro which has the following features. I'm trying to find one encompassing distro that can be a server and a gateway at the same time. I'm setting up server/gateways in multiple locations and they are serving a network of Windows clients as a domain controller (or preferably an Active Directory)
I think I might need to setup a box to do the networking and firewall stuff and then another box to do the server stuff, but each location only serves a few users so doubling the hardware requirements isn't very cost effective. Also, I think the overhead of virtualisation will increase the hardware requirements too? If I did go that route the two boxes/VMs would still need to be tightly integrated.
Also, I understand Samba4 hasn't been released but I really need GPOs.... although I guess I'm just going to have to stick with Samba3. Beggars can't be choosers.
Please help me, I'm trying really hard to avoid Windows Server, but I'm starting to think it's hopeless trying to find a distro that can do all of this out-of-the-box. Desired but optional things are marked with an asterisk*
Code:
Networking
- Bridging
- PPPoE
- Gateway
- DMZ
- Port Forwarding
* VLANs
* Traffic Shaping
Network Services
- Dynamic DNS
- RADIUS (LDAP integration)
- 802.1x Security
- WPA2 Enterprise
- DNS
- DHCP
- Static Leases
- PPTP (LDAP integration)
* IPSec
* OpenVPN (LDAP/User integration?)
* Wake-On-LAN
Servers
- LDAP
- Samba4 AD (LDAP Integration)
* Could go for Samba3 but really need GPOs
- CUPS (LDAP/Samba Integration)
- HTTP Proxy (LDAP Integration)
- Content Filter
- Object/Group/Time Policy
- Bandwidth Management
* Transparent
* HTTPS Filtering (MITM)
- Web Server
- HTTPS Support
- Virtual Hosts
- Database
- MySQL/PostgresSQL
* Instant Messaging
* Jabber
* VoIP
* Asterisk
* Outgoing
* Mailboxes
Storage
* Hot Swappable Media support
* Encrypted File System support
Firewall
- IDS
- Per Interface
- Network Objects
- LAN <> Gateway
- Gateway <> WAN
- LAN <> WAN
- Custom Rules
- Per Interface
* Protocol Filtering
Certificate Authority
* Email Certificates
- Service Certificates
- HTTPS
- RADIUS
User Facing
- User Web logon
* Certificates
- Settings
- LDAP
- Rebrandable Proxy Error Pages
- Rebrandable User Web Login
Admin Facing
- Web Interface(s) for as many features as possible
* Scripts/APIs which Encapsulate features
Reporting
- Proxy Logs
- Samba Logs
- Logins
- Share Access
* Daemon etc. Logs centrally accessible
Virtualisation*
Ideas I liked
* ClearOS's Flexishare
- Same directory accessible via multiple methods/protocol
- Samba, HTTP, FTP, email request etc.
* ClearOS's User Service Integration
- User is integrated into many services automatically and from a central location
- PPTP, Samba, CUPS etc.
Things I've tried
Zentyal
- PPTP has no LDAP integration
- No Samba4
- No Custom Firewall Rules
- Protocol Filtering is broken
- No easy email certificates
- Logs are painful to access/use/view
* Rebranding is painful
ClearOS
- No Bridging
- No Samba4
- No LAN <> Gateway rules
- No Network Objects
- No RADIUS
- Poor SSL Certificate Management for Web Server
- Proxy Content Filter is broken
SME Server
- No Bridging
- No Samba4
- No Network Objects
- Poor DHCP Options
- No Certificate Management
- Poor Firewall Options
- No IDS/IPS?
- No Custom Firewall Rules
- No CUPS?
- No Content Filter
- No RADIUS
...
pfSense
- No Samba and related
...
Smoothwall Express
- No Samba and related
- No Content Filtering
- No Network Objects
- No LAN <> Gateway Firewall Rules?
- Poor Packet Filtering options
- No Web Interface for Proxy
- No LDAP Integration
- No RADIUS
...
Smoothwall Advanced Firewall
- No Samba and related
...
Resara
- Only has Samba4