A few weeks ago I did a quick write up about the Untangle firewall system my experience installing and using it on a Protectli Vault all-in-one mini PC. Today I’d like to describe a box I set up as an alternative to the model I previously used, the Protectli Vault. For this box I used an old Optiplex 780 purchased on Amazon for $87. I’ve been using the OptiPlex 780 for the starting point in a lot of projects recent due to the fact that it’s modular by nature, easily upgradable, and has components that are powerful enough to tackle any moderately resource intensive modern tasks.
The OptiPlex made a great jump-off for this project. I wanted an untangle box that was a small form factor so it could be easily incorporated into the physical environment where it would be operating but not fquite as small as the Protectli Vault setup I had used before. I tried to keep the budget around around $370, the price of the original Protectli Vault Setup. I wanted to keep the at least as powerful of the Protectli Vault build.
First I took a look at the RAM. The OptiPlex 780 has 4 dual channel DDR3 slots onboard. This is more than capable enough to match the RAM loadout on the Vault. I was able to find an 8GB kit of two DDR3 1600MHz sticks for $56 on Amazon. These sticks were plenty powerful for what I was building. The 7800 came with 4GB of RAM preinstalled, allowing some cost to be recouped. This 4GB might be enough if the amount of services running in the Untangle installation were minimal.
Next was the storage solution. The Vault comes with 120GB of solid state memory so I figured a 2.5″ SSD would be a suitable match for the OptiPlex. I found a SanDisk 120GB SSD, again on Amazon, for $60. This would provide quick read/write speeds for typical Untangle operation and open up the possibility of using disk space for swap operation if the need arose. The 780 comes with a harddrive already installed and they range between 160GB and 250GB. After the SSD installation, these could be salvaged for other projects or to recoup some cost.
Arguably the most important part of this particular build is the network interface. The 780 comes equipped with just the 1 network interface onboard out of the box. This, by itself, isn’t capable of being a functional box. There needs to be at least 2 ethernet ports, one for the internal connection and one for the external connection, for the box to function as a firewall. I decided it would be appropriate incorporate a 4-port 1000Mbps NIC to allow for up to 4 external connections. This one-upped the Vault by allowing an additional connection compared to the 3. I purchased the PRO/1000 Ptquadport from Amazon for $56 (now $50) and, in turn, freed up a 4-port switch I had been using to route local traffic, allowing addition cost reclamation by selling this redundant equipment. The NIC had to be low-profile to accommodate the reduced room in the small form-factor OptiPlex. I decided to additionally include a single port card in the spare PCI slot, bringing the number of external ports to an unprecedented 5.
Finally, I wanted to include a beefy quad-core CPU to again one-up the Protectli Vault. The Q9650 was a work-house Core 2 Quad-core chip in its day and still packs a wallop. This monster can hang with new processing solutions and would be more than enough for this build, theoretically capable of routing over a gigabit of traffic at any time and possibly much more depending on how many local services Untangle is running. I was able to secure one from Amazon for $49. Installing the chip however was tricky.
During the install I periodically powered up the build to ease troubleshooting if problems arose. The assembly did turn out to problematic when I installed the NIC and the new processor. Replacing the CPU was probably this most time intensive step in the process. This process included removing the existing E8500 chip in the OptiPlex, another redudant part that could be sold. The process was made easier by the easily removable heatsink secured by two screws. The hood attached to the heatsink is easily detached from the HDD assembly. Thermal paste was then applied to the new Q9650 and the heatsink was the reattached. The system did not boot, and the OptiPlex was showing the error code “2 3 4”, displayed on the lights at the bottom of the front of the chassis. These lights were accompanied by a solid amber light emanating from the power button, indicative of CPU issues.
Troubleshooting was easy enough. I had a spare OptiPlex 780 laying around that had identical specs andd installed the Q9650 in it after removing it from the Untangle build. Luckily, it booted up, eliminating the possibility that the chip was faulty. I then tried the sparee OptiPlex’s chip, another Q9650, in the new build. This attempt also failed to boot, producing the same error indicators for a faulty chip. This confirmed the problem was local to the new build and narrowed it down to a problem with the board or some part of the CPU assembly. Luckily, the problem was due to how the heatsink was mounted, so no faulty hardware was involved. I attached the heatsink by tightening the screws nearest to the DVD drive first instead of the opposite. This pressure differential most have secured the CPU in an optimal way because the machine booting up properly on the next attempt.
The assembly of all the components was relatively painless apart from the CPU hiccup. With the machine up and running and the software configured, we were off to the races. The physical environment was prepared with a small shelf so the box itself could set out of the way. It was anchored to the wall using some wire to prevent any nudges from sending it crashing to the floor. The build was officially ordained with an Untangle sticker on the case.
The final price was $308, and with current prices, this total is just below $300, putting us about $70 below budget.
OptiPlex 780 $87
2x4GB DDR3 1600MHz RAM $56
SanDisk 120GB SSD $60
4-Port NIC $56
Q9650 Processor $49
If the micro form factor provided by the Protectli Vault isn’t a necessity it is demonstrably proven that a box with a superior CPU and network solution is built for around $70 cheaper. This box can handle anything that will be thrown at it in the foreseeable future and is powerful enough to utilize all of the features in the Untangle software suite. In this scenario the OptiPlex once again proves to be an optimum solution.
Josh Dean Concord Charlotte