I paid ~$350 each for the ones I selected: The specs are kind of amazing for the price. Why not just go with a small box that can run a real, full Linux distro? Wouldn't that be simpler and easier to keep up to date?Īfter doing some research and asking on Twitter, I discovered there are a ton of amazing little Broadwell 'mini-PC' boxes available on AliExpress. So when it came time to upgrade, we wondered: Let's face it: this is just a little box that runs a chopped up version of Linux, with a bit of specialized wireless hardware and multiple antennas tacked on … that we're not even using. And Tomato itself is updated sporadically, chaotically at best. Although the version of OpenSSL in the 2012 era Tomato firmware we used is not vulnerable to Heartbleed, it's still getting out of date in terms of the encryption it supports and allows. Rather than dedicate a whole server to this task, I purchased the inexpensive, open source firmware friendly Asus RT-N16 router, flashed it with the popular TomatoUSB open source firmware, removed the antennas, turned off the WiFi and dropped it off in our colocated rack to let it act as a dedicated VPN access point.Īnd that box – which was $100 then and around $70 now – worked well enough until now. When we initially deployed our handbuilt colocated servers for Discourse in 2013, I needed a way to provide an isolated VPN channel in for secure remote access and troubleshooting.
