MountainBox, MountainCare, MountainCentral, MountainCloud, MountainView, iDiG, Wi-iDiG and iDiGOS are trademarks of 5th Mountain Networks (Pty) Ltd.
Copyright © 2018 5th Mountain Networks (Pty) Ltd.
Turning Best-Effort Networks into Great Networks
MBX30 WAN Virtualisation and Security Gateway Appliance
The MBX30 1U rack mount system is a state of the art WAN Virtualisation and SD-WAN Security Gateway Appliance, featuring Quad Core Intel® processors to support a high level of I/O throughput and optimal performance. This appliance can be configured as a Firewall, LAN or WAN Router, VPN Appliance, DHCP Server, DNS Server, and IDS/IPS with optional packages to deliver a high performance, high throughput front-line security architecture at a excellent price per Gigabit.

Built with performance, versatility, and low total cost of ownership in mind, MountainBox systems meet the growing needs of organisations of all sizes.


No artifical limits or add-ons required to make your system fully functional.
No additional usage or feature based pricing. Enjoy unlimited users, unlimited firewall rules, unlimited IPsec, OpenVPN, L2TP or PPTP tunnels, multiple LAN/WAN, dynamically configured, etc.
Low power requirements to help save you money.
No required moving parts to wear out. This system is designed for a long deployment lifetime.


From Firewall to Unified Threat Management, get all the security features you need to protect your home or business.
Flexible configuration and support for multi-WAN, high availability, VPN, load balancing, reporting and monitoring, etc.
Add optional packages such as Snort or Suricata for IDS/IPS and network security monitoring and Squid for optimised content delivery.
Maximum Active Connections: 8,000,000


Manage iDiG settings through our web-based GUI.
No fumbling with a command line interface or typing arcane commands.


Connect via encrypted Virtual Private Networks (VPN) between your offices, let mobile workers connect securely, or connect to the Cloud!


Small Businesses
Small to Medium Sized Business Networks
Small to Medium Sized Branch Office
Managed Service Provider / Managed Security Service Provider (MSP/MSSP) On Premise Appliance
Teleworkers needing an "Always-Up" network or VPN connections


MountainBox iDiG is a low-cost, open source based firewall and router platform that is functionally competitive with expensive, proprietary commercial firewalls. It can be configured as a stateful packet filtering firewall, a LAN or WAN router, VPN Appliance, DHCP Server, DNS Server, or can be configured for other applications and special purpose Appliances. This next generation security appliance features include:

Stateful DPI packet filtering firewall or pure router
Routing policy per gateway and per-rule for multiple WAN, failover, load balancing
Transparent layer 2 firewall
Support for IPV6, NAT, BGP
Captive portal with MAC filtering, RADIUS support, etc
Dynamic DNS client
DHCP Server and Relay functions
PPPoE Server
Reporting and monitoring features with real time information


High Availability

Two or more firewalls can be configured as a failover group. If one interface fails on the primary or the primary goes offline entirely, the secondary becomes active.


Enables the use of multiple Internet connections, with traffic steering, load balancing and/or failover, for improved Internet availability and bandwidth usage distribution.

Server Load Balancing

Used to distribute load between multiple servers. This is commonly used with web servers, mail servers, and others. Servers that fail to respond to ping requests or TCP port connections are removed from the pool.

Dynamic DNS

A Dynamic DNS client is included to allow you to register your public IP with a number of dynamic DNS service providers.

Virtual Private Network (VPN)

Multiple options for VPN connectivity, including IPsec, OpenVPN, and PPTP.

PPPoE Server

The software offers a PPPoE server. A local user database can be used for authentication, and RADIUS authentication with optional accounting is also supported.

Reporting and Monitoring

RRD and real time graphs that include information on everything from CPU utilisation to real time throughput for each interface.

Captive Portal

Captive portal allows you to force authentication, or redirection to a click through page for network access. This is commonly used on hot spot networks, but is also widely used in corporate networks for an additional layer of security.