I would expect that i5 to do it. At least the routing and filtering part. And probably the VPN given the right VPN type and traffic conditions. 'Line rate' Suricata may be more of an issue but it will probably do it as long as you don't just load every ruleset!
You have it gathering dust on a shelf so try it and see.

Steve

Ah, that's good to know. I'll have to test that in the new setup in 2.7 without netgraph.

Steve

This device has been sold.

@edwardnizz said in open VPN working,,,Now how do i get my files?:

like your accusing my of lying about the updating issues when you don't even have a shield to test.

Lying? I asked you what version of the shield software your running? I do have a shield I could use to test. I just don't use it as my PMS, only as a client.

And acknowledged there clearly some known issues with plex on shield depending on what version you were on..

Glad your happy with the answer you got, my bad for trying to assist.. I will not make that mistake again on any of your other future threads rest assured.

There was no reason for you to chime in

My first comment in this thread was to Steve, about the fishy link. And made a off hand comment that I would use something other then direct access to files to view my video. You engaged me.. But anyway, glad your happy with the solution you found.

@stephenw10 That is sad. I was skeptical but with AT&T in Northeast FL, I regularly see 500 mbps download on speed tests. I doubt I ever actually pull that much but we easily stream 3 or 4 TVs while I am working from home (VPN'd into work network as well) or on Teams calls with video and have zero issues. That is all pre netgate so going to be an interesting test. I'll report some results after it is all working 😀

If it was working fine previously behind some other SOHO router then the most common things to check are:

It requires UPnP. pfSense includes UPnP but it's disabled by default as it's a security risk.

pfSense randonmises the source port of outgoing traffic when it's NAT'd and some older applications (notably VoIP or VPN) cannot handle that correctly.
See: https://docs.netgate.com/pfsense/en/latest/recipes/nat-voip-phones.html#disable-source-port-rewriting

Steve

@zipping8761 haha - I warned you, but it a good learning experience ;)

The config description fields are not part of the IPSec connection, they are not listed there.
You can see them as comments in /var/etc/ipsec/swanctl.conf.

Steve

So I did some more digging around.
In short it doesn't look like there is a Trim command for ZFS that I can see

UFS does have Trim capability as found here...
https://forum.pfsense.org/index.php?topic=113803.msg633795#msg633795

On this thread...
https://forum.netgate.com/topic/102088/trim-for-ssd/17

At the bottom you'll find...
@kpa said in Trim for SSD:

All SSDs have automatic wear leveling. What TRIM does is to mark disk blocks that are no longer in use as empty so that the wear leveling has more free space to play with. If your disks are mostly empty the wear leveling will never come to a situation where the unused blocks become scarce and there's no reason to enable TRIM.

Apparently thought Trim is enabled by default on zfs and can be confirmed with...
sysctl -a | grep _trim

Yep i think i misunderstood. I read TOR as TNSR.

In some cases you will be off the need to use routers also inside of your LAN network and pending on your network
topology and network Layer(s) it might be good to know
where exactly you should connect your TSNR router.

Although im still curious as to what switching
infrastructure is used.

It is pending on your network topology and/or network Layer design. as an example;

2 core switches (redundant) - Core Layer2
TOR Switch in each of the Racks - Distribution Layer
Access switches (stacked in ring) - Access Layer

This can be differing from design to design and also where
all these racks and/or switches will be installed. example:

IT Room (Server room) with Core Switches
on each stage of the building one rack with stacks and ToR
the stacks are connected to the ToR and the ToRs are connected to the Core switch(es)

Hmm, well that doesn't sound good.
Maybe consider a different hypervisor if that's your main firewall.

@dobby_ I am a Mikrotik fan and use the new RB450x2 to manage my LAN with pfSense as edge (WAN). I'll research what you presented (Tailscale) as it sounds interesting, thank you for sharing. Discovered this about new package coming: https://www.youtube.com/watch?v=Fg_jIPVcioY