Or just do the simple thing and put the disk in a box that you can run the makers updater on.. Ie something with a display..

If your PCs not new enough to have msata interface, then pick up a card that adds.. They are on amazon for 10$..

For residential, bridge the ONU. Most of the time, their network management systems and support staff has no clue or option to deal with non-standard configurations. For business, if it's easy, you can register your endpoint most of the time and if it's fast and reliably, why not.

@stephenw10:

I don't think I ever added it to the image. You can add it yourself though. It's here: https://sites.google.com/site/pfsensefirebox/home/XEBIOS_81.BIN

Steve

In the meanwhile I'm able to get it booting to the FREEDOSBIOS. And I was able to flash it and adjust the needed settings.
Tried the next step to get PFsense to boot from the CF card, but that is still an issue for the moment.

Many thanks already for your help guys!

This is a very reliable piece of hardware:
https://www.gl-inet.com/mifi/
It handles 3G/LTE with MiniPCI-E modules which you can install on your own, based on what frequencies are at your location (pull one out from some laptop, for example).
It's got two ethernet ports and also built-in WiFi, casing has reserved SMA mount hole for external antenna mounting if you want to (either buy on eBay or pull from a dated home router).
It runs OpenWRT so you can do anyting with it: just bridge the LTE interface (QMI, USB Ethernet and PPP supported) with one of the Ethernet ports and plug that into pfSense.
There's a battery and no-battery version of the device, so you can choose depedning on your needs.

They say it's industrial grade, I confirm that because I'm using one since almost 1 year.

@NetworkGuy:

Sounds like the pfSense interfaces aren't being assigned properly.

1.) The 2558F has an IPMI interface. On the IPMI "System Information" screen you should see a list of interfaces, BMC, LAN1, LAN2, etc. and the associated MAC addresses.
2.) HINT: The IPMI/BMC interface doesn't negotiate well with some switches and likes being nailed up to 100M Half Duplex if you have connectivity issues with IPMI.
3.) Assuming the 2558 and 2758 are similar, except for the CPU, LAN1 is the lower left port, LAN2 is the lower right, LAN3 upper left, LAN4 upper right. BMC (IPMI) is stacked over some USB ports.
4.) On the pfSense console, go to selection 8) Shell, and type: dmesg| grep igb
5.) Match the MAC addresses LAN1/igb0, LAN2/igb1, etc.
6.) Make sure pfSense, Supermicro and your fingers are assigning WAN and LAN interfaces appropriately

Thanks,

I solved this by updating the BIOS and cleared the CMOS on the A1SRM-2558F, here's more information since I opened a thread in Reddit:

https://www.reddit.com/r/PFSENSE/comments/6y0m39/supermicro_a1srm2558f_not_issuing_ips_from_lans/

Hard to say what the reason is right now. That driver is not the newest but if there was a known issue with it I would expect to see bug reports….

There is a slightly newer version available from Intel. Or a significantly newer version in FreeBSD 11.1.

You can try importing 1.4.12 into pfSense.

A better test might be to try loading a FreeBSD 11.1 iso which has 1.7.12.

Steve

Well the processor you need would be determined entirely by whatever bandwidth you might be able to get wherever you are.

If you want to use two mPCIe modems both slow will require SIM card sockets and wiring which limits your choices massively. In fact I'm not sure I've ever seen one. You might have to use a adapter card that provides the additional SIM socket.

Do you need wifi also? Also using mPCIe?

Steve

1. Can the ZTE hotspot just be connected via USB to the PFSENSE and it will detect it?

I can't speak to the 920 but the ZTE 917 Falcon (T-Mobile) can be plugged in via USB and it "just works" showing up as a USB (ue) interface.

I don't think this is your problem but having just built a box using HP's 4 port version of the I340 I can tell you that you will want to add this to /boot/loader.conf.local to prevent kernel panics under load:

That card should be supported by re(4) and has been for some time. Installing drivers is not something you would generally do in pfSense.

Check the boot log for error messages from the driver:

Check the IDs reported by the device if no driver is attaching to it. Look for devices on type noneX with class 'network':

Steve

….. aaaaaand nevermind, I must have a faulty port on the switch. I forgot to do the one last permutation of plugging LAN into the other port.

Ignore this post

@chpalmer:

@sleb:

Is an external access point somehow more preferable to another card inside?

Yes.

An external AP is independent from the driver support in BSD. You can place it on an optimal spot in the building instead of having it there the computer "lives". And depending on the AP you may have better range too

@belt9:

used 8GB sticks would be perfect for you if you think you might be using TLD on a lot of lists.

You are building a very high end system anyways, so might as well not skimp on the RAM quantity.

I was thinking the same lol.

@tritron:

Will Intel Celeron G3930 give me 950 mbs output with 10 nat rules. I have gigabit comcast internet.

It probably will, as long as you don't dump a ton of packages on it. Keep in mind that compared to proper low-power communications SoCs and mobile CPU's, that G3930 will probably do something to your power bill if you don't get a -T version.

SSD is best, I would personally say USB next and finally HDD.

Never use USB if you need to write a lot to disk.

With all that RAM I would say using USB is totally fine, just use a RAM Disk.

Check out the installs and upgrades subforum, there's a sticky about ZFS, that's how you should use USB installs.

USB install is even more viable now with 2.4 than with the old embedded installs due to ZFS support and improved RAM disk implementation.

Yeah, i went for the APU as mine had AES-NI on Board.

I, myself, have (Currently) WAN & LAN. and a Windows Server box that provides DNS.

But i use OpenVPN With forced NAT/Routing Rules to Tunnel all Traffic through it, been using OVPN like that since 2012.

Hope this Helps you!.

It has been warm this week in the UK (relatively  ;)). If you have the fan speed turned down that could be it. Watchguard had the fans at max all the time. The CPU is directly cooled but the average airflow through the box is what keeps everything else cool, there may well be some hot spots.

Lack of AES-NI will likely be a show stopper. You should assume 2.5 will not run on anything (x86) that doesn't support it. Again we will be supporting 2.4 for sometime after that though.
I won't go any deeper than that here, there are a number of other threads discussing it.

Steve

Are you seeing a version mismatch like the OP or no driver at all?

What error are you seeing?

Steve

Edit: Nevermind I see your other thread. This is issue is unrelated.

@jahonix:

@Billyboy:

We are replacing expensive company Internet lines with low cost residential VDSL lines, plus adding …

What the hell does this have to do with "using pfsense as a managed switch"? Create a new thread for your topic.

Because I am asking for an recomendation on a switch as in the thread discussed. Just not on the LAN side, but on the WAN side.

I always go 64-bit unless the hardware doesn't support it.