Mmm, I don't have the details unfortunately I wasn't involved in that.

Probably better to drop an email to Netgate support and we can take it from there.

Steve

Use a thermometer?  :P

I'm out of suggestions at this point.

Steve

Sounds like it isn't running at 115200. Or potentially your terminal settings are wrong.

You should use the v0.81 BIOS if you can as that allows booting from a much wider range of devices:
https://sites.google.com/site/pfsensefirebox/home/XEBIOS_81.BIN

If you can still boot to the loader prompt in pfSense you can override the DMA settings and complete the boot, then add the settings permanently.
https://doc.pfsense.org/index.php/Boot_Troubleshooting#pfSense_2.2_and_later

Steve

I know this is an older post but I just wanted to share my experience with the SG-4860-1U and power outages.

I have my appliance connected to a Eaton 9130 UPS. Big storm last night and I was emailed at 6:30pm by my security system that there was a power outage. I logged in remotely to my SG-4860 and sure enough my UPS Status told me I was on battery power and had 90 minutes left before the batteries drained completely.

My SG-4860 shut down when the battery charge hit the default setting for battery charge left.

When the power was restored at 10:00am the next morning, my ups automatically powered up and then my SG-4860 did the same.

Just wanted to say thanks as it made me look like I knew what I was doing when I recommended purchasing the SG-4860 and UPS.

On a side note: My suite is new construction less than 7 months old and multiple neighboring suites have had to replace their blown out network equipment because they didn't have it protected by a UPS.

Both of those board are PVIe v2.0, x1 speeds will be able to handle up to 4Gbps full duplex. So as long as you can fit the card in there you won't have any bandwidth issues with these!

https://doc.pfsense.org/index.php/Boot_Troubleshooting#BIOS.2FDisk_Errors

Thanks for your input guys.  I wonder, do either of you run snort or suricata?

@Stan464:

I Self built my own Appliance, you can do this with Spare Hardware laying about. in this Instance, i purchased an AMD APU-5000 built onto an Asrock ITX Motherboard, not a single regret.

Must confess I do like the idea of putting together my own system, its been well over 10 years since my last physical build.

@whosmatt:

That CPU should be more than up to the task.  ~75Mbps of OpenVPN doesn't take a lot.  For reference and perhaps comparison to other hardware, I reached about 70 Mbps with a 1.4GHz dual core AMD Kabini CPU.  That was about the max I got for a single thread (tunnel) which should give you some comparison especially if you're considering hardware like the AMD APU-5000 recommended already, which is about 100MHz faster than what I had, and has double the cores. The i5 5250U should be much faster.  It's simply faster than the AMD Kabini in IPC (instructions per clock) meaning that even at the same clock speed it will perform better.

Good to know. I turned away from AMD back in the old A5/Athlon days, Intel have (for me at least) proven to be far more stable and therefore less frustrating.

@aGeekHere:

I do like the idea of small form factor routers and pc/servers (raspberry pi).

I agree, though the current crop of "maker" hardware seems much better suited to the general purpose server role than the router role.  For example, the raspberry pi has been getting gobs more CPU power with every subsequent iteration, but last I checked, its NIC is still on the USB 2.0 bus.  Great, perhaps for a pihole server, or in my case, I use a pi zero to run dump1090 with a RTL2832U (see, Realtek really is good for something!).  Hell, I'm still using a Sheevaplug dev kit from 2009 as a NAS server with a Drobo, and it's only suitable for that because it has a real 1Gbps NIC.  It's still pretty darn slow, but so is the Drobo, so no point upgrading.

Kidding aside, the best potential example I've seen is the UP Squared board, and as far as I know, it's still not available for purchase.  And even if it was, you'd have to accept Realtek NICs.  Baby steps I suppose.

I would expect it to be fine. More than capable for 100/40Mbps.

Seems like you could use that chassis for something else. If that's what you have though….

Steve

@Santosh:

Hiii
    I am little bit confused that if i am distributing my internal network in 200 employees then whats the possibility  of collision or packet loss in my network.

The design of your network, regardless of what firewall you choose, will be what prevents collision. Packet loss can be the result of many different factors, but shouldn't occur in any appreciable amount in a well designed and implemented LAN.  If you're experiencing either issue now, I'd suggest addressing that first.

Try changing the pfBlocker update interval to make sure it is that.

What hardware are you running on?

Steve

@chpalmer:

@nerone:

Hello, where do i get the 8.1 BIOS?

https://forum.pfsense.org/index.php?topic=129497.0

The search function is your friend!  ;)

Than you chpalmer! :)

BlueKobold often blindly recommends APU and Jetway products when they are clearly not appropriate.

I'm starting to think he is getting kickbacks lol.

No PPPoE, just regular IP and NAT.

Ok, then the Jetway NF9HG-2930 would be also interesting for you, fan less and silent without turning parts!

Jetway NF9HG-2930 ~$199 2 x 4 GB RAM ~$50 M350 case ~$50 external PSU ~$15 mSATA 16 GB ~$20

Is that with an APU2??

No, it was a SG-4860 from the pfSense store! Would also be a nice unit, with QAT, AES-NI and it comes pre-tuned!

So do you think the SG-2440 is not enough?

No it don´t think so, only with much luck and without PPPoE it could be running well, but I would not trust on that!
better then the SG-4860 would be nice!

Not much to work with if you're not seeing any logged warnings from the sk driver.

There's not much by way of tuning options for it either.

You could try diabling msi/msix globally using the following loader variables added to /boot/loader.conf.local:

hw.pci.enable_msix=0 hw.pci.enable_msi=0

One or both of those may help.

Steve

Thanks for info folks, I really appreciate your input.  I will take your advice into consideration.

Not sure which way to go just yet, but you all have given me some valuable information needed to make an educated decision.

Cheers!

Could you not restore the backup to a separate instance, then just print the old thread out to PDF?

Thanks again folks! Got my switch, VLANs and AP up and running. A little for work to be done on rules…I went with a dlink managed 5 port switch.

@BlueKobold:

@kujako:

Thanks all. Found a Soekris net5501 in the back of my closet I think I'm going to use to try out pfsense to make sure it's for me before investing in any more hardware.

If this device will be going in a real usage and you also try to use it for VPN setups, you can speed up the IPsec from ~14 MBit/s
to ~42 MBit/s of throughput by attaching a small Soekris VPN1411 miniPCI card. (Only if needed or you are interested on that!)
Soekris vpn1411

Nifty, thanks for the link.