I fully agree with @johnpoz and it would be not going better with or for your network at home
to try out the same thing more and more again as I see it right. For sure all peoples will be standing
on a starting point and network engineers would be not falling down from the heaven this is also a
well known and logical knowledge. And even try out the worst case or something nearly this would
be not nice but also fine by going step by step and asking before and not after, I accept this really.

Since the last time even more and more often peoples join, related to the circumstances that many
"good" or by friends given tips owed to the circumstance that the best firewall would be a transparent
firewall and there fore ports must be bridged and so on and so on, please read my lips, it is not so,
in very rarely cases and mostly only for peoples they absolutely know what they do and when they do
it right, bridging would be coming with a success and also a wining point.

The best way if you are starting with pfSense and if you have not really special needs, I really suggest the
best would be to go a straight and ordinary or most common way, because then if there is coming something
on top or your network will grow up, you are in the best position to realize it without any work around or hassle.

OpenFerret_2.jpg
OpenFerret_2.jpg_thumb

i have installed two PFsense 2.2.4 with Supermicro A1SRM-LN5F motherboards.

This boards here? Supermicro A1SRM-LN5F

with Supermicro A1SRM-LN5F motherboards

_Key Features

1. Intel® Atom processor C2358, SoC,
    (Rangeley), 7W 2-Core, 1.7-2.0GHz
2. Up to 16GB DDR3 1333MHz ECC or
    non-ECC UDIMM_

PFsense says it is only a C2358 with 2x 1.7GHz. How can i get that right? Anyone Else with similar Problems?

All peoples that are using the "Supermicro A1SRM-LN5F" should or must have the same "problem".

I will post back how it goes with the intel and the realtek

Thanks again

Is monster that hw, I will try the atom, reading and reading looks like will be capable to manage my plan.
Thanks BlueKobold for your comments.

As an IT Engineer you may have access to an old notebook or two.  They can make good home and learner  pfSense appliances.  They come with built-in console and UPS (display keyboard, battery). 
The biggest down side seems to be single onboard NIC.  Thus requiring VLAN or adding a PC-Card NIC or USB NIC.  Initially I used a PCMCIA card NIC (yup that's really old).  Then switched to VLAN WAN once comfortable with the configuration.

We finally found the cause of the problem: if pf service is stopped one usb-lan adapter works fine (two used simultaneously do not work at all). No problem with ipfw firewall. We also tested a pf-patch that solved the problem (still under development).

@OpenFerret:

Actually, please ignore my previous post.  I think I'll just go from the pfsense box to the Switch and setup seperate VLAN's using the Cisco Switch instead.  At least that way I can get the switch to do what it does best and not play around with the pfsense box trying to act like a switch.

Thank for advice!

Yes thats might be right! And the WLAN can also be split into several VLANs with his own IP address range
that would you bring up to build a guest and private WLAN.

If I use the 2558f, and can I utilise that as the gateway / router

Yes you can easily install pfSense on it and it came along with AES-NI and Intel QuickAssist that might
be much better as AES-NI and TurboBoost, the TurboBoost would be better for the device to use it as a NAS
or server running servers like Apache or similar.

and then have it link to the Switch and Wireless Router in AP mode as two separate LAN's with their own subnet?

Yes for sure you will be able to do so, this was the most common way to use it before VLANs were in the network game!
So if your Switch will be able to support VLANs it would be better to go with them, because you will be able to set up VLANs for private usage and connect to the entire network (LAN) and another one only for WLAN Guests with connect
to the Internet only!

This is better because pfSense will bring benefit to both LAN and WLAN, segregate each and isolate both from internet without the potential burden with VLAN.

If no internal (private) and external (guest) WLAN must be exist it would go, but in any case as todays hardware
will be able to do it, I would never connect all devices directly to the pfSense! If he is able  to take a small Layer3
switch in the game this would be the best structure then to connect all the devices to that switch and with then two routing points in the entire LAN structure you will be speed up many things and a single failure or miss config. in the pfSense will not be smash down the entire LAN WAN network.

If you intend to deploy later on VPN, AES-NI or AMD CPU is a good advice as state above.

The C2558 "Rangeley" platform will be coming along with both AES-NI and QuickAssist.

OpenFerret_2.jpg
OpenFerret_2.jpg_thumb

@lenneth101:

can it be connected to a fiber optic modem with 100 Mbps as I might be changing to Virgin Media UK soon?

Sure. Absolutely no problem as far as WAN throughput is concerned. You can route and filter much more than 100Mbps  ;)

@BlueKobold:

Now, question is would the J1900 + that mobo be enough to handel the 1Gbit connection?  (http://www.newegg.com/Product/Product.aspx?Item=N82E16813157614)

This is a home setup, nothing fancy, I'll be running HAProxy, Snort/IDS, VPN

And on top the 1 GBit/s WAN connection you will be need much power related to the throughput!!!!

Thank you for the feedback, I'm looking for something to put into a 1U or 2U case and into my server cabinet. I'm still curious if anyone have any experience with J1900 handeling 1G connection.

The eMMC has a normal full install on it.

@velaur:

I'm just more cautious due to it having no reviews anywhere online, but will post after I have the system running as I think it is a fantastic option for the cost.

Well did you get this up and running? Have you measured power consumption? Are you happy with it?

The 2220 uses a SoC without QAT.
The 2440 adds m-SATA (2220 has m.2) and has 2 minipcie (2220 has one)
2440 has additional SATA port.
2440 has cmos / tod backup battery
2440 has 4GB ram (2220 has 2GB, we could build a 4GB variant. MOQs apply)
2440 has 4xi350 Ethernet (2220 has 2xi350)

-Model : HD502HJ

The last picture you have been posted and in the second line from above!
And yes your Samsung HDD is dead or creeping down!

If this are the same cards as talked about in this thread, they are not running in 2.1.5 and 2.2.2
Link

The first or best option you have is to insert this card into the device, do a fresh and full install
and see if they got recognized by pfSense 2.2.4 latest stable or 2.2.5 alpha.

The second option you have is to insert this cards in the device and you might install FreeBSD 10.1
pfSense since version 2.2.x is based on, and if you get the card working you should try out to copy
the .ko module for this card over to the pfSense machine.

And if nothing goes for you here are some cheap but Intel based multi LAN Port cards Link

If you are aware of this refurbished cards and/or they are not PCI bus based you could at least try out
to get your hands on some Soekris NICs! Link

I'm not saying here it has no added value, although VM for FW is very strange to me.

Me too, but in some rarely cases, companies or their networks are growing up rapidly so that you
are able then to let the Firewall grow up also fast as you might must be doing it. As an example:
The Lanner FW-8896 Series is capable to handle many VMs and also sort them with many different
LAN Port configurations.

Your case Upgrade set ATX Dual PSU Diamond Head 12G6CB or Shasta 12G6S SSD RAM

-Working as router with 15 separate networks(multiple will only have a laptop in them for Port NATing based on location)
-Allow for 8 or more network ports(will probably vlan the less used ones if needed)

??? I really don´t know why not setting up a switch stack with some Layer3 Switches?
Or some little, small or bigger MikroTik routers, for doing this job right.

Bandwidth currently limited to 1 X gbe port on TA334, provider would activate a second gbe port on request.

So an Intel Xeon E3-1241v3, 8 GB ECC RAM and a Intel Quad Port card together with a SSD
would do the job for you.

I am considering asking for fiber split + second ONT or allowed to activate my own ONT using some sort of GPON OLT SFP + PCIe SFP adapter (if possible).

Go by a cheap SFP > RJ45 media adapter.

Budget $500 pfsense box only. Flexible.

Supermicro Board for Xeon E3
Xeon E3-1241v3
8 GB ECC RAM
128 GB SSD
Supermicro case and PSU

or all assembled together as a Supermicro Superserver ready to go!
Would be my personally choice of this setup.

Have you gotten this LCD to work???  I also have one of these LCD screens and haven't got it to work.  If I can't get it work in the next week, I will order a crystalfontz.

Thanks!!

@robi:

It surely will!

Mainly for firewall and adblock. And that board I can only find for like $150 which is 3x more then the Wyse on ebay.

You will not face any problem with your PSU, except perhaps failure if it is very old but this is for sure powerful enough.
i3 should handle one or two VPN quite easily ;-) your CPU is already more than enough for what you describe. Then it also depends on additional services you may run.
for pfSense used as firewall, CPU will potentially limit network throughput (but you are very far from this  ;D) however if you add services like HTTP proxy, blacklists via Squidguard and anti-virus, Snort and/or stuff like this, this is another story.

Then what you describe in term of computer "isolation" might not be directly related to pfSense but more to general network design where pfSense may play its own role. VLAN could be one direction.

The setup
APUd4 running
iperf 2.0.5.2
squid3 0.3.8
squidGuard 1.9.15

iperf test
pfsense as client
pc as server
pfsense connected to gigabit router
pc connected to gigabit router
Only using lan nic

results

[ ID] Interval      Transfer    Bandwidth [  9]  0.0-10.0 sec  593 MBytes  497 Mbits/sec

So when I said between 500 to 600 mbits it is really between 450 to 550 mbps.
However, this is only using 1 core (50% CPU), need iperf v3 for multi threading testing.

Squid cache test
A 1GB test file
Speed is about 250 mbps
using full CPU power

So that is about what I get.