@tirsojrp: According to CompuLab their toys works with pfSense. This is great. Although, fitlet-i is comparable with (a bit cheaper) Shuttle DS437, fitlet-X-LAN is better option when more than 2 NICs are required…

APU should be fine for 88Mbps. If you want to run Squid or Snort you should use an mSATA or a real HD though. Running from flash (SD card) will ware it out with a package that writes frequently like Squid. Steve

I was a bit late reading that post and have already upgraded to 2.2 but I've got two other identical units with 2.1.5 in case it ever fails. Upgrade went smoothly and all works well after although I found it had removed all packages I had installed, nothing major though I only really used blinkled which I've reinstalled and works fine on 2.2. Package installation is also faster than I remember too. There's maybe a slight increase in UI performance, more noticable on some pages than others. The display issue in Chrome on Code-Red theme is also fixed in 2.2.

Thanks virgiliomi, I'm fairly sure that I am not going to need more then 2 NICs for my home setup, I'm only going to have a HP Procurve 8 port Gb dumb switch hanging off the LAN port with a wireless router hanging off that for the mobile devices. Looks like the J1900 is the way to go then. Out of curiosity, is there much beneift in maxing out the RAM to 8Gb over 2 or even 4Gb, keeping in mind I want to run Snort, Squid etc. I'm also assuming that a small 60Gb SSD is more then sufficient, correct? Next step, wife approval  ;D

The unfi $70 AP should work just fine..  It supports up to 4 SSIDs and vlans.  I am currently running my wifi on different segment using pfsense, and also have a guest on a different vlan.  So I limit what the wifi can do, and on the guest - other than pinging my pfsense gateway it can not talk to pfsense, can not talk to any other segments lan, wlan, dmz and doesn't even use pfsense for dns.  The dhcp on that vlan hands out public dns to use. With the unifi ap you can run their free controller software in a vm in the cloud if you want, etc.  And get lots of info about your wlan users and guest.  Have your guest via a portal, can use voucher system to auth if you want, etc. etc.. Lots of bells and whistles.  Clearly that would give you better coverage and features then putting a wifi card into pfsense.  Your talking peanuts for cost of the AP.. Like 35$ more than some wifi card you would put into pfsense.

Got the same, Asus AM1M-A, Athlon 5350, SSD Best/Least I've managed is about 24,5W draw from wall socket (also using dual slot Intel Pro1000MT NIC). ECC, haven't managed getting it to work. Tried two different brands, had Hynix and Kingston's unbuffered ECC sticks lying around. FreeBSD, enabling CPU throttling leads to system crash (unless I disable C6 state in BIOS) No such issues under Linux but haven't seen lesser energy expenditure there either. Disabling one/two/three "cores" does not make any difference at all in power draw. Only undervolting works to an extent. I could probably shave couple of Watts off by making the cooling passive (remove fan) but I am not sure it's worth the trouble. None of the big custom heatsinks seems compatible to fittings used with AM1 socket.

There isn't enough data in that bit of the crash. If the system saved a crash dump, submit it and/or copy paste the whole thing here, or at a minimum get the panic message and the backtrace (After the "db> bt" part of the crash dump output)

@Jason: @Harvy66: What causes more of these to get used? @Jason: The Intel igb driver, by default, sets up 1 queue per CPU core per NIC. … in pfSense 2.2.    (Which is the correct default.) @Jason: The C2750/2758 Rangeley boxes have 8 cores & 4 NICs. C2750 is Avoton, not Rangeley. @Jason: I ran into the same issue with my boxes at work which have (8) logical cores, (12) igb NICs, and (2) ix NICs.  You can either restrict the number of cores, the number of queues, or raise nmbclusters. raising nmbclusters is, by far, the best approach here.

No idea what package you mean. Download the i386 ISO from https://www.pfsense.org/download/ Install on some PC/laptop. Set up the primary console to serial (System - Advanced - Admin Access tab) Shut down and attach the HDD to Alix.

Site2Site is traditionally IPSecs business. You could try tinc, it's really cool. For end users, I tend to use OpenVPN because it's no hassle to install at all. But there are other cool solutions on the rise, waiting to be audited and to be proven. I particularly like the concept of SigmaVPN, utilising djbs NaCl for secure encryption at blazing fast speeds. In the case of OpenBSD, I also tried to deploy IPSec for end users and it did work well, too. (However, IPSec on OpenBSD is foolproof to install. I did not fiddle things out  on pfsense) If you look out for papers, IPSec is superior to all other VPNs in terms of speed, jitter and performance on bad network conditions. It has very little overhead, too. That comes in handy if you're working on the go using 3G and you used all your high speed data on your mobile plan - while OpenVPN tends to fuck the whole situation up (No productive work possible on RDP, ssh seriously delayed in comparison to IPSec), IPSec performs pretty well. I'm however continuing testing. Hope I could help.

I builded my last box (few months ago) with the Jetway NF9N with Intel Celeron N2930 and their GEN2 4XNIC Intel Daughter card. Totaled about $220 It is working very smoothly, then again my load is very low, home environment, 1 EXSi server (3 instances),  1 NAS, 1 Workstation, handful of mobiles devices.

@def4: sure that a fitlet X A10 is too slow? It seems to be the most powerful device on my list… Why exactly does Soekris suck? in case of the beagle I'd try OpenBSD... It's just a "can the hardware handle the load" thing :) By what metric do you think the Fitlet X is the fastest system? Soekris sucks because they release half-baked products at prices 50% higher than the competition 12 months later than everyone else and take years to fix issues, if they ever do.

Pricing is now there https://forum.pfsense.org/index.php?topic=86793.msg492134#msg492134

@BeerCan: Is the 4GB eMMC flash onboard used to install pfsense?  or is that for something else? I suppose it could be.  For a full install with snort, squid, etc. you'd want a mSATA card.

No prices announced… So let's wait and see how expensive this machine is going to be.

No, I think most people in this thread were already aware of the current aes-ni support. Steve

I recall from my dodgy memory that was fixed a while ago now, like maybe mid 2014 in an earlier 2.1.x build.

thanks for the quick answer ;) i think i will try to get a intel dual card then

@Jason: If you PURCHASE a pfSense appliance from either source you will get the VPN add-on; cmb said that the software loads are identical.  If you DOWNLOAD a free copy of pfSense you do not get the AWS VPN add-on. Correct.

It's in that link above. The 2D3 (500MHz) will push ~20Mbps as long as you are using the correct cypher (AES 128bit) and have glxsb selected. 128MB though is too small to do anything useful you have issues. 256MB is the minimum. The Alix 2D3 has a 500MHz CPU and 256MB RAM. The Dell is like a Supercomputer in comparison! Steve