It might be sounding something strange or rude, but it is also even a think what this
amount of users are doing! We use a APU2C4 for 70 users mailing and surfing together
with Squid & SquidGuard, Snort, pfBlockerNG and tinyDNS. This device is able to handle
~500 MBit/s at the WAN port.

If there will be ~60 VPN users I would more council to set up a  VPN server in the DMZ
that would be better to handle that amount of users, suing services and throughput we don´t know.

How does the APU2C4 compare to the Qotom J1900 ?

The Qotom J1900 is a little bit stronger in some disciplines, but worth spending money for, only in
my eyes and based on my mind. Better to go with a Jetway NF9HG-2930 and 8 GB of RAM and a small
mSATA. It is something around ~350 € but really capable to deliver 1 GBit/s at the WAN interface and
it comes with better routing power for VLANs too.

I will not say it will not delivering your needed 1 GBit/s at the WAN interface, but real 1 GBit/s over
OpenVPN AES-256 and this symmetric would not be really able to imagine or expecting, only my mind.

@BlueKobold:

And if you plan to cache data with squid as a proxy you may have a look at a SSD over a HDD.

I'm running a pfSense box with a 600GB White Label Velociraptor (10,000RPM). Good drive and are rather cheap on eBay (~$50 shipped) and come with a one year warranty.

Once my newer router comes in, I will get a pair of them and run as a RAID1.

Expanding the volume ain't enough. You need to expand the filesystem. Good luck with that. IOW, backup, reinstall and restore.

Dear All,
    After ugrading E3276 firmware, the modem successfully delivered IP address but I could not login to it's administration page in order to set parameters needed by the ISP. After several attempts with various methods, I gave up and restored the original firmware and replaced E3276 with ZTE MF90. All problem is gone now.

Best Regards,
Andry Bangun

If you're asking about the driver support for the Broadcom NICs, it should be supported by the bge driver.

Wow…  WTF??  <rolleyes>Dude your going to make lots of friends here with that sort of assitude

I didn't assume any of that shit..  I made a simple remark to the comment that comes up quite a bit about everything in 1 box mentality..  Which has nothing to do with proper wifi setup.. You seem to have gone off the freaking deep end like I was attacking you in some way??

"1st: You assume I'm an idiot. "

I didn't untiil now ;)  with a touch of Douche as well..</rolleyes>

@jimp:

@acascianelli:

I've actually been considering doing the opposite when 2.4 comes out.

Currently running a full install on my APU2 with a 60gb SSD, but I'm considering switching to a nanoBSD install when 2.4 comes out.

NanoBSD has been deprecated and does not exist on 2.4, thus the original purpose of this thread. You'll have to run a full install on 2.4.

Oh.  Well.  I guess that settles that.  Thanks!

As the title said, What is the Best USB Wifi 2.4GHZ"N" Adapter With Pfsense?

pfSense wireless interfaces

i have an old Laptop and i want to use it as a router with Pfsense so that i can use the traffic shaping function for online gaming.

Hm, I rella ydon´t know if this should be a good 2nd life for a laptop, but its your choice!

Please suggest the best USB wifi 2.4 "N" adapters to use! And if using a PCI card is more powerful please also suggest some good 2.4 N ones.

In normal I would have a look under the link from above or if I am in your situation a nice small 5 Port Switch
likes the Netgear GS105E or GS108E able to get for ~$25 or ~$40 and a sufficient nice WiFi N router that
comes with OpenWRT or DD-WRT and then let it run in the WLAN AP mode! Cheap, everywhere to get your
hands on and well working.

netgear r7000 with ddwrt is your best bet

Let them run in the WLAN AP mode and all is fine.

Well running and good working for me and friends are;

UBNT SR71-A and SR71-E Compex-WLE200NX miniPCIe > USB Adapter UBNT UniFi ac Pro WLAN APs MikroTik RB435G & RB493G & OpenWRT & miniPCI WLAN cards

Any way to try and reset it (software)

Install a Linux distro likes CentOS or Ubuntu and have a look if that will work normal then.

or replace it (hardware)

You should call the reseller or where you was buying it, LinITX perhaps.

or do I just buy the latest version with better CPU and better NICS?

SG-2220, SG-2440, SG4860 or SG-8860
PC Engines APUC2C4 smallest
Jetway NF9HG-2930 small
ASUS Q87T (i3,i5) big
AxiomTek NA342(R) smaller
AxiomTek NA343 small
AxiomTek NA345 small
AxiomTek NA361(R) mid range

Hi, I was wondering if a Supermicro C2558 with 8GB running on a SSD, would be able to handle a 1Gps connection.

No you wont! Also with the C2758 you might be not really hitting the 1 GBit/s range! Do a forum search
about that and you will be found many threads about that.

I believe the only think I need is it to handle a VPN connection.

If you choose the IPSec VPN you will be benefit from the AES-NI over AES-GCM algorithm.

For a real GBit/s at the WAN today or at the time you will need something that is more
Intel Core i3, i5, i7 or Xeon E3 that will be able to saturate one link with 1000 MBit/s.

options the ASUS Q87T and the Gigabyte GA-Q87TN

ASUS Q87T you will need the lastest BIOS F4, pfSense is running well on it.
GA-Q87TN is not really flawless running with pfSense on it.

APU2C4 will be nice to play with for a longer time
Jetway NF9HG-2930 will be the next fine running appliance
AxiomTek NA342 or NA361 will be coming nearly to this above.

Thanks for the advice.  I think I'm going to punch the button on the SG-4860 - probably overkill for my needs but hopefully will support me well into the future, especially if the Intel Quickassist technology becomes viable.  I also really like the idea of supporting the project and don't mind paying a bit of a premium to support software that works.

At first go with that SG-4860 you wont regret it anymore and anytime! For the VPN tasks, I would
give you the tip to chose the IPSec (AES-GCM) you would be able to get something around ~500 MBit/s
+/- some MBit/s more or less!!! It is based on using the AES-NI which is used by AES-GCM algorithm.

I'd like for OPT 1,2 to join in.  I have read what I can find but cannot see any help in this.
Can someone explain how to include multiple ports with 1 network?

On top of the bridge method shown by @stephenw10 you could try out two
other options that will run nice.

1.) You may create a LAG (LACP) with all three LAN ports to the switch that must be then also
supporting that LAG (LACP)! Cons, are that you will be creating one big pipe that is shown then
also as one Port only.

2.) You may need for this option also only dump switches that are coming without any web interface,
CLI or program to insert configurations.
set up for each Ethernet or LAN port one subnet likes;
eth 1 / LAN Port 1 = 192.168.1.0/24
eth 1 / LAN Port 2 = 192.168.2.0/24
eth 1 / LAN Port 3 = 192.168.3.0/24

And then you connect to each LAN port a dump switch that is then high up the entire port density
of your whole network! For sure this is based then on plain routing and not only one great network
but based on the routing capacity of your pfSense you will be able to regulate all your client PCs
and network devices that will be enrich the entire network too.

Not really 100% matching your criteria and what you want but able to realize with dump switches
without configuring them too.

Axiomtek NA342 / NA342R
since version 2.2.5

Axiomtek NA343 / NA343R
since version 2.3

Axiomtek NA345
since version 2.3

Axiomtek NA361 / NA361R
since version 2.2.5

All are running pfSense well since 2.2.5 but here and there must or should be customizing´s
or better tunings done. Likes enabling TRIM, high up the mbuf size and/or enabling PowerD.
AxiomTek Shop Germany

I'm about to purchase an 'Axiomtek NA580' (Link).
Adding an Intel Xeon 'E3-1225 v5' or 'E3-1275 v5', 16GB ECC RAM and a 'Samung 850 EVO' 250GB mSata SSD.

Would be a nice set up but I am really don´t knowing if pfSense will be playing nice with it.

Also I plan to add the 'Intel 8950 Coleto Creek' based 'Axiomtek NA E580' VPN accelerator card (Link) for the upcoming Intel QuickAssist support on FreeBSD/pfSense.

If you really need this or want this or what ever, you should be fair, because the hardware for assembling
and coding is really hard to pay for, and call the pfSense shop, tell them that they are not selling what you
are really needing, so you where assembling or choosing something by your own and you perhaps pay for
that pfSense version then 200 € or something in that region for a pfSense version with Intel QuickAssist
support, because I don´t really know if the normal public (Community Edition) available version will be
coming together with Intel QuickAssist support for us all! It could really be that only the version for the
Netgate or pfSense shop devices is sorted with that support.

I have an Orico USB RAID enclosure connected to a small 3rd generation NUC that I want to use as a remote file backup system.

Then I would be ensure that this devices are sorted with an sufficient APC UPS that the device is not
rebooting after an power outage and the device number will be changing depending on the USB bus!

Not 100% sure but I believe PoE means power over ethernet.

Thanks for the reply.
What packages do you have installed and how many users/devices ?

It depends on how much of a premium you pay. If it's a couple of bucks, get the C2558. If it's double, then get the N3700 and then upgrade in a year when skylake SOCs have better availability. You're basically making a bet that the QAT on the C2558 (a three year old part which is currently useless) will be more valuable in the future, and I think that's a bad bet. The maximum performance of QAT is lower than the real world AES-NI performance on current intel skylake cores, and the QAT implementation on the Atom chips is different than the QAT add in cards (and probably any future SOCs with QAT) meaning that it's relatively unlikely that they'll see a lot of future development investment from intel. It's been true for a long time in the industry that unless a hardware crypto part gets you an immediate benefit that you can't live without, it's a bad investment.

In normal the APU2C4 is set up as the following;

install the mSATA and then pfSense on it
– perhaps activate the TRIM support for the storage
-- high up the mbuf size or numbers if that is really needed
-- activate Powerd (high adaptive)

PC1 (server) to PC2 (client) using two LAN Ports
PC1 (server) tp PC2 (client) using one LAN Port and the WAN Port (with a Switch in front of it)

This might be the best option to know what you might be expecting form that kind of hardware
but then please without any kind of installed packet such as Snort, Squid, SuiqdGuard, pfBlockerNG,
and so on and so on, so you see it would be the best to test it with a fresh installed pfSense and not
later after all gets installed, so you will get the raw numbers and the numbers scaled down based on
the installed packets later!!!