Are you attempting to use Suricata in inline mode? There are known issues with that configuration (in Suricata, last I heard)

Try a 2.4 snapshot:

https://snapshots.pfsense.org/amd64/pfSense_master/installer/?C=M;O=D

Hopefully that works. If it does boot, the installer there has UEFI support.

It's in an alpha state so expect a lot of things to be shaky, but it's worth trying.

Hi

Just an update.  I installed Windows 10 and have run CPU-Z which is showing DRAM Frequency at 1599.3MHz, so all seems good and the 1066MHz is an incorrect value in the DMI table.  This is using Crucial/Micron memory.

Regards

Phil

I'm interesting to by this limilary devise.
It's to replace 4 pair nic on my cluster Pf on Fo mode.
If it's run on well. ^^

I have the same issue on my zotac ci323. Doesn't bother me at all, only happens during pFsense installation. Probably driver issue. How's 2.4 running on ci323. I'm keen to try it.

It's not quite clear from your wording what you're asking.

Do you mean the RPI2 is a serial client connected to the USB serial console port on the SG unit?

… and the console is no longer working?
... and the RPI2 is no longer working?
... and the SG-4860 is no longer working?
... and the SG-4860 is not connecting to the Internet?

Reset what port? The serial port? The WAN port? something on the RPI2?

I have an N3150 based mini-PC as a firewall, and as far as I can tell, it can handle 1Gbps throughput just fine. I could run some tests if you have something in particular in mind.

there is no pfSense that is able to run on ARM (except perhaps development builds at netgate HQ)

as for filling the 300mbit: that'll depend on the type/brand of vpn you wish to run ==> IPSEC vpn has aes-ni support that can dramatically speed up crypto / openvpn doesn't currently support it.

i haven't tried aes-ni ipsec on any of the c2758 atom boards at work  (see https://store.pfsense.org/SG-8860-1U/ )… others could probably confirm of deny if that'll be able to handle what you need

@lojden:

Will it handle 250/100 at full speed up/down over openvpn (AES 256)?

If you mean the J3710, likely yes, but you may have to use multiple tunnels combined into a gateway group to get the DL speed.

www,serverthehome.com is a good source for hardware

used 6 core dell westmere systems off ebay seem to be popular picks

Take a look here
https://forum.pfsense.org/index.php?topic=114202.0

Would you say this setup is overkill for home use by one person on a 100/100 connection? below are the applications I'll use pfsense for.

Would be ok

Firewall, Snort, Squid, pfBlocker-NG and SquidGuard

The amount of devices that must be served is counting here more then other things, also
the used protocols and services might be counting too.

OpenVPN with 100Mbps throughput

It might be something less than 100 pointed to your 100/100 Internet connection line speed.

External ac-AP

Might be better as an internal because ac isn´t supported yet.

JFI….......

Just received my Chinese I350-T4 and working just fine for pfSense on SuperMicro server. I don't see Intel written any where on the board, but pciconf -lv reports these:

igb0@pci0:3:0:0: class=0x020000 card=0x00018086 chip=0x15218086 rev=0x01 hdr=0x00     vendor    = 'Intel Corporation'     device    = 'I350 Gigabit Network Connection'     class      = network     subclass  = ethernet igb1@pci0:3:0:1: class=0x020000 card=0x00018086 chip=0x15218086 rev=0x01 hdr=0x00     vendor    = 'Intel Corporation'     device    = 'I350 Gigabit Network Connection'     class      = network     subclass  = ethernet igb2@pci0:3:0:2: class=0x020000 card=0x00018086 chip=0x15218086 rev=0x01 hdr=0x00     vendor    = 'Intel Corporation'     device    = 'I350 Gigabit Network Connection'     class      = network     subclass  = ethernet igb3@pci0:3:0:3: class=0x020000 card=0x00018086 chip=0x15218086 rev=0x01 hdr=0x00     vendor    = 'Intel Corporation'     device    = 'I350 Gigabit Network Connection'     class      = network     subclass  = ethernet

and this is by dmesg:

igb0: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xfae00000-0xfaefffff,0xfad7c000-0xfad7ffff irq 30 at device 0.0 on pci3 igb1: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xfac00000-0xfacfffff,0xfabfc000-0xfabfffff irq 37 at device 0.1 on pci3 igb2: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xfaa00000-0xfaafffff,0xfa9fc000-0xfa9fffff irq 39 at device 0.2 on pci3 igb3: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xfa800000-0xfa8fffff,0xfa7fc000-0xfa7fffff irq 38 at device 0.3 on pci3</intel(r)></intel(r)></intel(r)></intel(r)>

Not sure if that actually mean anything.

-San

@Spencer1990:

Just wanted to update the thread and say I changed my build to something more compact. Please let me know if you think it will work fine for my needs. Thanks again

GIGABYTE BRIX GB-BSi5HAL-6200 (Mini Pc with Intel i5 6200U)
2x8GB G.Skill DDR4 2133
Samsung 850 Evo M.2 250GB

Here you can take a look on a review of similar miniPC with Intel i5 5200 and two Realtek Nics, its performance are really good… so I expect something better from your Gigabyte Brix.
https://blog.codinghorror.com/the-scooter-computer/

@KOM:

I was looking at this exact unit.  How powerful is the built-in wifi?  I was assuming it would be weak and a real AP would be in order.

I'm not sure, it's not being recognized by my setup however i did read here somewhere someone got it working, not sure if they replaced the card inside or used the stock that comes with the box. I have it hooked up to switch and my old WNDR4500 with ddwrt as an AP

A quick Google found these.  The pfSense Hardware page will answer some of your questions.  Atom is already a CPU in pfSense shipping hardware.

https://www.pfsense.org/hardware/

http://www.firewallhardware.it/en/pfsense_selection_and_sizing.html

We're going to need more information.  How is everything wired up?  Are you connecting one of the NICs directly to the ISP gear?  Is there a switch in between? VLANs?  My first thought, especially if you're connected directly to ISP gear, is check that your NICs negotiation matches the port it's connected to.  Might need to be manually set; I've seen that happen with ISP provided Cisco gear, for example.

using a core2 e6420 with 4gb ram and a 160gb hd here (old old pc) and added 2x intel pcie gigabit nic. for one user, me - works fine for 250/20 cable using squaid, squidguard, snort, pfblocker,etc

would suggest zoltac ci323 with 8gb and a ssd for new home builds on the cheap

@DigitalDick:

I will have my EE Bright Box 2 connected via VDSL, connected to above PFSense box, then to my network

I'm not familiar with that particular VDSL box.  Can it be put into bridge mode?  Ideally that's what you want.  But be aware that if it is in bridge mode (acting as a modem only) you will require an additional wireless access point on your LAN.  So pfSense takes over the routing/firewalling and the access point takes over providing wireless LAN access.

Not that I know of.