Well right before a workout I had no internet connection.  After making my way through the house to my horror this machine was loop rebooting. I just started a diet and let's just say my mind isn't 100% atm. Anyway - I reconfigured an access point to be a router while I went to the closet and pulled an old machine off the shelf. I took the same quad nic that was in the t3500 and put it in the "shelf" computer.  I loaded the lastest iso cd of Pfsesnse and with a usb stick including the /conf/config.xml the pfsense rig was up and running literally within 10 minutes. Gave me time to figure out that the t3500's PSU died. Something to note about this particular computer is it doesn't require a proprietary PSU and I slammed in something I had in a closet. (cooler master 750)  Works great! Yes it's a mess in there - I was in a hurry! [image: boneyard.jpg] [image: boneyard.jpg_thumb]

About 100 users It might be more interesting to know how much traffic they are producing! Multi-WAN (load-balancing) scenario with 3 connection of 500Mbps each Might be more tended to the rest of the clients and services that are offered! Load balancing can be done in three different ways such; policy based routing (many clients in/out sending) service based routing (different services by different ISPs in usage) session based routing (server session based and more for many devices in the DMZ) Router redundancy: I would need extra Ethernet port and 2 servers Ideally two identically units such 2 x 4860 or 2 x 8860 and using CARP then OpenVPN server: roaming and point-to-point Also an Xeon E3-12xxv3 system or an Intel Xeon D-15xx platform will be good then Snort or Suricata IDS Captive Portal Squid (possibly, not sure yet) 50% - 50% I will say it is not really even clear to me what services are running, what protocols are in usage and how many and what exactly of traffic will be generated, in some times it will be wise to buy and go with a SG-4860/SG-8860 unit from the pfSense store and/or a self made Xeon E3 unit that will be for sure hard and strong enough plus you may be able to add some RAM later on top if really needed!! So it would be more or less a question what is really going on in that network. I would assume that also the SuperServer 5018D-FN8T or the SuperServer E300-8D would be ideally together with two D-Link DGS1510-24 layer3 switches! enough power enough ports enough space enough RAM capacities Intel Xeon D-1518 4 Cores / 8 Threads up to 128 GB DDR4 2133 RAM M.2 socket, mSATA or SATA-DOM 2 x SFP+ & 10 x  GB LAN Ports Intel based Cool solution in my eyes.

so I was wondering if there was anything I could run on it that would use some of the extra ram to improve the network in some way? Thanks in advance for any help :). high up the mbuf size to 1000000 high up the Squid RAM size more RAM disks or for caching Using Squid, Snort, pfBlocker-NG and VPN will be fine with that amount of RAM the first thing I would realize is the mbuf size increasing.

Do I really need AES and QI Might be that you are not needing it really, but if you are using IPSec it will be perhaps better to have AES-NI to speed up your IPSec VPN and if QI is fully integrated and will be used in pfSense it might be fine pushing up more then only one or two things how knows it really? As an WiFi ac AP you might be better sorted with your old one, that will be pimped up with OpenWRT or DD-WRT regarding to the given functions and options. Otherwise UBNT and MikroTik will be able to serve you better too in my eyes according to the range of WiFi options.

Bug has been open 1 year ago. Not much progress on this by now. Hope in the new major version to get some improvements.

Never mind. After putting 1 unit with the vent down and discovering it was a pop rivet, I did the same with the other and with a little gentle shaking, got the second one out as well.

Are you attempting to use Suricata in inline mode? There are known issues with that configuration (in Suricata, last I heard)

Try a 2.4 snapshot: https://snapshots.pfsense.org/amd64/pfSense_master/installer/?C=M;O=D Hopefully that works. If it does boot, the installer there has UEFI support. It's in an alpha state so expect a lot of things to be shaky, but it's worth trying.

Hi Just an update.  I installed Windows 10 and have run CPU-Z which is showing DRAM Frequency at 1599.3MHz, so all seems good and the 1066MHz is an incorrect value in the DMI table.  This is using Crucial/Micron memory. Regards Phil

I'm interesting to by this limilary devise. It's to replace 4 pair nic on my cluster Pf on Fo mode. If it's run on well. ^^

I have the same issue on my zotac ci323. Doesn't bother me at all, only happens during pFsense installation. Probably driver issue. How's 2.4 running on ci323. I'm keen to try it.

It's not quite clear from your wording what you're asking. Do you mean the RPI2 is a serial client connected to the USB serial console port on the SG unit? … and the console is no longer working? ... and the RPI2 is no longer working? ... and the SG-4860 is no longer working? ... and the SG-4860 is not connecting to the Internet? Reset what port? The serial port? The WAN port? something on the RPI2?

I have an N3150 based mini-PC as a firewall, and as far as I can tell, it can handle 1Gbps throughput just fine. I could run some tests if you have something in particular in mind.

there is no pfSense that is able to run on ARM (except perhaps development builds at netgate HQ) as for filling the 300mbit: that'll depend on the type/brand of vpn you wish to run ==> IPSEC vpn has aes-ni support that can dramatically speed up crypto / openvpn doesn't currently support it. i haven't tried aes-ni ipsec on any of the c2758 atom boards at work  (see https://store.pfsense.org/SG-8860-1U/ )… others could probably confirm of deny if that'll be able to handle what you need

@lojden: Will it handle 250/100 at full speed up/down over openvpn (AES 256)? If you mean the J3710, likely yes, but you may have to use multiple tunnels combined into a gateway group to get the DL speed.

www,serverthehome.com is a good source for hardware used 6 core dell westmere systems off ebay seem to be popular picks

Take a look here https://forum.pfsense.org/index.php?topic=114202.0

Would you say this setup is overkill for home use by one person on a 100/100 connection? below are the applications I'll use pfsense for. Would be ok Firewall, Snort, Squid, pfBlocker-NG and SquidGuard The amount of devices that must be served is counting here more then other things, also the used protocols and services might be counting too. OpenVPN with 100Mbps throughput It might be something less than 100 pointed to your 100/100 Internet connection line speed. External ac-AP Might be better as an internal because ac isn´t supported yet.

JFI…....... Just received my Chinese I350-T4 and working just fine for pfSense on SuperMicro server. I don't see Intel written any where on the board, but pciconf -lv reports these: igb0@pci0:3:0:0: class=0x020000 card=0x00018086 chip=0x15218086 rev=0x01 hdr=0x00     vendor    = 'Intel Corporation'     device    = 'I350 Gigabit Network Connection'     class      = network     subclass  = ethernet igb1@pci0:3:0:1: class=0x020000 card=0x00018086 chip=0x15218086 rev=0x01 hdr=0x00     vendor    = 'Intel Corporation'     device    = 'I350 Gigabit Network Connection'     class      = network     subclass  = ethernet igb2@pci0:3:0:2: class=0x020000 card=0x00018086 chip=0x15218086 rev=0x01 hdr=0x00     vendor    = 'Intel Corporation'     device    = 'I350 Gigabit Network Connection'     class      = network     subclass  = ethernet igb3@pci0:3:0:3: class=0x020000 card=0x00018086 chip=0x15218086 rev=0x01 hdr=0x00     vendor    = 'Intel Corporation'     device    = 'I350 Gigabit Network Connection'     class      = network     subclass  = ethernet and this is by dmesg: igb0: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xfae00000-0xfaefffff,0xfad7c000-0xfad7ffff irq 30 at device 0.0 on pci3 igb1: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xfac00000-0xfacfffff,0xfabfc000-0xfabfffff irq 37 at device 0.1 on pci3 igb2: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xfaa00000-0xfaafffff,0xfa9fc000-0xfa9fffff irq 39 at device 0.2 on pci3 igb3: <intel(r) 1000="" pro="" network="" connection,="" version="" -="" 2.5.3-k=""> mem 0xfa800000-0xfa8fffff,0xfa7fc000-0xfa7fffff irq 38 at device 0.3 on pci3</intel(r)></intel(r)></intel(r)></intel(r)> Not sure if that actually mean anything. -San