Also I got yesterday a Dell OptiPlex 790, core i5 sandybridge, but my Intel based dual Ethernet card : HP NC7170 PCI-X Dual Port 1000T Gigabit Server Adapter is too long as it cannot be seated into the pci slot. Since it touches one of the heat sinks on the motherboard. So what times 1 pci express card or times 16 pci express should I buy?

Something like the FreeBSD equivalent of NotMyFault
https://blogs.technet.microsoft.com/markrussinovich/2011/01/09/blue-screens-in-designer-colors-with-one-click/

If you have physical console access (whether via video out or serial), just do the following:

Disconnect all the ports. Enter the Shell (Option 8) Connect a cable to 1 of the NIC ports and an active device (computer or switch port) Run the following command: ifconfig The interface that shows a carrier up is the assignment to that particular physical interface Repeat steps 3 & 4 for each physical interface

@richtj99:

I bought this nic card:
http://www.amazon.com/Intel-1000-Dual-Server-Adapter/dp/B000BMXME8

I am not sure if this will fit on my mobo (doesnt look like it).  Before I fry the board & have a paperweight, will that work?

In the part description you can read the following statement to:
- Compatible with x4, x8, and x16 full-height PCI Express slots

@matthewdeets:

That's good to know. Thanks again for the added info! :)

By rule of thumb;
16 GB firewall only
30 GB Snort & pfBlockerNG
60 GB Squid & Snort & pfBlockerNG
120 GB Squid (caching proxy) & Snort & pfBlockerNG
more GB = more users, more traffic and more cached objects

Thank you Derelict for the response.

This is what I am Planning now.

In each floor,

3    X  Engenius EAP300  running on same SSID connected to unmanaged switch.
4    X  Network Printers connected to same unmanaged switch.

The unmanaged switch from each floor is connected to 28 port Cisco SG300 Managed switch. The ports are protected so there is no communication between floors. This will prevent users from one floor sending Print command to Printer connected to another floor.

The SG300 Cisco is connected to Pfsense Box  #1 which will have the following settings :

1)  LAN IP 192.168.4.1/22    ( since I have ~ 400 users)
2)  DHCP server
3)  Common Captive Portal
4)  Freeradius to keep a check on each users monthly quota of Internet Usage.
5)  A simple proxy ( Squid + Squidguard) to prevent access to unwanted sites.

The Pfsense Box #1 is connected to a Load Balancer (PFsense Box #2).

So now there are no VLAns. ( The VLANs things were getting too complicated as it is Coworking environment with ~50-60 teams of different sizes, not feasible to provide that).

Are there any flaws in this setup. Is there something that I should take care.

Thank you all for your support. The reason I love Pfsense is the support I get from you all.

Regards,
Ashima

For a firewall only usage this might be the best option then, but for 700 MBit/s I really don´t know if this
would be going fine then. Better then to go with the SG-2440 or SG-4860.

Instead of the Dell, what about adding a SmartArray controller to the DL320e instead of the onboard junky one?

I'd rather have quality NICS and an add-on RAID card than a solid RAID card and wonky NICs for pfSense.

A P430 array or some such should work with FreeBSD-10.1.  Shouldn't it?

Just my $0.02.

That would be enough to disqualify it for me

This comment was because of the Realtek NIC-Performance on Realtek is poor.

This allows anybody to built a nice pfSense box strong as he needs it and upgradeable from the lowest bottom
to the highest top. So I don´t understand what should be wrong with it.

VERY GOOD POINT - I like this one. 
If it was not for the NIC issue, I would have looked at it.  Would need to see if I could put in an M350 and still keep it cool and quiet. Faster processors need big heat sinks and/or fans which would be a problem for my application as I need small and quiet.

And if the dimensions are counting or are important you could also have a better look on a fully assembled
Supermicro SuperServer E200-9B in the mini-ITX format and matching well all criteria and small on top of all.

I'm looking at this, but will likely buy the X11SBA-LN4F-O motherboard (which is the board used in that server),
and install it in an M350  http://www.mini-box.com/M350-universal-mini-itx-enclosure  because of:

Beter air flow

Ability to get the correct revision of the motherboard - must use a PCB 1.02 or the board has to be RMAd due to a problem with the NIC.  https://forum.pfsense.org/index.php?topic=111389.msg621343#msg621343

Thanks for the input.  :)

Hey guys

I have a similar problem on FreeBSD/FreeNAS and I just wanted to ask if you ever found a solution?

The error message from above:

Tracing command kernel pid 0 tid 100018 td 0xfffff80003224000
sched_switch() at sched_switch+0x2b3/frame 0xfffffe001a3aeab0
mi_switch() at mi_switch+0xe1/frame 0xfffffe001a3aeaf0
sleepq_wait() at sleepq_wait+0x3a/frame 0xfffffe001a3aeb20
msleep_spin_sbt() at msleep_spin_sbt+0x1a3/frame 0xfffffe001a3aeb80
taskqueue_thread_loop() at taskqueue_thread_loop+0xfd/frame 0xfffffe001a3aebb0
fork_exit() at fork_exit+0x9a/frame 0xfffffe001a3aebf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe001a3aebf0
–- trap 0, rip = 0, rsp = 0xfffffe001a3aecb0, rbp = 0 ---

Tracing command kernel pid 0 tid 100014 td 0xfffff80003225490
sched_switch() at sched_switch+0x2b3/frame 0xfffffe001a39aa90
mi_switch() at mi_switch+0xe1/frame 0xfffffe001a39aad0
sleepq_wait() at sleepq_wait+0x3a/frame 0xfffffe001a39ab00
_sleep() at _sleep+0x287/frame 0xfffffe001a39ab80
taskqueue_thread_loop() at taskqueue_thread_loop+0xd5/frame 0xfffffe001a39abb0
fork_exit() at fork_exit+0x9a/frame 0xfffffe001a39abf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe001a39abf0
--- trap 0, rip = 0, rsp = 0xfffffe001a39acb0, rbp = 0 ---

I do see something like that - here's the https://bugs.freenas.org/issues/15089 –> second.jpg ...

I'd appreciate any help!

Thanks and best regards

If 10.3 loaded the firmware the same on the same system, then you rebooted into pfSense, then it would "just work". Unless maybe if you power cycle in between and it loses the firmware update in that process, though I don't think that would be the case. I'm not extremely familiar with the internals of what that driver does with firmware.

@edwardwong:

Using 2x4GB dual channel probably a better idea.

BTW, what is the system requirement? Pentium G4400 is also not a very powerful processor, going for embedded one would be a better idea since you can save space, and reduce heat….

I am posting for a friend who will is very close to getting a job abroad where gigabit Internet is common.

So which embedded one is recommended?

I've found a couple good deals on Intel cards, single, dual and quad ports on ebay as well as newegg and amazon. Be sure to do your research and get one that is both supported and is going to meet your needs.

The pfSense store offers a nice quad port card too, not a bad place to start your shopping and eliminates the "do your homework" factor:

https://store.pfsense.org/AOC-SGP-I4/

Just got my service installed today, Core2Duo is running this thing just fine with 30-40% CPU load

Area is still under upgrade, upload / download will be a bit higher.

So far, happy, no need to upgrade :)

Thanks all for your input/help.

What is scary here? if you are aware to use that card please don´t use it, but don´t tell me that I should not
suggest it or use it by my own, thank you.

I didn't tell anybody what they "should" do; I simply mentioned the issues with ebay lottery. Sorry you took it that way, it's not what I meant.

I was not speaking about faked cards or cheap Chinese reproductions here, I was talking about refurbished cards
or used items at eBay and not the new ones! And yes this cards will be able over eBay or Amazon.xyz refurbished
and/or used for $99.

Fair enough - I looked some time ago to some auctions and personally, I couldn't tell the difference between a "fake" refurbished and an actual one. The pictures were reused and some comments indicated some sellers were dishonest. But that was just my experience.

I think the network card is great and it would have been amazing to see that the so-called OEM cards were somewhat reliable; a 4x intel card at around ~50$ would make a lot of folks happy :)

Yes this is right but this ones are then the pretty newer one that will be not in usage before, or so called
factory new or brand new. This ones I love too, for 200 € - 300 € here in Germany (Intel i350 & i354)
this are fine cards acting fast and stable, in my eyes.

I'm still debating whether for a home firewall (with 2 ports) a 4x card would make sense. The network card has bigger buffers but at the same time it looks like the power consumption is higher  as well…

See this previous post (has some nice links):
@sudonim:

From my research and experiments, you need an older system that uses an "em" driver card not an "igb" card. https://kdemaria.wordpress.com/2015/04/22/how-to-configure-pfsense-2-2-2-for-centurylink-gigabit-seattle-edition/#comment-300

You might have bad luck with PPPoE and gigabit with an igb card because of this issue: https://redmine.pfsense.org/issues/4821

You have to compile the kernel with that option in the kernel config file.