Thank you all so much, maybe this will help another person in my position.

OPENVPN FOR THE WIN!

General discussion; agreed.
I would and do recommend the Aruba Instant Wireless 105 (2x2 MIMO).  Does not require a controller, cloud or physical.  The 135 is a 3x3 MIMO, but may be overkill.  Be careful about layout in 2.4gig spectrum.  Remember you need gig switch interfaces and 802.11af.

Rudi

To quote the Cresta RCE1106 manual:

Accuracy:

Voltage: +/-3% of value measured Current: +/-3% of the value measured +/-0.03A Power: +/-5% of the valve measured +/-10VA kWh: +/-5% of the value measured+/-0.1kWh

That seems about what I'd expect from a plug top style meter costing <£50. I imagine my own meter is similar. I have a hard time believing the figure giving by Kill-a-Watt.  :-
This seems to support that: http://forums.anandtech.com/showthread.php?t=137169

I'm not going to stop using it though. Much better to have some reading for comparison that no data.  :)

Steve

Perhaps a suitable workaround would be to go to System -> Routing click on Gateways tab and edit your gateways to increase the Frequency Probe (more correctly called the Probe Interval) and the Down time so the gateway monitoring is a bit more robust over busy periods.

With our power rates payback is about 5 years for the SSD's direct power use, if power prices don't go up. Savings in air conditioning will be about double that, in Arizona we spend a lot keeping cool. So figure breaking even in a couple years.

Add in all the other goodies you get with an SSD and I figure it was a good deal for me since it was a "free" upgrade at worst. Besides all my other boxes that get used regularly have had SSDs added as their primary/only drives and the pfSense box was the last spinning drive I had for other than bulk data storage.

My pfSense setup is pretty basic, no packages or fancy filtering so load on whatever drive is in there is low so there is little gain from the traditional benefits of an SSD. Speed? Who cares if it boots faster, that is likely to be a twice a year event when I shutdown everything here for a dust blowing session or if I need to reboot after an upgrade. Noise? Never heard much noise from the old pfSense box and drive, an IDE one dating back to maybe 1999 in a 2001 Dell GX100.

I had to put some type of drive in the refurbished system I got for my new pfSense install, it had to be SATA and I didn't have any likely candidates in my parts bin so I had to buy something making the power use payback about the only real factor in the SSD/Rust decision for me.

My Dell OptiPlex GX520 SFF
Intel Pentium 4 HT 3.00GHz
512MB
40GB SATA

100Mb peaks IDLE without traffic sharping
0% CPU
29% RAM
1% HDD

Full 100Mb peaks (Steam Diwnload) with traffic sharping
27% CPU
34% RAM
1% HDD

Onbroad Broadcom for LAN up to 1Gbps but my switch is only 100Mbits.
3com 100Mbits PCI slot for WAN

@Altar:

So I got it working by disabling VLAN_HWFILTER and VLAN_HWTSO on the nic.

Hope this helps.

Best,

edit : Actually, you just need to disable VLAN_HWFILTER but pfSense disable TSO by default so I also took VLAN_HWTSO out of the equation :)

If I have time, I'll try to enable TSO and VLANTSO and see if it works or not on this nic.

Glad to hear that. That does not help in my case.

I just ordered the Jetway MB + Intel 4xGb daughter board and will give it a go in a M350 case that I got here. It may be a little overkill, but I got all parts needed in the bin except the parts ordered + a Core i5-3320M.

Hacom sells almost the same setup as Jupiter IV OpenBrick-M for $2000 and says it should do 400Mbps IPSEC AES256 and 3Gbps firewall throughput. So it´s a lot of bang for the buck.

If it powered itself off, the usual suspect is heat.

It really is RAM rich.  An old notebook with 2 GB.

What started the thinking about this is that the Quick/Easy install creates a 2 GB swap space, and was thinking about using a 2 GB USB Flash stick.  And 2GB swap space seemed kind of excessive considering it will never get used under normal circumstances (except for a crash dump).  Can’t remember the last time that happened aside of me doing something stupid.

But the 2GB USB Flash stick is off the table now anyway, because the ones I have write too slow.  Read is marginal.

pfSense 2.2 should be based on FreeBSD 9 or 10. I haven't seen any timelines for when we might see first 2.2 Snapshots.

@ncisi74:

Hi, I'm new to pfSense and the forums and was wondering if it is possible to use pfSense as a DSL router, like my ISP provided to me.

Thanks

I was having serious bandwidth issues with my Zyxel PK5001Z from Centurylink and pfSense. Torrents downloads were erratic and unpredictable. Sometimes I had great speeds and other times were just dismal. Things were great with the pfSense box out of the loop. I happened upon a suggestion that I switch the Zyxel to Transparent Bridge mode. Once I found the instructions it took about 10 minutes to get it going. My pfsense box was already set for DHCP for my WAN connection so all I had to do really was setup the modem and restart both boxes. Here's some instructions from Centurylink: http://qwest.centurylink.com/internethelp/modem-pk5001z-adv-bridging-ctl.html

Of course your carrier may be different.

Running pfSense 2.03 and SNORT on an ASUS B75 chipset microATX with i3-3220 CPU + 16gb RAM  + 120GB SSD + 2 Intel EXPI9301CT PCI-Express Gigabit NICs.

This has finally cured my bandwidth issues where the connection would just seem lost or severely lagging.

Thanks, it works.
but i can't do automount
/etc/fstab:

/dev/ufs/pfsense0 / ufs ro,sync,noatime 1 1 /dev/ufs/cf /cf ufs ro,sync,noatime 1 1 /dev/ufs/ad4 /mnt ufs rw,sync,noatime 1 1

in dmesg no errors
mount -a work properly

P.S. Sorry for my bad english

I would have to agree that the CPU in the N54L is a bit underpowered for heavy duty work.  It will do quite well in the pfSense role and if you're not pounding NAS4free they should both be fine under ESXi.

HP are supposed to announce the successor to the N54L tomorrow.  The price of the N54L might come down after the announcement - or it might not, if there is still demand because HP prices the new ones too high.

There are a couple of sites out there that list compatible 8GB DIMMs but, with earlier models people seemed to have mixed success.

If you are buying a used NC360T (or any dual-port) NIC, make sure it comes with a low-profile bracket.  Getting the DIMMS and NICS in or out is a PITA.  That's something HP have certainly fixed in the new models.

@MotET:

was not 100% certain I still had the cables, let alone knew where they were at.

Ha! I feel your pain. probably time to sort out my cable bin.

@MotET:

Ok, next is what kind of HDD tray are people using to mount in the available space?

The caddy is the same as the X-Peak box so:

Although some X-peak boxes seem to have included the hard drive caddy most didn't. However it is possible to get one from a laptop that fits. One laptop that had a suitable caddy is an ECS-320. In the UK it was sold rebadged as an Advent 7081 and also Patriot 2005. Possible models that used the same caddy are Advent 7086, 7094, and ECS 321. You need the metal tray that holds the HD and also the adapter that fits the socket on the motherboard.

They are available on Ebay etc. I should add that to the docs.
E.g.: http://www.ebay.co.uk/itm/Advent-7081-G320-Patriot-2005-HDD-Caddy-Connector-/370379040455

Note the difficulty that booting from the HD can cause. The 'quirky' bios does not like some disk geometries. There is a workaround described in the docs but it's ugly.  ;)

@MotET:

Am i correct in assuming that "hw.msk.msi_disable=1" disables one or more of the last 4 ports?

Nope. It disables Message Signalled Interrupts just for the msk driver. All 4 ports continue to function normally, maybe slightly slower or greater CPU overhead but I haven't seen it.

Steve

@3n1gm4:

I have also tried to create a bridge interface with LAN and OPT1 bridged with Interfaces-> assign -> bridges.  Then assign the bridge to the OPT1 interface.  This also did not work.

The executive summary "did not work" is not informative. What wre you expecting to happen that didn't happen?

An obvious problem with what you report here is that the default firewall rules for all interfaces EXCEPT LAN block all traffic.

If I recall correctly there are a number of posts in the wireless forum about bridging wired and wireless interfaces. See if you can find a couple of those and ask again if you need to.

Please define 'not able to assign'. You mean at the CLI? Or inthe webgui you click the '+' sign to add a new interface and it's not there (or no + sign at all)?

Occasionally a NIC/driver will not initialise correctly. Check the boot log for errors:

cat /var/log/dmesg.boot | grep em0

or something similar. You may see something like:

device_attach: em0 attach returned 6

As in this thread: http://forum.pfsense.org/index.php/topic,36616.0.html

Steve

Yup.. precisely. no matter how stable my CARP is.. if the ISP modem fails I lose my real gateway.

tnbirdma:

I had the same question a while ago. I think the best thing to do is set up a diy NAS that connects to a switch. You can use FreeNAS or Nas4free. You will have much more control of a set up like that. You can add multiple drives, use ZFS, etc..

I think your card has one 82571EB controller, with two ports.

Yes, you're right.

Good luck with the DC7800.