Yes but as Wallabybob pointed out your NICs may not work under 1.2.3 which would make it a lot more difficult (if not impossible). Why not just install 2.0.2? You can import a 1.2.3 config file if you have hundreds of firewall rules you need to use.

Steve

@fmaus:

May this help somehow?

Yes, helpful in terms of showing there is an opensource driver for Linux for that device.

Edit: In a few minutes googling I failed to find any evidence of support for this device in FreeBSD or evidence of a port of the Linux qmi_wwan driver to FreeBSD.

Almost anything you have laying around already will be capable of 50Mbps throughput. Your netbook will do it. I have a small collection of old computers here which are on their way to be recycled all of which could easily do it and they were all given to me for nothing. So 'cheapest' is free.

Do you need to run any packages (Squid, Snort etc)? Or use VPNs?
Do you have any other requirements such as many interfaces or quiet running?

Steve

@elementalwindx:

If I policy all internet traffic port 80 and 443 to go thru 1 gateway, that kind of negates the point of having a round robin connection. :/

Yes. However you said:
@elementalwindx:

The DSL is mainly meant to be there for the exchange server portion of our internet needs and the cable internet is meant to be for everything else.

So I suggested that could achieve that without load balancing.

Have you enabled 'sticky connections'? That can work around websites that don't play nicely.

If you did policy route all web traffic via a single WAN that would at least confirm whether or not the load balancing is causing the problem. From your description it could simply be that the site(s) have some slow loading adverts.  :-\ I don't know what you could do about that, I guess you could block the ads.
Are you in fact blocking anything like that? If not setup to serve some alternative some browsers will wait for a long time trying to load blocked content.

Steve

I've just been ignoring it for the time being as it hasn't affected the functionality AFAIK.  I need to do an upgrade and add some more nics.  I might give 2.1 a shot.  Not sure.

@wallabybob:

@matguy:

And, actually, I hope to have Gb to my home in less than a year, assuming plans go well: http://gigabitseattle.com/

You are very privileged. For monthly subscription to a 128kbps "broadband" service with a 1GByte traffic quota my friends in the Solomon Islands would have to pay about half a teacher's monthly salary (if the service is even available in their area).

I do feel very fortunate to have this to look forward to, I just wanted to point out that the OP might be similarly privileged, and he may very well have Gb to the home sooner than a few years away. One person's situation is not everyone's, especially when it comes to broadband access.  Plus, I wanted to point out that having anything over 100Mb makes the Gb interface requirement a necessity if you want to get the full capabilities of your connection, which is available in a lot of places right now.

Ok, got some resoults.

On pfsense 2.0.2 i386

with 2x MOBO interfaces on and 2x dual intel interfaces system is stable no more bge: watchdog ….
so it seems that two PCI cards conflict with MOBO interfaces.
Now I try pfsense 2.1 amd64 beta 1 with 4 broadcom NICs.

On 2.1 amd64 no change, still bge: watchdog ...

@stephenw10:

@mr_bobo:

The N300 doesn't perform SPI

Just for information… ;)
I would be very surprised if that was true. The Netgear is probably running am embedded Linux of some description and using IP tables. That is a stateful firewall. Though you haven't said exactly which model so I suppose it might be possible.

It's the DGN2200v3 N300 Modem Router and states it has IDS and DoS protection. The N600 Modem Router specifies it does SPI and DoS protection. I believe it is running a Linux distro but with the exception of when I ran the Shields-Up scan against it at grc.com, which it classified as a null scan, everything else it logged for the 4 days I ran it before bridging was classified as a DoS attack: ACK Scan.

[DoS attack: ACK Scan] from source: 66.219.34.171:80, Wednesday, January 16,2013 10:42:06    [DoS attack: ACK Scan] from source: 42.121.96.154:1025, Wednesday, January 16,2013 10:21:57    [DoS attack: ACK Scan] from source: 67.213.209.173:6000, Wednesday, January 16,2013 09:48:56    [DoS attack: ACK Scan] from source: 42.121.96.154:80, Wednesday, January 16,2013 09:37:03    [DoS attack: ACK Scan] from source: 42.121.96.154:80, Wednesday, January 16,2013 09:26:21    [DoS attack: ACK Scan] from source: 42.121.96.154:1025, Wednesday, January 16,2013 09:17:18    [DoS attack: ACK Scan] from source: 42.121.96.154:80, Wednesday, January 16,2013 09:15:49    [DoS attack: ACK Scan] from source: 42.121.96.154:80, Wednesday, January 16,2013 09:13:56    [DoS attack: ACK Scan] from source: 42.121.96.154:1025, Wednesday, January 16,2013 08:50:48    [DoS attack: ACK Scan] from source: 42.121.96.154:1025, Wednesday, January 16,2013 08:47:46    [DoS attack: ACK Scan] from source: 42.121.96.154:1025, Wednesday, January 16,2013 07:37:28    [DoS attack: ACK Scan] from source: 91.212.124.132:29000, Wednesday, January 16,2013 06:56:47  [DoS attack: ACK Scan] from source: 63.247.91.154:22, Tuesday, January 15,2013 13:52:18     

I have serious doubts it was logging everything it blocked due to the large number of varied log entries I had with pfSense within an hour of setting it to do the firewall duties. It may well be doing SPI, and I run the pf firewall on my computers so I wasn't worried, but it didn't instill any confidence in me for it as far is it being a firewall beyond doing NAT.

Glad you got it fixed and thanks for following up. I came from IPCop myself.  :)

Steve

@matguy:

it's open to suggestion

:D

The bios will usually only do any sort of CPU frequency control in response to overheating or it you've manually set the speed in the the setup.
The dynamic frequency control that save's power during normal running has to controlled by the OS as only it knows what the current CPU loading is. As well as underclocking in any modern cpu (newer than P4) it also undervolts the cpu.

Steve

@NOYB

Was the main reason I decided on a laptop

Thanks for the addition NOYB….

@wladikz:

i use it in 2.0.1 with drivers built by me using sources from Intel web site

Thanks for the info, but I wouldn't have the first clue in creating drivers - any hints/tips?

Thanks

this may take longer than expected. i think i messed up the soldering and killed the keyboard!. just so that i can be 100% sure can someone reonfirm the pin out for me please? i really dont want to have kill another keyboard

@reboot-me:

Yesterday I tried a "StarTech ST1000BT32 Gigabit Ethernet Card 10/100/1000Mbps PCI 1 x RJ45" http://www.newegg.ca/Product/Product.aspx?Item=N82E16833114004CVF and it did not worked either.

In what way did it not work?

Considering the trouble you have already had I am reluctant to make any further suggestions until I know why the card didn't work. If the slot is broken changing cards won't help.

@craveness:

could a USB to ethernet adapter help here?

The FreeBSD man page for the axe driver (see http://www.freebsd.org/cgi/man.cgi?query=axe&apropos=0&sektion=0&manpath=FreeBSD+8.3-RELEASE&arch=default&format=html) lists some adapters which look as if they should be capable of sustained Ethernet operation at 100Mbps.

pfSense should already include the axe driver.

My only experience with USB Ethernet adapters and pfSense was with devices supported by the udav driver and they were limited by USB speed of 12Mbps. They weren't entirely satisfactory because the devices would sometimes not be recognised during system startup and pfSense would consequently report a missing interface and wait for user input which is not useful if you want the box to run unattended.

I suggest you search the pfSense forums for reports on the chipsets supported by the axe driver. You might find a report or two that will help you make a decision.

An alternative approach is to use a VLAN capable switch as a "port multiplier". If you search the pfSense forums for vlan "port multiplier" you should turn up a few posts explaining the idea in more detail.

Maybe a bigger case would also be a satisfactory solution. The MiniBox (M200?) I bought a few years ago has the height and cutout  to allow a standard PCI card to be mounted parallel to the motherboard (using a riser card) and above the I/O shield. This possibility doesn't seem to be mentioned  on MiniBox web site so maybe it isn't a feature of current M200 boxes or maybe I have forgotten the model number of the box I have. I have no idea if your card and CPU cooler would be fighting to occupy the same space.

Out of the options I have discussed I expect the VLAN port multiplier would be the least troublesome.

Thank you for your reply! Using a baud rate of "115200" works. It hangs after trying AT multiple times though. Also both devices return OK for the AT command. Only one of the devices however gives a output of BOOT and some numbers (repeated again and again).
Just wondering, isn't it somehow possible to map the output of "usbconfig list" to the /dev/dua* devices?

Repurposed notebook that includes everything needed.  Console display, keyboard, built-in UPS, onboard NIC (vlan the WAN etc.).

With lid/display closed it can even sit comfortably in a rack space.

Even old stuff from way back in 2003 era like DELL Inspiron 5100 works well.

You were right ! He is nice !
He offers me to buy an LPC module (<5$) http://pcengines.ch/lpc1a.htm or to send it as an RMA, which I choose (I had enough problems!)

My watchguard box will be coming soon, once in place I will crack open my Sonicwall.