Yup, still not supported AFAIK. Feel free to reverse engineer it and write a driver though.  ;) Steve

If your hardware might be the issue, you need to test it. Memtest, CPU burn in, etc. If you have hardware issues, there's nothing the software can do.

@SammyWoo: How much do they want for these gigabit services?  a couple usd$hundred/month? can't believe they won't even provide a customer-requested plain fiber modem. They won't because setting up the infrastructure, support, manuals, service endpoints isn't worth the cost. This is how it's always been, and why we still have shitty DOCSIS, DSL and G.PON. And providers that MITM modify traffic legally (well, that's mostly in the USA and BRIC).

@ivor: Let's try again :) @jahonix: I change my car more often so why not change a security appliance when requirements bump up? A good working unit can still be sold then. And if you read some background information about what netgate is working on you might want to replace your unit within this three year time span anyways. What did you mean by this? He is aiming for: netgate is making new software, some of it might require new hardware.

Yeah I would still expect you to see Gigabit easily but it's a much better test to use other devices for the iperf client and server. Just as an example I can see line rate Gigabit (~940Mbps) with pfSense as one end of the iperf test, as you're doing, on an old E4500. That's using em NICs. Steve

It's almost certainly an MTU issue. The additional overhead PPPoE introduces limits the packet size. This was clients running pfSense as an IKEv2 endpoint over a PPPoE connection vs other clients running the same setup on cable say? And other traffic was OK, just IPSec failing? All traffic over IPSec? Pings still passing at small packet size for example? Steve

Thanks to all who helped with this!  Once I get it into production I'll watch the logs.  If they start getting too huge I'll re-address the quesiton

Adding new drive for squid cache drive try to mount on /var/squid/cache as gui default exp : your ssd as ada1 gpart create -s gpt ad1 gpart show ada6 gpart add -t freebsd-ufs ada1 newfs /dev/ada1p1 gpart show now your ssd as /dev/ada1p1 then try to mount as proxy cache drive >>> mount /dev/ada1p1 /var/squid/cache then ckeck list all drive >> df -h Dont forget to lock your drive to system at fstab.*  ( edit file at /etc/fstab.*) add this to fstab >> /dev/ada1p1      /var/squid/cache  ufs  rw,noatime        2  2 Good luck  ;)

Good to hear. Always nice to have more router ports.

Why can you not just buy direct.. I do believe they will ship overseas.. I show exchange rate currently 750 USD =704.080CHF And then you pay for shipping..

What is the driver required? How does it appear in FreeBSD? Steve

The ALIX/m1n1wall is very RAM restricted. If it's failing to boot it's probably exhausting the 256MB is has available. That might be logged but if you're running Nano and hard reboot it those would be lost. Checking the serial console would be my next step here. Steve

That connection definitely will do great on an APU2.

I have lots of power cuts too. Running a Qotom i5 with pfSense and ZFS filesystem (copies=2 setting). Have had frequent hard-power-downs with no issues. Also have an APC UPS and run apcupsd in pfSense.

Once u insert a dedicated FW, you are basically separating the functions that your One Box used to do. With a dedicated FW, you should end up with: Plain-Modem–---FW-----AP. You have what I call a Gateway, a 3/4-in-1 box:  Modem+NAT+WIFI+4portSwitch.  ISP loves to give u those because is easier to maintain one box than 3 or 4, but that construct doesn't work for people who want a dedicated FW, and you cannot disassemble, and often cannot disable part of the Gateway you don't want.  For example I had an AT&T Gateway that I cannot disable its NAT.  A dedicated FW will be doing NAT, so now you are double-NATing, not a good situation. Want dedicated FW, you will be playing with the big boys$$.

@firefox: I guess if the rear fan works without breaks The temperature will drop to a lower level Dude, the pic shows the cpu is sitting at only 35c, the ZONE is the one getting 55.  What is this ZONE? Not the cpu I don't think.  Does this temperature stay static? come up like that the minute you boot, then it's a bogus sensor to be ignored, otherwise some part of the Mobo, not cpu, is getting the 55c.  Own an IR thermometer? real fun and useful.

@wgstarks: I didn’t have any problems with mine. Make sure you re-install though. I wouldn’t trust the pre-installed software. Oh no prob there, I got the bare bone, only trusting brand name Crucial+Sandisk. This is my production box, don't need no strange issues.  10 days now 24x7. If it doesn't break the next 20 days, I should be OK.

Before throwing out that C1327 try… system/advance/network... CHECK Disable hardware checksum offload CHECK Disable hardware TCP segmentation offload CHECK Disable hardware large receive offload

As said the LCDPROC site got a list.  If ur in a tight budget, just input your query searches into eBay, sit back and be patience.

The last thing u said, WAN is the bottle neck. Extra LAN ports on a firewall is really intended if you have multiple LAN segments (subnets) and the FW box can be configured as a router to route those subnets. Plus ask yourself, do you want to ship gigabits IntraLAN traffic through the FW, with its limited resources? or give it to a dedicated box like a switch?