Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    3rd Party Hardware Request

    Scheduled Pinned Locked Moved
    Development
    3rd party asus ax82u wifi
    4
    6
    1.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      AlRoute
      last edited by AlRoute

      Hi,

      I came to your forum after seeing a review of the Netgate 2100 online.

      Unfortunately that router doesn't meet my needs because as a home user I need a very powerful wifi signal integrated in the unit as well the switch / firewall. I opted to keep my modem separate using a Draytek Vigor to provide at least some separation of networking units.

      I noted from the Netgate Website that youa re intending to provide support for Pfsense to be used on 3rd party routers.

      Could I put in a request for support on Asus Routers and specifically the AX82U as it's one of their current reasonably priced flagship routers that has won awards and praise for it's hi speeds and relibiability which also makes it a best seller.

      As it's new, it should offer a decent lifetime for your efforts.

      The reason I ask for PFsense support, is many users of home routers, myself included, now have CCTV running off PC based software such as Blue Iris. Others of course have IOT devices running off home routers as well. As such, the ability to set up VLANS on home routers is becoming ever more important as the scope for using 3rd party devices such as IOT's or CCTV servers / NVR's to launch wider network attacks is becoming ever greater.

      However, most home routers don't support VLAN despite having otherwise comprehensive firmware / software including VPN and fast processors.

      I understand, that integrating Pfsense onto home routers may not be easy due to them having wireless networks as well as wired, something you don't currently cater for. However, I think both at present and going forward it's going to become increasingly difficult except at higher end enterprise level to find devices without wifi networks built in and as such it would appear developments for the same to be pretty much the future. As a non programmer I can't profess to know how this could be done, maybe copying the Wifi Network encoding and features verbatum across into PFsense if the manufacturers will allow negating the need for development in this area? Unsure.

      I would request though that you consider pfsense support for the Asus AX82U if at all possible as being one of the very latest, most awarded and most popular models it provides an ideal place to start in getting PFsense out to the wider community who can't afford or maybe can't use the Netgear hardware due to lack of WiFi support.

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @AlRoute
        last edited by

        @alroute I don't work for Netgate but I'd guess it's super unlikely to happen. The CE (open source) version only runs on Intel, and pfSense Plus can run on the few Netgate ARM models. For anything else, even if it had an Intel/AMD64 compatible CPU FreeBSD would need wireless drivers for whatever NIC was in the model, which, per my vague understanding, is an issue. Plus the device would need a way to install pfSense, so a way to boot, and presumably view a video console to configure.

        Generally pfSense users just get an access point and plug it into a router port, and can make that port a VLAN if desired. Then the AP(s) can be put anywhere in the office/home.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        A 1 Reply Last reply Reply Quote 0
        • A
          AlRoute @SteveITS
          last edited by AlRoute

          @steveits Hi Steve,

          I don't know what processor it uses other than it's a tri-core so I'm going to guess it's an ARM. Asus don't publicise the processor and I'm not dissasembling to see. I'm sure someone somewhere has done it and knows.

          I know 3rd party firmware is used on many of these consumer routers, so it is theoretically possible eg.

          Merlin Firmware is often flashed onto Asus Routers.

          The problem with Netgate Routers is several for consumer users:

          1. They're excessively priced for what they are - eg. the 2100 is $299 and the 3100 £399 yet just offer a basic router ie firewall and switch, when you can pick up a top of the line non gaming specific router from a top brand eg Asus for less than £200 offering many of the same thoughputs (or higher) plus WiFi 6. eg, I paid £135 for my Asus AX82U although it's normally around £189.

          For the price it's very well featured, VLAN's aside:

          https://www.asus.com/uk/networking-iot-servers/wifi-routers/asus-gaming-routers/rt-ax82u/techspec/

          I don't believe I'm the 1st person to say they're overpriced in the market and I'm sure the other person who commentated this was a business user. You can buy CISCO for around the same price as Netgate and CISCO are both over priced and top of the market products for high end enterprise use (in my opinion).

          Netgate seem to want to target their lower end products as much to consumers, remote workers and small offices as enterprise, but they aren't price competitive in my opinion especially when you consider there's no wifi when most routers that are cheaper offer Wifi 6 and AI mesh these days along with Alexa integration etc. Personally, wifi 6 apart, wouldn't use any of the others but many users falling into the categories I mentioned would. Wifi is pretty much defacto amongst home users, home workers and small offices and these days that usually means WiFi 6.

          1. Pretty much summed up above as well. Strong long range Wifi, preferably 6, is almost a requirement amongst routers (router switches) these days and Netgate despite the high price doesn't integrate wifi.

          Even if it was to become available, I'm going to hazard a guess Netgate would have to put it in a separate box to connect to the router and probably charge another $200 or more for the privaledge, making it again unrealistic in price.

          You can't exepect Home Users / Remote Workers or Small Offices to want or be able to spend upwards of probably $700 on a network setup for home / small office use eg. In my case I've spent £189 (if I paid full price for the AX82U) and £100 for a Draytek Vigor modem, - £289 total which is high for consumer / home worker and which is around the cost of the Netgate 2100 alone, - the 2100 speed limits are unremarkeable).

          If Netgate were to say router + Wifi module + modem, you're already talking an enterprise setup even with the 2100 eg $299 + Vigor 130 $100 + $200 (modem netgate Wifi?) = $600. Pick a 3100 for the fibre speed given Gigabyte Fibre not that uncommon and you break the $700 barrier. How many home users / remote workers / small offices can afford that outlay?

          Now I appreciate Netgate may not want to lower their prices nor add wifi to their routers which is fair enough. I can give an opinion but it doesn't mean Netgate have to accord with it.

          However, this is where 3rd party support for popular Home / Small Business routers from mainstream bands with Wifi built in comes into play as it's the economomical way of reaching out to those users. Although it's open source I'm sure router users wouldn't mind paying a one off fee of say $30 for it if it offered something in the firmware such as VLANs that theyc ouldn't otherwise obtain through their standard manufacturers firmware.

          MikeV7896M 1 Reply Last reply Reply Quote 1
          • MikeV7896M
            MikeV7896 @AlRoute
            last edited by MikeV7896

            pfSense is a software suite built on the FreeBSD operating system that can act as a security firewall and router. Netgate makes specific hardware that can run pfSense software, sometimes on ARM-based CPUs, sometimes on Intel (and by extension AMD) CPUs. The community version of pfSense that is freely available runs on Intel/AMD CPUs only (aka mini PCs and other network appliance-oriented devices). Most consumer-oriented routers (Asus, Netgear, Linksys/Belkin, etc.) are using ARM CPUs.

            pfSense actually does support wireless networking. The issue with the WiFi support though, and the reason most just purchase a separate WiFi access point for wireless, is that the FreeBSD operating system doesn't support the latest and greatest WiFi cards. Looking through the Hardware List for FreeBSD 12.3 (which will be the base for the next release of pfSense), the majority of the WiFi cards supported are 802.11a/b/g/n models. There appears to be some Intel 802.11ac driver support for three models of cards. There's definitely no WiFi 6 support though, seeing that your Asus router is an AX model.

            One last issue with trying to run pfSense on consumer router hardware... storage capacity. The smallest Netgate device, the 1100, comes with 8 GB of storage. The latest WiFi 6E routers from Netgear and Asus have 512 MB and 256 MB of storage respectively (source; component summary comparison table in that article). That's just not enough space to fit pfSense into.

            The S in IOT stands for Security

            A 1 Reply Last reply Reply Quote 0
            • A
              AlRoute @MikeV7896
              last edited by AlRoute

              @mikev7896 Ok thanks for the explanation.

              It's a pity the Netgate solutions are so expensive for Home Users. Although the 1100 is designate for Home Use, I doubt anyone needing a device with PFSense would have much use for anything less than the 2100 or maybe even 3100 just simply based on the number of ports. eg. A single home PC + CCTV System + Access Point = more LAN ports than the 1100 has without then adding in any IOT's. Then there's the cost of modem and access points.

              It's not really a Home Friendly Solution which is a pity.

              I'm guessing Netgate doesn't want to price the 2100 down at home user prices because it might lose small business revenue and the same for access points which I'm guessing are universal to all.

              JeGrJ 1 Reply Last reply Reply Quote 0
              • JeGrJ
                JeGr LAYER 8 Moderator @AlRoute
                last edited by JeGr

                @alroute said in 3rd Party Hardware Request:

                I'm guessing Netgate doesn't want to price the 2100 down at home user prices because it might lose small business revenue and the same for access points which I'm guessing are universal to all.

                Perhaps you can't simply make it any cheaper without loosing money? Because all electronics prices have gone through the roof and nothing got cheaper at all? There's a reason why consumer/SOHO electronics is cheap, while more flexible hardware and software is not. That's not something to do with "they don't want to make it cheaper" or "they don't like their software running on toasters". It's just that no one wants to pay for that. You can't just throw the software on cheap SOHO hardware and hope it will work just because "it's also an ARM SOC/CPU". There are vastly different ARM SOCs and they have licenses etc. for accessing their tools and drivers etc. Why is Netgate running espressobin-like hardware on those SG1100-3100? Because it's mostly the same SOC and was (guessing) relatively easy to adapt FreeBSDs ARM branch on it.
                We can see how "identical normal x86/64 hardware" runs every day. They aren't the same just because they may have the same NIC and CPU in it. Developing on different hardware is far more complex than "just throw it on and have a look at it". Otherwise one could simple extract the installer from e.g. a SG1100 and throw it on a Raspi4 (won't work - different ARM SOC) or on a smartphone perhaps? Those are ARM, too? Nope. Not that easy. And the menhours that go into such things as developing and testing on new hardware is what makes things time consuming and expensive to ensure the stuff is actually running quite nicely when you try to install/update it. Add to that, that many hardware vendors for WiFi, SOCs (Quallcom for ARM etc.) like to have "binary blobs" in their drivers that may only work on Linux or have problems to get them to run on FreeBSD - or even incompatible licenses to BSD/Apache Licenses? Those are just the problems on top of it.

                Have you seen 08/15 SOHO hardware with more then 1-2y firmware support? I found them very rare. Mostly the have have a few updates and are then abandoned for the next bigger better version. Also because of ever evolving HW standards of WiFi and such, most SOHO routers tend to get switched out around 2ys. Firewall hardware normally lasts way longer than that in my experience in our company (not Netgate BTW).

                @alroute said in 3rd Party Hardware Request:

                I noted from the Netgate Website that youa re intending to provide support for Pfsense to be used on 3rd party routers.

                Actually don't know where you found that. I only know of "supporting 3rd party hardware" and with that they are only talking about compatible (x64 Intel/amd) 3rd party hardware router boxes or barebones that you can buy/build yourself. I found nowhere they state, that they plan to run on 3rd party routers as an alternative firmware like OpenWRT or DD-WRT or Tomato. That's - AFAIK - far outside the project scope.

                Cheers
                \jens

                Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

                If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post