Hardware recommendations ATT 1gig up and down
-
Complete noob to Pfsense here.
I have ATT U-verse with 1gig up and down service. Using their required Pace 5268ac gateway. I want to use one port of the gateway and attach a pfsense router to it for some devices.
I’m looking for hardware recommendations to be able to run 3 or 4 devices with PIA vpn setup via OpenVpn. I don’t need to utilize the full gigabit, I’d be happy with 500 up and down. I’d just like for all of the connections to be able to do it at the same time if necessary. For things like torrenting, streaming, etc.
Not planning on running any additional packages outside of the vpn, but having the option in the future wouldn’t be that bad.
I already have an Intel i390-t4 on order. Figured that much out from reading things. Also already have a 16gb Ssd I was going to use for the hd. I can buy bigger if necessary. I just prefer ssd.
Would an j3355 box suffice or would I need something beefier, I was looking at a used sff pc with i7-2600, 4gb ram, imbedded video for under $100. But that might be overkill and use way more power than necessary. I don’t care if I use about $35/yr power wise. Worth it for security and privacy.
Thanks in advance.
-
i3-class CPU will suffice and enough headroom for near future. 16G SSD will suffice also.
-
I have ATT U-verse with 1gig up and down service.
Would an j3355 box suffice or would I need something beefier
You would need something beefier than j3355. From everything that I have read on the forum, j3355 will probably max out at 300Mbps.
Also any particular reason why you bought a quad NIC vs dual NIC? What are you planning to do other than 1 port for WAN, 1 port for LAN? I ask because I am a noob to pfSense as well and I haven't really understood what quad NICs give you over a basic unmanaged switch – unless you have multiple ISPs serving your house and that way you can have multiple WANs. But most home users don't buy internet service from multiple ISPs
-
Thx SammyWoo
I’m trying to find a used pc that I can get cheap. I’ll use your recommendation as a baseline.
-
I have ATT U-verse with 1gig up and down service.
Would an j3355 box suffice or would I need something beefier
You would need something beefier than j3355. From everything that I have read on the forum, j3355 will probably max out at 300Mbps.
Also any particular reason why you bought a quad NIC vs dual NIC? What are you planning to do other than 1 port for WAN, 1 port for LAN? I ask because I am a noob to pfSense as well and I haven't really understood what quad NICs give you over a basic unmanaged switch – unless you have multiple ISPs serving your house and that way you can have multiple WANs. But most home users don't buy internet service from multiple ISPs
I honestly went quad for a couple reasons. At the moment, I’m looking at three devices I want connected to pfsense and the vpn, so that lets me use one for wan, the other three direct to the devices, hopefully better speed, less issues. I like having room should I want it in the future. I have a couple older nas devices I might want to connect down the road for outside access, I don’t use them that way currently. The extra ports give me options. I hate buying things twice because I tried to skimp at the start. Burned myself several times on other things.
The price wasn’t that much more to go quad, paid $35 shipped. Should be a real one too as the chips aren’t screen printed. Resale shouldn’t be hard if this doesn’t work out either. I’ll make sure to use clear pics of the chips to prove it’s real, not a Chinese knockoff, if it is one.
-
I honestly went quad for a couple reasons. At the moment, I’m looking at three devices I want connected to pfsense and the vpn, so that lets me use one for wan, the other three direct to the devices,
Will these 3 devices be able to talk to each other? If so, I can buy a quad NIC and attach them to 3 different switches thereby increasing the number of devices in my network instead of upgrading my 16 port switch with a bigger one in the future. It will save me the hassle of selling/trashing my 16 port unmanaged switch.
hopefully better speed, less issues. I like having room should I want it in the future. I have a couple older nas devices I might want to connect down the road for outside access, I don’t use them that way currently. The extra ports give me options. I hate buying things twice because I tried to skimp at the start. Burned myself several times on other things.
The price wasn’t that much more to go quad, paid $35 shipped. Should be a real one too as the chips aren’t screen printed. Resale shouldn’t be hard if this doesn’t work out either. I’ll make sure to use clear pics of the chips to prove it’s real, not a Chinese knockoff, if it is one.
How do you check if the chips are screen printed or not?
-
I honestly went quad for a couple reasons. At the moment, I’m looking at three devices I want connected to pfsense and the vpn, so that lets me use one for wan, the other three direct to the devices,
Will these 3 devices be able to talk to each other? If so, I can buy a quad NIC and attach them to 3 different switches thereby increasing the number of devices in my network instead of upgrading my 16 port switch with a bigger one in the future. It will save me the hassle of selling/trashing my 16 port unmanaged switch.
hopefully better speed, less issues. I like having room should I want it in the future. I have a couple older nas devices I might want to connect down the road for outside access, I don’t use them that way currently. The extra ports give me options. I hate buying things twice because I tried to skimp at the start. Burned myself several times on other things.
The price wasn’t that much more to go quad, paid $35 shipped. Should be a real one too as the chips aren’t screen printed. Resale shouldn’t be hard if this doesn’t work out either. I’ll make sure to use clear pics of the chips to prove it’s real, not a Chinese knockoff, if it is one.
How do you check if the chips are screen printed or not?
I’m not sure on your first question. I’m honestly guessing. I figure once I get it built I will see what I can and can’t do with it.
The screen print part, there’s no white printing on the center of the chips. They look like the printing is etched into the chip I can’t say 100% until the card arrives. That is one of the ways to tell the fake from real. The real are etched. At least from my reading. It’s starting to get jumbled with as many threads as I’ve been reading trying to decide on a build platform. I’ve decided I’m going to worry about building first. Then focus on how to set it up once it’s built. That way my focus can be on one thing at a time. There’s so much good info here it’s overloading my head. I keep going off on reading tangents and get lost on what I started out looking for.
-
haven't really understood what quad NICs give you over a basic unmanaged switch
Run discrete, separate subnets. Although you can mimic this with a VLAN-capable switch. To me, and only to me, discrete subnets easier to visualize than try to keep VLAN configs all in my head. I like things simple and stupid.
-
haven't really understood what quad NICs give you over a basic unmanaged switch
Run discrete, separate subnets. Although you can mimic this with a VLAN-capable switch. To me, and only to me, discrete subnets easier to visualize than try to keep VLAN configs all in my head. I like things simple and stupid.
Ok. When you use small words like that, it helps dufus like me understand. Thank you.
Since they are separate subnets, then I imagine devices in different subnets cannot and should not be able to talk to each other. For my home network, I have the following devices :
-
Main FreeNAS
-
Backup FreeNAS
-
1 Tablet
-
2 Phones
-
1 desktop
-
2 Laptops - work & personal
-
1 network enabled TV
So I don't see the need to separate them into different subnets as I use my laptops/tablet to sometimes check up on my FreeNAS boxes. The TV is the only thing I can choose to put in a different subnet so it can't be hacked into and access my main network. I might set up a DMZ in the future when I have learnt more about networking to host a webserver. I can set it up via a VLAN then.
I will just go buy a Dual NIC for my new pfSense build and will shutup now and stop hijacking this thread.
Thank you again.
-
-
Inxsible, we’re both in similar boats, so I know I don’t mind your questions.
I have a Shield, two other Kodi boxes, Fire Tv, pc, and two nas’ I could put onto a network with vpn. Some don’t need to talk to each other, some I will want to. Some strictly internal, some possible external down the road.
I’m trying to leave room to grow as well be able to max my throughout as much as I can without having to go crazy cost wise.
Running the PIA apps for vpn on the devices significantly reduces my throughput. I want to offload that to pfsense to get better speeds. My pc will run near the gigabit speeds with PIA turned off. Turn it on, and I’m down to 300 (best ever), but usually between 150 and 30. That’s too much for my liking.
-
Inxsible, we’re both in similar boats, so I know I don’t mind your questions.
I have a Shield, two other Kodi boxes, Fire Tv, pc, and two nas’ I could put onto a network with vpn. Some don’t need to talk to each other, some I will want to. Some strictly internal, some possible external down the road.
I’m trying to leave room to grow as well be able to max my throughout as much as I can without having to go crazy cost wise.
Makes sense. If I buy used, the difference between dual and quad is not huge – about $5-$10 on ebay. I just wanted to understand what quad NICs would provide over dual.
Running the PIA apps for vpn on the devices significantly reduces my throughput. I want to offload that to pfsense to get better speeds. My pc will run near the gigabit speeds with PIA turned off. Turn it on, and I’m down to 300 (best ever), but usually between 150 and 30. That’s too much for my liking.
Then you would surely need a better CPU than what you currently have in your pc.
I intend to go with a J3355B since my internet speed is only 50Mbps down. Gigabit is currently too expensive for me given my usage.
-
I’ve got a fx8320e. It should be enough. I just think the app isn’t that great for the pc nor android. I mean, it works, but the speed hits I take are horrible. Now it could be ATT not liking the vpn, but on my iPad, I max the WiFi at 350-400 with PIA turned off, always over 200 when it’s turned on. So that version works fine.
-
I’ve got a fx8320e. It should be enough. I just think the app isn’t that great for the pc nor android. I mean, it works, but the speed hits I take are horrible. Now it could be ATT not liking the vpn, but on my iPad, I max the WiFi at 350-400 with PIA turned off, always over 200 when it’s turned on. So that version works fine.
I run my VPN client in pfSense as well and route everything except my work laptop through it. I know you said it works fine on your iPad, but have you tried a different server for PIA?
I had issues with 3 servers with my VPN provider before I settled on the 4th one. And the weird thing is that the 3 that were flaky were in the same city that I am in and the one that I am now using and has been stable ever since is 800 miles away.
-
I’ve got a fx8320e. It should be enough. I just think the app isn’t that great for the pc nor android. I mean, it works, but the speed hits I take are horrible. Now it could be ATT not liking the vpn, but on my iPad, I max the WiFi at 350-400 with PIA turned off, always over 200 when it’s turned on. So that version works fine.
I run my VPN client in pfSense as well and route everything except my work laptop through it. I know you said it works fine on your iPad, but have you tried a different server for PIA?
I had issues with 3 servers with my VPN provider before I settled on the 4th one. And the weird thing is that the 3 that were flaky were in the same city that I am in and the one that I am now using and has been stable ever since is 800 miles away.
I’ve tried multiple servers. I switch if I’m not seeing good speeds, hoping to find one. I find the Midwest to be the best for me most of the time. Every once in awhile I’ll need to move to the New York server.
-
I’ve got a fx8320e. It should be enough. I just think the app isn’t that great for the pc nor android. I mean, it works, but the speed hits I take are horrible. Now it could be ATT not liking the vpn, but on my iPad, I max the WiFi at 350-400 with PIA turned off, always over 200 when it’s turned on. So that version works fine.
I run my VPN client in pfSense as well and route everything except my work laptop through it. I know you said it works fine on your iPad, but have you tried a different server for PIA?
I had issues with 3 servers with my VPN provider before I settled on the 4th one. And the weird thing is that the 3 that were flaky were in the same city that I am in and the one that I am now using and has been stable ever since is 800 miles away.
I’ve tried multiple servers. I switch if I’m not seeing good speeds, hoping to find one. I find the Midwest to be the best for me most of the time. Every once in awhile I’ll need to move to the New York server.
One thing with using VPN in pfSense instead of using a client on the PC itself is that it's not as easy to quickly change servers. You also cannot change servers for just one device/PC, unless you have already created multiple VPN interfaces in pfSense and route every device through a different interface.
So, if you are using VPN only to hide data from your ISP, it shouldn't be a problem. But if you are using it to avoid geo-location then it might be a pain to constantly switch VPN servers. Also, as you may have noticed many websites/apps don't work behind a VPN.
I recently noticed that TurboTax and TaxAct don't work if I am routing my desktop through the VPN interface. I have to go directly through my ISP. Same with Amazon app on the phone. The Amazon website works, but the phone app only shows me pictures of dogs and tells me "something went wrong"
I am starting to think getting VPN is now more of a hassle especially when my wife starts complaining about not being able to shop on Amazon app while on wifi.
-
I’ve got a fx8320e. It should be enough. I just think the app isn’t that great for the pc nor android. I mean, it works, but the speed hits I take are horrible. Now it could be ATT not liking the vpn, but on my iPad, I max the WiFi at 350-400 with PIA turned off, always over 200 when it’s turned on. So that version works fine.
I run my VPN client in pfSense as well and route everything except my work laptop through it. I know you said it works fine on your iPad, but have you tried a different server for PIA?
I had issues with 3 servers with my VPN provider before I settled on the 4th one. And the weird thing is that the 3 that were flaky were in the same city that I am in and the one that I am now using and has been stable ever since is 800 miles away.
I’ve tried multiple servers. I switch if I’m not seeing good speeds, hoping to find one. I find the Midwest to be the best for me most of the time. Every once in awhile I’ll need to move to the New York server.
One thing with using VPN in pfSense instead of using a client on the PC itself is that it's not as easy to quickly change servers. You also cannot change servers for just one device/PC, unless you have already created multiple VPN interfaces in pfSense and route every device through a different interface.
So, if you are using VPN only to hide data from your ISP, it shouldn't be a problem. But if you are using it to avoid geo-location then it might be a pain to constantly switch VPN servers. Also, as you may have noticed many websites/apps don't work behind a VPN.
I recently noticed that TurboTax and TaxAct don't work if I am routing my desktop through the VPN interface. I have to go directly through my ISP. Same with Amazon app on the phone. The Amazon website works, but the phone app only shows me pictures of dogs and tells me "something went wrong"
I am starting to think getting VPN is now more of a hassle especially when my wife starts complaining about not being able to shop on Amazon app while on wifi.
See, my wife is why I’m only going to do wired connections to the box. The WiFi stuff can go on as they have been. I won’t have to hear about things not loading or working.
If I need my pc to use a non-vpn connection, I’ll just switch cables to the ATT gateway.
-
See, my wife is why I’m only going to do wired connections to the box. The WiFi stuff can go on as they have been. I won’t have to hear about things not loading or working.
If I need my pc to use a non-vpn connection, I’ll just switch cables to the ATT gateway.
That's smart. You could also create an alias and add or remove your PC from that alias depending on whether that alias is being routed via the VPN gateway or the ISP gateway.
For eg. I have an alias for my work laptop so that it goes out the ISP. When I needed to do my taxes, I just put my desktop in the same alias until I was done with the taxes and then removed it from the alias again.
-
Well the pc I was looking at acquiring is not available to me any longer. I’ll keep an eye out for something cheap but functional that’ll support AES-NI.
I have an old Compaq with a Core 2 Duo E8600 in it I’m going to start with once the NIC gets here. It’ll give me a chance to play with and learn Pfsense while hunting a pc or parts.
It’ll have 8gb ram and I’ll use that 16gb ssd as the hd. It should be enough for me to familiarize myself a bit with Pfsense.
-
Well the pc I was looking at acquiring is not available to me any longer. I’ll keep an eye out for something cheap but functional that’ll support AES-NI.
I have an old Compaq with a Core 2 Duo E8600 in it I’m going to start with once the NIC gets here. It’ll give me a chance to play with and learn Pfsense while hunting a pc or parts.
It’ll have 8gb ram and I’ll use that 16gb ssd as the hd. It should be enough for me to familiarize myself a bit with Pfsense.
Keep us posted.
I got myself a i340-T4 as well for the same price as that of T2 (at least when I was looking). Now I have my RAM and motherboard (AsRock J3355B) on order.
-
Well the pc I was looking at acquiring is not available to me any longer. I’ll keep an eye out for something cheap but functional that’ll support AES-NI.
I have an old Compaq with a Core 2 Duo E8600 in it I’m going to start with once the NIC gets here. It’ll give me a chance to play with and learn Pfsense while hunting a pc or parts.
It’ll have 8gb ram and I’ll use that 16gb ssd as the hd. It should be enough for me to familiarize myself a bit with Pfsense.
Keep us posted.
I got myself a i340-T4 as well for the same price as that of T2 (at least when I was looking). Now I have my RAM and motherboard (AsRock J3355B) on order.
Glad you found a t4 for the same price. Makes it easy on which to buy. My nic should be here Saturday so I hope to start this weekend.