Is it possible to get very cheap appliance in UK / Europe
-
For space, power and performance reasons I want to swap out my existing pfSense hardware (Old Compaq PC). This is for home use with 6 PC's, 5 tablets, 5 smart phones and numerous game consoles - connecting to two WAN's (ADSL2 8/1 and vdsl (fttc) 80/10) so need 3 ports.
I have been looking at various systems but unable to find anything within my budget - i.e. really cheap.
Ideally I am looking for something like this in UK or Europe:
http://www.ebay.co.uk/itm/130854339839
I would buy one of these - except postage and tax would triple the end price making it out of my budget.Happy to have a used system or build it myself - but it seems they just don't exist here?
Has anyone been successful in finding anything suitable at a budget price? (Or have an old one they want to sell!)
-
I bought the same neoware just a few days ago. I seems to perform well enough if you don't want to run anything intense like snort or squid. Mine runs off a 2Gb cf card. Just as a basic firewall with LAN and OPT, it works fine. PF blocker would probably work as well. I don't know if 512 of flash is enough. It might be, but I am not sure. You can probably order one of these yourself and find the parts for just about as cheap. You may only save $20 US or so. If you want a cheap box with a LAN and OPT interface, that doesn't use much power, something similar to this is probably good. I maybe would just get more flash space.
-
Glad to hear it works ok - but did you buy it in US? I would love to find something similar in UK - buying this from US would cost about $150 including delivery and tax which puts it out of my budget unfortunately.
Haven't been able to find any Neoware (or anything similar) in UK or Europe so far.
-
Hi,
in this very good overview of pfSense
http://www.youtube.com/watch?v=EfXImr5q-swthey Suggest "Soekris 5501" Hardware … not as cheap as your ebay item but also lowlevel price in compare to "normal" Hardware.
http://soekris.com/products/net5501.htmlIf other pepole needs bigger hardware (1GBit Slot, more RAM, faster CPU) I found:
http://soekris.com/products/net6501.htmlShould be enough for most Small Business Offices ;)
Bests
Reiner
PS: EU Shop: http://www.soekris.eu/shop/
-
Yes US seller. Why don't you just put something together yourself with a jetway motherboard? It may be a bit more money, but they are great.
-
How cheap are you talking? I assume <£100 if $150 is too much.
How low power are you after?
How much work are you willing to do?A re-purposed Watchguard box might fit the bill: http://www.ebay.co.uk/itm/Watchguard-X-Core-Series-Firebox-/321076136251?pt=UK_Computing_Networking_SM&hash=item4ac1a1093b
Steve
-
Thanks for the suggestion - but the basic Soekris 5501 in Europe would cost a total of $350, including shipping and tax.
The Jetway M/B looks good - but by the time I have added power supply, NICS, case, memory and storage - works out higher price again.
The Watchguard looks good - I hadn't considered Watchguard as I was not aware that you could load a different software (pfS) on them. There seem to be a lot of different models available - and many very cheap. What models (or how to determine) can accept pfS - and is this a straightforward installation? This looks a real possibility if I can get a model that can run pfS.
Answering my own question from another forum post:
_The smaller Watchguard boxes, the X10e X55e etc, are all ARM based and hence cannot run pfSense.
The larger units (19" rack mount) are all more powerful the the Alix board by some margin. They all have fans and are quite loud as standard though there is some scope for quietening them down.
Of the larger units only the X-peak box (X5000, X6000 and X8000) will work completely without any tweaking. They have 9 Intel NICs. They come with a 2.8GHz Pentium-4 and hence use a fair bit of power though it can be easily and cheaply swapped out.The X-e units (x550e, x750e, x1250e etc) have some great features and work very well. However they require a bios tweak to boot the CF card and current versions of pfSense have a buggy driver for 4 of the 8 interfaces that means they cannot be relied upon at high load. The other 4 NICs work perfectly though and newer versions of FreeBSD have fixed those bugs._
It seems that all (most?) of the cheaper boxes are not suited for pfS, but I will keep looking - thanks for the suggestions.
-
I'm very happy with the refurbished HP 7900, small form factor system I picked up for $150. It is small, nearly silent and lots of nice features. I added a small SSD and a couple PCIe Intel NIC cards and it is running fine.
There are a lot of refurbished or even cheaper just "lease return" systems out there that make a nice base for a firewall or small server box.
-
That post regarding the Watchguard boxes is quite old now. There is a workaround/fix for the 4 msk interfaces in the X-e boxes, such as the one I linked to.
For what can be made to work and what can't, see: http://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#Supported_Fireboxes
I am still in the process of finishing that wiki page though. ;) I hope to have it mostly finished in the next few days, time permitting. It has enough info to give you an idea of what is required to get going.
Where abouts in the UK are you? I have an excess of boxes!
Steve
-
I am in the South East - just West of London. If you have any spare boxes that are suitable - would be very happy to get one from you - PM me details.
Great job on the WIKI - I wish I had found that earlier, would have saved some searching.
Nigel
-
Very compact
Used laptop with Intel Ethernet ControllerYou can add a Ethernet expresscard to gain additional Ethernet controller
or
level 2 switch so you can run vlans (Only one Ethernet controller required)
Note:
Using a laptop with Two WAN's a level 2 switch would be required. -
Have a look for multi-nic thin clients - I bought a BosaNova (now 10Zig) thin client for £20 last week - it's a Geode LX800 board (like an ALIX) - only 1 NIC, but I wanted it for a part-time VPN endpoint so it only needs 1.
Anything on the AMD Geode (LX or NX, GX would not have any guts @300MHz), or anything that currently run XP embedded should do the job - plenty under £30 on ebay. Multi NIC is the stumbler, though…
-
PS. That box you found in the US; the hardware is a NeoWare thin client.
A number of companies turned them into network appliances, including Equiinet - the NetPilot
http://www.ebay.co.uk/itm/EQUIINET-NETPILOT-PLUS-Internet-Security-/290869226011
-
another option if you can find one on ebay is:
Symantec SGS 1660 (probably best to search for symantec 1660)
6 Intel Gigabit ethernet
Via Cpu
Builtin Hardware Crypto
30g hard drive
Quiet machine in a 1u chassispower draw on the 120v version 37 watts running..
ive been running one in my HOME enviroment for 3 years.its attached to a 60/20 connection and see Maybe 10% cpu utilization
running 2.1-Beta1 -
PS. That box you found in the US; the hardware is a NeoWare thin client.
A number of companies turned them into network appliances, including Equiinet - the NetPilot
http://www.ebay.co.uk/itm/EQUIINET-NETPILOT-PLUS-Internet-Security-/290869226011
This is what I used to use for pfsense.
Combine the CA10, with a pci reiser, pci nic & a IDE DOM card and you have a decent firewall.
You can find my old post here: http://forum.pfsense.org/index.php/topic,40502.msg209156.html#msg209156
-
How did you flash the DOM with nanobsd?
-
How did you flash the DOM with nanobsd?
DOMs usually have flash with many more write cycles than consumer grade flash intended for cameras, phones etc. Therefore you can run the full version of pfSense on them. I have run my home pfSense from the same 1GB DOM for over 4 years.
If you want to run NanoBSD why pay extra for a DOM when a cheap CF card would do?
But if you really want to run the nanoBSD version off a DOM then the flash procedure would be essentially the same as for a CF except you would need to connect the DOM to the motherboard on the appropriate socket (SATA or IDE) for the DOM and take care that you specify the destination device correctly. The exact details will depend a bit on what equipment you have available for flashing the DOM.