Intel Quad NIC not working in pfsense 2.1
-
If you have a switch using VLANs only for WANs and a separate switch for just the LANs, it would be better.
VLANs are not a true security isolation mechanism because there are still some theoretical (but not practical lately) attacks to hop between VLANs. But if you treat your WANs as the hostile wastelands they are then if someone hopped from WAN1 to WAN2 they wouldn't have gained anything. I'd have to check but last I heard it had been quite some time since the last VLAN hopping bug/firmware in a mainstream switch.
I'd be more worried about local attacks where the attacker can actually be on the same layer 2.
That said, for most it's "good enough", though not ideal.
-
I fixed your post ;)
I'd have to check but last I heard it had been quite some time since the last known VLAN hopping bug/firmware/backdoor in closed source firmware ultimately in full control of network traffic.
I can't be alone in choosing mostly verifiable software like pfsense to keep evil networks separate from ones I own because the commercial market has continued to fail us. That it happens to often be cheaper to use and more powerful in the right hands is pure icing on the cake.
If you're going through the trouble to run pfsense over an off the shelf black box and then throw something in front of it that defeats one of the main benefits in the first place, why bother at all?That said, for most it's "good enough", though not ideal.
"Good enough" electrical wiring burns down houses and gets insurance claims denied, I can't in good conscience recommend or condone the same in the IT world just because our voltages are lower and the "fires" do virtual damage instead :)
Ok I digress,
Edit: I just remembered that I updated the ROM on the card. I used UEFI, since I wasn't sure what to choose. Does that matter at all? Should I choose PXE instead?
Yeah try the PXE option, can't hurt.
-
Time for a switch with open source firmware?
Steve
-
Time for a switch with open source firmware?
Steve
Thats actually starting to become a possible option at the high end, if you need 10/40GbE and got some cash to burn :)
-
Okay, I just forked up $124 for a new mini-itx board…the Gigabyte GA-H61N-USB3. H61 chipset, and PCIe 2.0, instead of 3.0. Card is not recognised >:(
I really dont get why this card is not working on mini-itx boards. I have three other ATX and micro ATX boards in which the card works fine. Is this card not working at all on the mini-itx platform?
Regards
Tommy
-
Do I understand that you want to use an 1155 Socket board for a firewall solution. Aint that a little overpowered??
Why don't you use something like an Intel D2500CCE Atom Mini-ITX Mainboard. It basically has everything that you need for a firewall solution. -
Do I understand that you want to use an 1155 Socket board for a firewall solution. Aint that a little overpowered??
Why don't you use something like an Intel D2500CCE Atom Mini-ITX Mainboard. It basically has everything that you need for a firewall solution.Lose two serial ports and DVI and gimme more gigabitz.
-
Do I understand that you want to use an 1155 Socket board for a firewall solution. Aint that a little overpowered??
Why don't you use something like an Intel D2500CCE Atom Mini-ITX Mainboard. It basically has everything that you need for a firewall solution.Yeah, I know, but I always like to have some extra power, and also be a little future proof.
And I really HATE to have to give up on something…so now I want it to work more than ever...u know the feeling i'm sure :)
-
I'm pretty sure about it, but IF it is home use, and you use a motherboard that has a slot has a pci Express X16 slot that could run a nice graphic card for gaming is a waste. If that slot would have been a pci slot then I COULD understand. But this is way too overpowered.
It is as if you use a tank to squash the fly.And this is no criticism, I do understand what you are saying very well. But you will NEVER meet the full computational requirements of the CPU in routing and firewalling.
-
Do I understand that you want to use an 1155 Socket board for a firewall solution. Aint that a little overpowered??
Not necessarily at all.
There are many, many CPUs that can fit a socket 1155 motherboard from the most basic G1610 Celeron right up to a screaming quad core i7. That gives you a lot of flexibility and upgradability.
The Atom CPUs are great but there are plenty of scenarios where you will run of CPU power quickly. It's unlikely you'll more need more for a home broadband connection (unless you have Google fibre!) if you're using just firewall and NAT. If you need to run a VPN you may well have more WAN bandwidth than you can use. If you have several internal interfaces your traffic between them will be limited below gigabit wire speed.Steve
-
I totally agree but look at the board, case principle of a firewall is to filter traffic on one interface and let it out on the other. This board has only 1 interface and no possibility to add another one. So how is it going to be usefull still stephenw10?
-
It has a PCIe slot in which the subject of this thread, a quad port NIC, was intended to go. 5 interfaces total. Could also use VLAN interfaces as well. Seems reasonable to me. The fact that the NIC didn't work is unfortunate. ::)
Steve
-
To the OP:Â have you got the quad port (39y6138) working with pfsense 2.1 yet???
Looking to get one on fleebay but I found this thread before I bought the controller so i'd like to know if it works..
Cheers!
-
Oh yes, its working great. But not on any of the three lga1155 boards I have tested it on..its not recognised by the boards. But it's currently running perfectly fine on an older lga755 board.
-
Oh yes, its working great. But not on any of the three lga1155 boards I have tested it on..its not recognised by the boards. But it's currently running perfectly fine on an older lga755 board.
It's been mentioned that newer motherboards with UEFI may be the cause for it.
-
But one of the lga1155 boards, a Gigabyte z68x-ud3h-b3, did not have an UEFI bios…and still wouldn't recognise it...
-
Having this same exact problem with my new setup. BIOSTAR NM70I-847 motherboard and an Intel 4 port NIC. Boards got a soldered on Celeron 847 w/ NM70 chipset, NIC is a Intel Pro/1000 PT. Any one else having this same problem?
-
bump
-
But one of the lga1155 boards, a Gigabyte z68x-ud3h-b3, did not have an UEFI bios…and still wouldn't recognise it...
That boards absolutely has an UEFI. All intel chipsets 6 series or later have UEFI.
-
also having this problem - any potential solutions?