PfSense for Home use? Necessary for my needs?
-
Yes the case has a little hole that perfectly fits the external end of the power adapter. You end up just plugging the power cord into the back of the case as if it was a laptop. It's the little silver plug just below the antenna in this picture.
Sweet, thanks for that. I just wish I could find a mini-ITX board with the C2358 in it. Looks like I'm stuck going with the C2558 even though it should be way more than I need for my home needs. I just need a CPU that can handle a 75Mbps site-to-site OpenVPN connection and some intrusion protection.
-
I've been using DD-WRT routers in my home for the past 5-6 years without any issues. I have two sites (one of which hosts a media server that is heavily accessed by 5-10 users consistently) and the other site (which is connected with a site-to-site OpenVPN connection) houses a server that backups all my media from Site A (UnRAID server via rsync).
Site A is running a Linksys E4200 and Site B is running a Netgear R7000. As you can probably surmise, the CPU on the E4200 is severely limiting the speed of my site-to-site VPN connection. I'm only getting about 10Mbps when the actual connection speed is 75Mbps. So I'm considering buying another R7000 to replace the E4200. I'm hoping the two combined will be able to give me at least 50Mbps on the OpenVPN connection even if I have to OC them a little bit.
My question is mainly this. For someone who has never worked with pfSense before (I'm mainly a Windows and Cisco guy), how big is the learning curve (don't want to spend weeks configuring a new router because I can't really afford the downtime) and is it worth it to go with a solution like pfSense for home needs like my own (Vmware, Plex, Storage server, backups over VPN, etc.)?
Any insight would be greatly appreciated. Thanks.
EDIT: Assuming pfSense is this (http://store.netgate.com/ADI/RCC-VE-2440.aspx) a good option for me, would something like this serve my needs? (75Mbps VPN connection).
EDIT #2: What is the least powerful CPU I can get away with that will handle a 75Mbps site-to-site OpenVPN connection without a hitch? Will the C2358 do the job?
I think ALIX APU4 can do what you want, the CPU has hardware AES encryption support, according to security router you should be able to achieve about 95Mbps SSL VPN throughput with AES encryption.
-
I think ALIX APU4 can do what you want, the CPU has hardware AES encryption support, according to security router you should be able to achieve about 95Mbps SSL VPN throughput with AES encryption.
Is this a Typo, I was thought that this is an "AMD G series T40E"
based system without AES-NI and/or Intel QA? -
Use the opportunity to upgrade your PC. With all the parts you pulled out of your desktop, you could build a solid router.
-
I'm using an Atom D2500 with 4gb ram and it is plenty.
-
Use the opportunity to upgrade your PC. With all the parts you pulled out of your desktop, you could build a solid router.
Huh? Not s who or what post this is in response to.
I'm using an Atom D2500 with 4gb ram and it is plenty.
Are you using OpenVPN? What are your connection speeds?
-
You mention you have vmware. Why not run pfsense as a virtual?
I'm also a windows and cisco guy, and I find pfsense fairly easy to use. If you've used Cisco's ASAs, pfsense takes a bit to get used to.
The biggest frustration with pfsense is the lack of documentation.
-
You mention you have vmware. Why not run pfsense as a virtual?
I'm also a windows and cisco guy, and I find pfsense fairly easy to use. If you've used Cisco's ASAs, pfsense takes a bit to get used to.
The biggest frustration with pfsense is the lack of documentation.
I'm considering running it as a VM but I have some reservations about it. First off my VM box runs my media server which is used very heavily by many users and I'm not sure how well it will work in conjunction with a router/firewall on the same box. Also, I like the idea that I can do maintenence on my VM box without taking down the Internet.
As for the lack of documentation, I'm noticing that. Hopefully I will be able to pickup the basics quickly so I can at least get my network running while I learn the more advanced features.
-
Hopefully I will be able to pickup the basics quickly so I can at least
get my network running while I learn the more advanced features.There is also a book out about pfSense and another one will be released soon
if this would be interesting for you, to get faster skills. -
I came to pfSense from a very Cisco focused background. I work with ASA firewalls, catalyst switches, and IOS routers every day. I found pfSense to be rather easy to learn. At the end of the day a network is a network and they all work the same way.
-
@BlueKobold:
Hopefully I will be able to pickup the basics quickly so I can at least
get my network running while I learn the more advanced features.There is also a book out about pfSense and another one will be released soon
if this would be interesting for you, to get faster skills.Lol, that new book has been going to be released "soon" for over a year now.
-
I came to pfSense from a very Cisco focused background. I work with ASA firewalls, catalyst switches, and IOS routers every day. I found pfSense to be rather easy to learn. At the end of the day a network is a network and they all work the same way.
Well, yes, it is easy to to learn, but the ASA and pfsense seem (to me at least) to require different mindsets when figuring out how to get to where you want to go.
But you are right, at the end of the day, it is all just wrangling bits.
-
My main background is with Cisco switches and routers, however in terms of security appliances I've never messed with any ASA's. At work I use Sophos UTM which I actually love but from the research I've done it doesn't look like I can setup an OpenVPN tunnel to PIA with a kill switch from UTM. It's the main reason I picked pfSense over it.