Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Looking for Hardware with: SFP/WiFi/AES

    Hardware
    5
    8
    2.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rippz
      last edited by

      I am looking forward to build a  router for my new FTTH internet connection. I am totally clueless what I should buy. I just list my requirements for the box and maybe someone can come up with something.

      • WAN: SFP WAN Interface for 1000BASE-BX Ethernet (integrated or recommendation for affordable PCI-E card)

      • LAN: Gbit Copper Interface

      • Ability to handle 200Mbit/s in both directions over a AES encrypted OpenVPN tunnel (the router is the endpoint)

      • I want to use it as WiFi access point, too. Therefore I need a recommendation for a good WiFi PCI-E card (need 5GHZ support since 2.4 is full)

      • Enough PCI-E slots to fulfill the above constraints

      • Should be small enough (no midi tower :))

      • Low Power consumption / passively cooled

      My ISP uses 6RD. This is supported in pfSense, right?

      1 Reply Last reply Reply Quote 0
      • T
        TomHBP
        last edited by

        I have looked into a lot of this recently. From what I have read:

        -I found that almost unilaterally that a) Intel is the best NIC, and b) PCI/E NIC is cheaper than getting Intel NIC's onboard. Some Dell and HP PCI-E NICs can be had cheaply on ebay, and many are Intel based. Best to search for which work well - I went for the HP NC360T which reportedly works well, but I haven't had a chance to test mine yet.

        -pFsense makes an awful WiFi access point. You should use a proper (even if cheap) router for your access point.

        -There is also no support for 5GHz WiFi, even as a client.

        -I am waiting to see if my hardware selection meets the correct criteria for my 100Mbps connection, but from what I've seen, maybe a N3700 board, or an AMD Athlon 5350 should be about the right level. Anything higher I haven't looked into!

        Of course I could be wrong, but I'm sure someone will confirm or deny soon.

        Tom.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          @TomHBP:

          -pFsense makes an awful WiFi access point. You should use a proper (even if cheap) router for your access point.

          You should use a proper access point as an access point. Many people use the LAN side of a wi-fi router as a cheap AP but it has its limitations (obtaining a LAN management address via DHCP being a typical one).

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            WAN: SFP WAN Interface for 1000BASE-BX Ethernet (integrated or recommendation for affordable PCI-E card)

            Is there no GPON installed by your ISP? If so they will put mostly a coper cable between the GPON and your
            apartment. Anyway, a cheap SFP media converter that will support the BX standard will be even cheaper
            as a SFP NIC and a SFP BX GBIC.
            Perle

            LAN: Gbit Copper Interface

            How many of them you need?
            From 4 Ports to 10 Ports all is available.

            Ability to handle 200Mbit/s in both directions over a AES encrypted OpenVPN tunnel (the router is the endpoint)

            How fast is your entire FTTH Internet connection?
            To handle 200 MBit/s you should get a strong CPU with AES-NI support likes the Intel Core i3 or i5 are
            offering. Take a modern 4 Core CPU @3,0GHz that will be sufficient enough for your wish.

            I want to use it as WiFi access point, too. Therefore I need a recommendation for a good WiFi PCI-E card (need 5GHZ support since 2.4 is full)

            Why the hell it must be a PCIe card? Could you not go by a miniPCIe card also or instead of this one?
            Compex WLE200NX a/b/g/n
            UBNT SR71-E a/b/g/n

            Enough PCI-E slots to fulfill the above constraints

            In a mini ITX case?

            Should be small enough (no midi tower :))

            But with many PCIe slots?

            Low Power consumption / passively cooled

            Go to the pfSense shop and get your hands on a SG-4860 or SG-8860 box that would be
            handle all your need! 3 miniPCIe Slots for modem, wifi and mSATA.

            My ISP uses 6RD. This is supported in pfSense, right?

            6RD support
            6rd support added

            -I found that almost unilaterally that a) Intel is the best NIC

            Mostly the best supported drivers you get in pfSense.

            and b) PCI/E NIC is cheaper than getting Intel NIC's onboard.

            I really don´t know what you want to tell about NICs, but if I can get many Intel based onboard NICs
            I don´t need any more other NICs to buy.

            Some Dell and HP PCI-E NICs can be had cheaply on ebay, and many are Intel based. Best to search for which work well - I went for the HP NC360T which reportedly works well, but I haven't had a chance to test mine yet.

            Mostly a mini ITX case is not coming with PCIe slot breakouts that will support those extra NICs.

            -pFsense makes an awful WiFi access point. You should use a proper (even if cheap) router for your access point.

            For dual MIMO or ac support this could be the best, but if you get an internally card really good working
            you can also go with an internal miniPCIe WiFi card. In pfSense it is likes the following, you get it working
            or not. This is what I was getting out of this forum and in real life.

            1 Reply Last reply Reply Quote 0
            • R
              rippz
              last edited by

              My whole FTTH connection is 200Mbit (synchronous). The fiber ends in my flat. No copper. The ISP provides some crappy plastic router with fiber input but I can't use that as converter because it can't be put to bridge mode and does not support prefix delegation. I have to replace it completely.

              As I see it external WiFi access point is the way to go. The thing is all these "Access Points" you can buy nowadays are actually routers with a WiFi interface (at least the non-enterprise hardware). The only thing I found that supports the AC standard is: http://www.broadbandbuyer.co.uk/products/19129-cisco-smb-wap371-e-k9/

              The SYS-E200-9B looks interesting. Thing is. I have a Intel Quad Port Low Profile PCI-E card here that I could use. So I actually don't need an onboard nic.

              Assuming I use this quad PCI-E and a external media converter and an external access point: Is there some other integrated solution with only one slot for PCI-E? Or is there no potential so save money when dropping the onboard nics for PCI-E slot?

              1 Reply Last reply Reply Quote 0
              • ?
                Guest
                last edited by

                Intel Celeron 1037U
                Would be the best option for you as I see it right.

                A media converter would be here in Germany to get for something around ~50 €
                and a TP-Link SFP mini GBIC that supports the BX standard might be able to get for
                something around ~30 € so all is done and you could go with all routers or firewalls
                you like.

                Edit:
                A MikroTik RB260GS could do this job from the media converter also good and cheap.
                Also a TP-Link TL-SG2210 will be able to do this job without any problems.

                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by

                  You can always use a blank VLAN on a managed switch to convert GBIC to copper. Or a media converter.

                  Might be easier and cheaper than SFP in the pfSense node.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • W
                    whosmatt
                    last edited by

                    @rippz:

                    As I see it external WiFi access point is the way to go. The thing is all these "Access Points" you can buy nowadays are actually routers with a WiFi interface (at least the non-enterprise hardware). The only thing I found that supports the AC standard is: http://www.broadbandbuyer.co.uk/products/19129-cisco-smb-wap371-e-k9/

                    Not sure if this is available where you are but some of the "range extenders" from SOHO hardware manufacturers can function strictly as access points as well.  The  D-Link DAP-1650 http://us.dlink.com/products/access-points-range-extenders-and-bridges/wireless-ac1200-dual-band-gigabit-range-extender/ comes to mind, and includes a switch as well.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.