Pfsense hardware for home
-
Qotom Q190G4
http://www.aliexpress.com/item/Mini-pc-X86-4-Lan-Qotom-Q190G4-with-celeron-J1900-quad-core-2-usb-VGA-firewall/32598483952.html
-
-
Hello,
I would like a firewall for private use (–> small network).
- 1 Gbit firewall throughput
- 100 Mbit VPN throughput
- low power consumption
- optimally: >= 3 network ports
- price max: 300 - 400 Euro
Does anyone have any recommendations? :)
try to take a look here, maybe it helps ;)
https://forum.pfsense.org/index.php?topic=115673.0 -
thank you very much for answers.
I'm found https://geizhals.de/gigabyte-brix-gb-bsi3hal-6100-a1426577.html
Does this have enough power? -
thank you very much for answers.
I'm found https://geizhals.de/gigabyte-brix-gb-bsi3hal-6100-a1426577.html
Does this have enough power?needs dual nics, and this one does n ot have same. you dont need an i3, a celeron n3150 is sufficient.
look up the zoltac ci323 for an all in one
or for matx, gigabyte GA-N3150N-D3V
-
-
https://www.amazon.de/GIGABYTE-N3150N-D3V-Intel-DDR3-16GB/dp/B01ALSQA2W
add 8gb+ and a 120gb ssd, and done
3+nics is better, but 2 is sufficient as it is all that is required for a single internet setup.
-
Have a look at the SG-2440 or, if that's too expensive, an SG-2220 together with a managed switch.
Unfortunately, this is too expensive for me as student.
needs dual nics, and this one does n ot have same. you dont need an i3, a celeron n3150 is sufficient.
look up the zoltac ci323 for an all in one
is the zoltac ci323 really a good decision? https://forum.pfsense.org/index.php?topic=103841.msg618595#msg618595
The Gigabyte is a desktop PC with only one (1) NIC. Where are the other two you demanded?
Gigabyte Brix has two NIC (onboard and addtional card).
I changed my opinion from three to two network ports, because of the costs.https://www.amazon.de/GIGABYTE-N3150N-D3V-Intel-DDR3-16GB/dp/B01ALSQA2W
I would not like to build a complete system, but only adding ram and hdd would be okay.
-
https://www.amazon.de/GIGABYTE-N3150N-D3V-Intel-DDR3-16GB/dp/B01ALSQA2W
I would not like to build a complete system, but only adding ram and hdd would be okay.
I bought this one:
http://www.aliexpress.com/store/product/Free-shipping-Mini-PC-Intel-Pentium-J1900-Quad-Core-2-41GHz-Fanless-Micro-PC-4G-RAM/1383581_32354251046.htmlAt home I have a fiber connection 100/100
I'm really satisfied, it's capable to run snort, pfBlocker and the OpenVpn client smooth as silk. -
At home I have a fiber connection 100/100
Remember what OP has:
@user09:- 1 Gbit firewall throughput
- 100 Mbit VPN throughput
That's 10x your speed (or your speed on VPN alone). This isn't trivial to do with off the shelf hardware.
Unless OP adapts his wishes to monetary resources this is not going to work reliably. -
does pfsense need so much power (cpu & ram) or why are the costs so high?
if i compare it with other routers (for example the LANCOM 1781EF+ router)
(https://www.lancom-systems.de/en/products/network-connectivity/routers-vpn-gateways/lancom-1781ef-plus/overview/):- costs: 470 Euro
- Firewall: 930 MBit/s
- VPN: 330 Mbit/s
-
At home I have a fiber connection 100/100
Remember what OP has:
@user09:- 1 Gbit firewall throughput
- 100 Mbit VPN throughput
That's 10x your speed (or your speed on VPN alone). This isn't trivial to do with off the shelf hardware.
Unless OP adapts his wishes to monetary resources this is not going to work reliably.I had read it, and the device fits almost perfectly to his requirements with the exception of three network ports.
Another user has confirmed:
https://forum.pfsense.org/index.php?topic=114945.msg639418#msg639418 ( Reply #7) -
does pfsense need so much power (cpu & ram) or why are the costs so high?
That's regular i386/x64 hardware you're looking at. It is not a purpose built ASIC, FPGA or such that does the work.
https://forum.pfsense.org/index.php?topic=86732.0
https://forum.pfsense.org/index.php?topic=113862.msg634832#msg634832 -
does pfsense need so much power (cpu & ram) or why are the costs so high?
if i compare it with other routers (for example the LANCOM 1781EF+ router)
(https://www.lancom-systems.de/en/products/network-connectivity/routers-vpn-gateways/lancom-1781ef-plus/overview/):- costs: 470 Euro
- Firewall: 930 MBit/s
- VPN: 330 Mbit/s
Don't take manaufacturer's performance claims at face value.
They quote performance specs under ideal test conditons which you will never see.
What was the packet size in their test?
Can it do 330 vpn and 930 overall at the same time?
Did they have any rules running?
Can it do full logging at 930?
If you are looking for a one trick pony that will just move packets quickly, it will probably do half what they claim.
If you also want sophisticated UTM type features, well - it's just not going to do that.
At your price point, you'll have to choose one or the other.
If you can tolerate high noise, pick up a short depth 2u server from ebay.
http://www.ebay.com/itm/Rackable-Tyan-2U-Low-Noise-Home-VMWare-Server-2x-E5620-Quad-Core-48GB-8x-2-5-/131891130624?hash=item1eb552f100:g:H-MAAOSwx-9WxSXE
-
What was the packet size in their test?
I found in https://www.lancom.de/fileadmin/download/documentation/Techpaper/TP-Routing-Performance-9.10-EN.pdf some tables (tcp and udp) with paket size, but I don't know which is a normal paket size.
http://www.ebay.com/itm/Rackable-Tyan-2U-Low-Noise-Home-VMWare-Server-2x-E5620-Quad-Core-48GB-8x-2-5-/131891130624?hash=item1eb552f100:g:H-MAAOSwx-9WxSXE
Unfortunately, this is no option, because of the power usage.
-
so I decided… for me pfSense is a really great firewall :)
back to hardware:thank you very much for answers.
I'm found https://geizhals.de/gigabyte-brix-gb-bsi3hal-6100-a1426577.html
Does this have enough power?needs dual nics, and this one does n ot have same.
it is a Intel I219-LM and a Intel I210-AT.
why is that a problem?The advantage of the Gigabyte Brix is that I don't have to assembly of parts (only ram and ssd).
https://www.amazon.de/GIGABYTE-N3150N-D3V-Intel-DDR3-16GB/dp/B01ALSQA2W
or is this the best option for me? are there problems with this mainboard and pfSense? (https://forum.pfsense.org/index.php?topic=115567.0 ??)
Are the Realtek Lans a disadvantages? -
Are the Realtek Lans a disadvantages?
For a 1Gbps WAN connection, probably. For that reason alone I would not consider a solution with Realtek NICs. If you can stomach a mini ITX system with at least a PCIe x4 slot your options become wide open since you can add a cheap (used) server class dual or quad Intel NIC. Otherwise you'll have to search for a board with integrated Intel NICs. And Intel is not the only option in server class NIC hardware, just the most common. I've had good luck with Broadcom as well but you're not likely to find those in a small form factor board.
-
my build below only ran me about 400 dollars and it runs extremely smooth on my internet with snort, pfBlocker and OpenVPN for my 150/150 mbit connection.
pfSense i7-4510U + 2x Intel 82574 + 2x Intel i350 (miniPCIE) Mini-ITX Build
https://forum.pfsense.org/index.php?topic=113610.0 -
would this a good configuration for pfsense?
- Case: SC101i (Supermicro)
- Intel
Pentium Processor N3700 - X11SBA-LN4F Supermicro
- 8 GB S0-DDR3
- Kingston SV300S37A/60G SSDNow V300 interne SSD-Festplatte 60GB
-
would this a good configuration for pfsense?
- Case: SC101i (Supermicro)
- Intel Pentium Processor N3700
- X11SBA-LN4F Supermicro
- 8 GB S0-DDR3
- Kingston SV300S37A/60G SSDNow V300 interne SSD-Festplatte 60GB
You will be able to push gigabit speeds with this setup, but you wont be able to get 100mbits over OpenVPN (most likely).
