I5 5250U 4 LAN Home computer Q355G4 install question
-
I thought I could set up my new pfsense with a seperate ethernet port for each device mentioned above.
Yes, you can do that, and you can choose to either
a) bridge the 3 pfSense ethernet ports to make a single LAN, or
b) create 3 separate interfaces, each with a different subnet, and each will happen to have just a single device in it.If you choose (a), you are saying that you are happy with all the devices in a single broadcast domain/subnet. In that case, I would keep the switch, plug the switch into a single pfSense ethernet port, and plug the devices into the switch - I would not do bridging.
If you choose (b) then each device is firewalled-off from the other devices. You need to add rules to allow the devices to talk to each other as desired. Software that does "automated discovery" of devices in a broadcast domain/subnet is not going to work (and so it depends if you care about that or not)
These things are design choices that depend on connectivity requirements, performance requirements, and the level of technical detail of setup that you want to manage.
Most home people will do something like:
- attach all home devices to a switch
- attach the switch to pfSense LAN
- (maybe) add another access point for guests and attach that to a different pfSense interface/subnet, and give it different firewall rules so that their guests cannot hack into the home devices, or so the guests get limited bandwidth or…
-
I will do (a). So much simpler and all my devices will be protected.
-
Bought the same unit! 8) If you have the opportunity I was wondering if you could check what your idle tempature is and let me know? I believe I'm running a bit hot.
-
@PingTheNet:
Bought the same unit! 8) If you have the opportunity I was wondering if you could check what your idle tempature is and let me know? I believe I'm running a bit hot.
According to pfsense, core temp is 27.8 Celcius.
My one runs warm but not hot.
-
@PingTheNet:
Bought the same unit! 8) If you have the opportunity I was wondering if you could check what your idle tempature is and let me know? I believe I'm running a bit hot.
Here are my pfsense temps.
 -
@PingTheNet:
Bought the same unit! 8) If you have the opportunity I was wondering if you could check what your idle temperature is and let me know? I believe I'm running a bit hot.
According to pfsense, core temp is 27.8 Celcius.
My one runs warm but not hot.
Ok, that what I have now. When I ran it for the first hour. My Bios said it was 91 C but then it cooled down a lot after that. My guess the thermal paste needed to warm up to create a good seal.
-
Your passive heat sink, is it warm or hot to your fingertips?
-
I also bought the same box from Qotom. It arrived today, pre-configured with 8 GB (Kingston branded) and 120 GB m.2 SSD (Phison branded).
Tried to install pfSense 2.3.3. I only have a TV that supports HDMI, so I could not see the whole text, especially at the bottom where is asks you to configure the various steps. So obviously I could not configure to my liking.
Just wanted to ask: is there a specific order for the 4 LAN ports to attach the WAN cable and the LAN? I used LAN1 for WAN and LAN2 for LAN (I attached a Netgear R7000 with stock firmware acting as Access Point and had IP 192.168.1.2). I could not get to the GUI of pfSense at 192.168.1.1 (neither with http or https).
So I guess I will need to buy a monitor with HDMI port to be able to configure pfSense.
Any help, or ideas, is appreciated.
Thanks -
I used a VGA to HDMI adapter that can be picked up for a few £/$ which was connected to my really old 15" LG flat panel monitor. See if you can find these and it will work out cheaper than buying a new HDMI monitor.
https://www.amazon.co.uk/TechRise-High-Speed-adapter-Converter-Charging/dp/B01E8DD6J6/ref=sr_1_3?ie=UTF8&qid=1491644265&sr=8-3&keywords=vga+to+hdmi+converter
There is a specific order to assign a LAN or WAN port on this mini PC. Setup asks for the WAN, then LAN.
-
Thanks, didn't know about these converters, will save me some money. With regards to LAN ports, can you please tell me which number did you assign to Windows? I assume it should be 1, or maybe it doesn't matter. I'm on Virgin Media 200/10 and would use only 2 of the LAN ports, 1 for Windows and 2 for LAN, which will go to my R7000 LAN 1.
-
I also bought the same box from Qotom. It arrived today, pre-configured with 8 GB (Kingston branded) and 120 GB m.2 SSD (Phison branded).
Tried to install pfSense 2.3.3. I only have a TV that supports HDMI, so I could not see the whole text, especially at the bottom where is asks you to configure the various steps. So obviously I could not configure to my liking.
Just wanted to ask: is there a specific order for the 4 LAN ports to attach the WAN cable and the LAN? I used LAN1 for WAN and LAN2 for LAN (I attached a Netgear R7000 with stock firmware acting as Access Point and had IP 192.168.1.2). I could not get to the GUI of pfSense at 192.168.1.1 (neither with http or https).
So I guess I will need to buy a monitor with HDMI port to be able to configure pfSense.
Any help, or ideas, is appreciated.
ThanksMine were out of order too and I had to swich them using Option 2 on th PfSence unit. Used the MAC to figure out the order. Mine was ordered 1, 4, 2, 3.
-
Hi,
Just curious what kind of installation you are doing… on USB keys or on the SSD?
I was reading this and like the idea of using ZFS:
https://forum.pfsense.org/index.php?topic=126597.0
...but on the other hand using the SSD seems like it would be fastest.Thanks.
-
I used this as a guide to install https://doc.pfsense.org/index.php/Installing_pfSense
To write images: https://doc.pfsense.org/index.php/Writing_Disk_Images - Image Writer for Windows / Win32 Disk Imager is much easier to SSD.
I just plugged in my wan when setup asked to plug in my wan cable and same for lan. -
Thanks, that guide is useful although I plan to install 2.4 straight away. From what I read 2.4 uses a different install type:
https://doc.pfsense.org/index.php/2.4_New_Features_and_Changes#Operating_System_.2F_Architecture_changes
I'm just planning ahead to see what will be the best combination of media on which to install on in terms of SSD (and if size?) or USB keys (if so 1 or 2 keys and what size?). I'll ask a question on the 2.4.0 ZFS How To thread.
-
Thanks, that guide is useful although I plan to install 2.4 straight away. From what I read 2.4 uses a different install type:
https://doc.pfsense.org/index.php/2.4_New_Features_and_Changes#Operating_System_.2F_Architecture_changes
I'm just planning ahead to see what will be the best combination of media on which to install on in terms of SSD (and if size?) or USB keys (if so 1 or 2 keys and what size?). I'll ask a question on the 2.4.0 ZFS How To thread.
Use a SSD, I had a spare 120GB Kingston hyperx that I was planning to use for a different project.
To install, any drive, I used a 4GB sandisk usb 2.0 that I bought many years ago. -
@PingTheNet:
Mine were out of order too and I had to swich them using Option 2 on th PfSence unit. Used the MAC to figure out the order. Mine was ordered 1, 4, 2, 3.
Mine were also out of order. igb0 is 1 and igb1 is 4.
What is this "Option 2" method you speak of for changing them?
-
@PingTheNet:
Mine were out of order too and I had to swich them using Option 2 on th PfSence unit. Used the MAC to figure out the order. Mine was ordered 1, 4, 2, 3.
Mine were also out of order. igb0 is 1 and igb1 is 4.
What is this "Option 2" method you speak of for changing them?
Same here for NICs, exactly same order.
-
Ordered: QOTOM Q355G4 I5 5250U 8GB RAM 120GB SSD
Delivery: 15-28 daysI will report after I receive it and install pfSense on the box. I plan to install OpenVPN client and compare the bandwidth against my laptop.
reference:
https://www.aliexpress.com/store/product/QOTOM-Q355G4-2017-New-fanless-X86-4-LAN-Micro-Computer-I5-5250U-Dual-core-onboard-1080P/108231_32800711474.html
-
Update: Received hardware Q355G4, exactly as described by other users
Please keep in mind to install AMD64 pfsense packages.
If you install i386 package, the package installation will work but you will encounter CAS Latency timeouts when formatting SSD and reboot loops.
-
I am back, as promised, I am sharing my results & experience with qotom G355Q4 !
Long story short, box is great, fanless and perhaps a bit too powerful for home usage! 8)
Hardware: qotom Q355G4 with SSD
BIOS: hyper-threading disabled/
pfsense advanced: powerd enabled, AES-NI Enabled, Thermal = Intel Core
pfsense system tunable: sysctl dev.cpu.[0|1].cx_lowest=C3
Client: Gigabit connectivity
Packages: avahi installed
ISP Speed: 100 Mbs
VPN Provider: StrongVPN (AES 256 bit, MDS 128bit Auth, Adaptive compression)
Room Temperature: 24 Celsiusidle power consumption
powerd enabled, minimum, 10-11 watts, 52-53 Celsius, casing 44 Celsius
powerd enabled, adaptive, 10-11 watts, 52-53 Celsius, casing 44 Celsius
powerd enabled, maximum, 11-12 watts,54-57 Celsius, casing 45 Celsius
powerd disabled, 11-12 watts, 55-57 Celsius, casing 45 CelsiusConclusion: When idle the box seems to always need 10-12 watts regardless of the power mode. Is there better hardware out there that requires less wattage, support AES-NI, descent clock speed (Since OpenVPN is Single Core) and can provide 100Mbs output ? If you find one, share it with everyone in the forum !
Bandwidth test with ISP (no encryption) using Bandwidth Website
110 Mbs with powerd minimum, cpu <10%, 10-11 watts
110 Mbs with powerd adaptive, cpu <10 %, 11 watts,
110 Mbs with powerd maximum, cpu <10%, 11-15 watts peak
110 Mbs with powerd disabled, cpu <10%, 11-16 watts peakConclusion: My ISP seems to provide me with 100 Mbs download speed
Bandwidth test using ISP downloading 5-6 HUGE FILES simultaneously for a good period of time :)
110 Mbs with powerd minimum, cpu 20 %, 11 watts, CPU 52 Celsius, Router casing 44 Celsius
110 Mbs with powerd adaptive, cpu 20 %, 11 watts, CPU 52 Celsius, Router casing 44 Celsius
110 Mbs with powerd maximum, cpu 20%, 14 watts (weird), CPU 52 Celsius, Router casing 44 Celsius
110 Mbs with powerd disabled, cpu 20%, 11 watts, CPU 52 Celsius, Router casing 44 CelsiusConclusion: I can download 5-6 Huge files @ 110 Mbs regardless of the power saving mode because there is no encryption.
Bandwidth test using Internet through OpenVPN (encryption) using Bandwidth Website (tested a few times)
60 Mbs with powerd minimum, cpu <10 %, 10-11 watts,
110 Mbs with powerd adaptive, cpu <10 %, 11 watts,
110 Mbs with powerd maximum, cpu <10%, 11-15 watts peak
110 Mbs with powerd disabled, cpu <10%, 11-16 watts peakConclusion: powerd minimum doesn't seem to work well with OpenVPN….
Bandwidth test using Internet through OpenVPN (encryption) downloading 5-6 HUGE FILES simultaneously for a good period of time :)
50 Mbs with powerd minimum, cpu 25 %, 11 watts, CPU 52 Celsius, Router casing 44 Celsius
100 Mbs with powerd adaptive, cpu 35 %, 11-12 watts, CPU 54 Celsius, Router casing 45 Celsius
100 Mbs with powerd maximum, cpu 12%, 15 watts, CPU 63 Celsius, Router casing 46 Celsius
100 Mbs with powerd disabled, cpu 15%, 15.4 watts, CPU 64 Celsius, Router casing 47 CelsiusOverall Conclusion:Bandwidth is slightly affected by encryption (assuming good hardware & vpn provider). If you want to save energy & generate a bit less heat, you can perhaps consider using powerd adaptive mode. Perhaps the next generation of energy efficient Celeron might be a better choice for home if you don't plan to use pfsense packages that are CPU intensive.
Geek Test (powerd -a min -m 600 -M 600 forced it via Shell command)
60 Mbs with powerd enable, min freq 600, max freq 600, cpu 30-40%, 11-12 watts, CPU 52 Celsius, Router casing 44 Celsius
