AES-IN system for sub £100 that will support an OpenVPN 200mbps connection?
-
You can have it all, just buy a j3355b - they are like $55 from Newegg and will do exactly what you want.
For what you want you can even use the onboard NIC with VLANS on a smart switch, or buy a single NIC, or buy a solid dual NIC. all are not that expensive even if you buy new.
picoPSU 80 is cheap, m300 is cheap.
The problem is that people are recommending an i5 when only a Celeron is called for.
-
You can have it all, just buy a j3355b - they are like $55 from Newegg and will do exactly what you want.
For what you want you can even use the onboard NIC with VLANS on a smart switch, or buy a single NIC, or buy a solid dual NIC. all are not that expensive even if you buy new.
picoPSU 80 is cheap, m300 is cheap.
The problem is that people are recommending an i5 when only a Celeron is called for.
Maybe if you are in the US, but outside of the US, newegg is pointless.
Getting a few UK prices show j3355b systems cost about 130 GBP and that's only mainboard, RAM and PSU. -
https://www.amazon.co.uk/gp/aw/d/B01M9EXCYB/ref=mp_s_a_1_1?ie=UTF8&qid=1507218936&sr=8-1&pi=AC_SX236_SY340_FMwebp_QL65&keywords=j3355b&dpPl=1&dpID=51Q-%2BTonTML&ref=plSrch
62gbp for board.
At 130gbp including ram and PSU all you need is a nic and case for 70gbp. Can easily get away with a single how port nic for 200Mbps.
I personally don't agree with OPs ideas about purchasing computer components, but he can get what he wants in his price range.
-
If i really wanted to i could already use an old i7-4770K system to manage the 200mbps requirement. The problem is the heat it will generate. I've got a computer cupboard with a number of systems inside it and over the years the number of systems has steadily increased but the ventilation has remained the same and is not something i can change.
I don't want to spend loads on a new system when i have a perfectly good capable system sitting right next to it. I also don't want to 'waste' a still powerful and useful system on what is essentially a glorified router that can do OpenVPN. This is what is limiting my spending. I also feel like it shouldn't cost an arm and leg to get OpenVPN to run @200mps.
I do agree though that it's starting to look a little unlikely i can get what i want since after having looked at normal power supplies i fear that is where a lot of the heat will still come from.
The picoPSU does not inspire confidence when looking at it. Looks like it will start generating smoke a couple of days after I've installed it and I'm not willing to buy what i consider to be an unknown and risky power supply from a company I've never heard of before, especially when experimenting for the first time with something like I'm currently doing.
The hope was to, for example, buy an all in one solution for as close to £100 as possible from a place like Amazon and from a main stream brand i recognise like Asus for example. Failing that buy things like an asus all in one board, a low watt / low heat corsair power supply, cheap ram, a cheap micro-atx case and a dual network card and have pfsense run OpenVPN 24/7 on it while generating little heat and spending as close to £150 as possible.
The money and size of case wasn't the important part, the heat was, though if it got to £200+ I'd start to consider it no longer cost effective. The whole AES-NI thing is where i got my hopes up i guess. I thought maybe, finally, i could buy a cheap, low cost, low heat system that could encrypt OpenVPN @200mbps.
Having now gotten these replies and gone through the advice i can see that what i want and what's available are 2 different things. I'd like to buy a Qotom system but i see it as too much of an unknown risk which is of a similar catch 22. I don't know how good it is till i buy it but i won't buy it unless i know how good it is first, especially not when its shipped from abroad.
It's a shame Amazon don't have the more powerful AES-NI enabled Qotom's available from within the UK otherwise i'd give one a go.
Thanks to everyone for the help and advice though. It was all useful even if it was only to help me realise i can't do what i want within the limitations I've set myself.
-
The picoPSU does not inspire confidence when looking at it. Looks like it will start generating smoke a couple of days after I've installed it and I'm not willing to buy what i consider to be an unknown and risky power supply from a company I've never heard of before, especially when experimenting for the first time with something like I'm currently doing.
The picopsu is well known and the gold standard in this space.
-
It sure doesn't look it.
What I'm currently thinking of doing now is running Vmware on the 4770k and combining 3 or 4 of the systems i currently have heating up the cupboard, including the current Pfsense system. This way i won't feel like I'm wasting it doing just 1 one thing while also reducing the amount of heat in the cupboard.
Maybe when i'm willing to spend the money more or Amazon stocks something i consider a bit more viable i'll revisit this. I would prefer to use a separate system for my VPN connection in the end.
-
I'd say: just get a Qotom box, pay with PayPal, and be done with it. But you seem to be stuck in a circle where you won't buy anything you don't already know, but you would have to buy it to know it ;-)
-
Ehhh, you've used a Pico PSU before you just didn't know it.
What do you think powers laptops, etc?
AC to DC is in the external brick, the internal is just DC to DC.
I'm not sure what you need to Inspire confidence? A covering plate?It sounds like you're just making up a bunch of artificial restriction.
What you're trying to do is neither new or difficult. You've been told exactly what you need to accomplish what you want to do.
You can try to reinvent the wheel if you want, you're probably not going to come up with anything better. You'll probably come up with something much worse. -
It sure doesn't look it.
Well, then you're probably better served doing research on small form factor systems than agonizing here.
-
Here something about CPUs performance
https://forum.pfsense.org/index.php?topic=115673.0
I own a Celeron N3150 and I can assure you that it can not exceed 130Mbps acting as OpenVPN client.
-
The problem with buying a cheap old computer like you suggested is that they tend to be standard size computers with fans and heat, lots and lots of heat.
But for less then £100 you might be hoping eventually to much from that budget? And it is not only targeted to
one or two things here, but more then targeted to exactly these or that point most be reached.- sub £100
- OpenVPN ~200 MBit/s
- Low noise, low power using
This might be able to get by saving some more coins and go then away with a right matching Qotom box with an
Intel i3, i5 or i7 CPU, 4 GB till 8 GB of RAM and a small SSD or mSATA around 32 GB till 120 GB likes you need it.I'm looking for something smaller, compact and more importantly as headless as possible which is why i was looking at the board I'd linked above.
The WiFi is mostly not able to use at this boards and often (not even) there will be perhaps BIOS problems with this
kind of boards. So go with a small Qotom and all will be fine here as I see it right or other were mentioned it earlier
as me. All other options that will be hitting that points will be more expensive as this variant and even using more
electric power too.Devices like a Qotom are really off-putting to me. I can't give a real reason for it, they just aren't a solution i like. Also, looking up the only 1 i could find to buy on Amazon it's got a J1800 processor in it which according to Intel's ARK isn't AES-NI enabled. Nor is the J1900.
Again, it is based on your needs, wished and goals that must be or should be reached exactly, and not by the available
hardware on the market. Only by your thinking and willing to set it up as you need and want it.Are you saying a Qotom-Q180N would work in regards to a 200mbps OpenVPN connection? Doesn't seem like it would to me.
Around ~300 MBit/s will be the best mark with silent hardware that is not, I repeat it, which is not so strong and
power hungry.This is why i'm really interested to know how effective AES-NI is. The impression i get is that it can supposedly turn a low powered CPU into an encryption powerhouse.
If we talk here about IPSec you will be really near to the realism with that comment, a small SG-4860 is able to
push ~470 MBit/s over IPSec VPN and on top of this counting the TCP/IP overhead will be nearly ~500 MBit/s
real throughput then!!!! That is impressive for that small kind of pfSense box.I'm really not keen on buying second hand.
You want to get or reach nearly real ~200 MBit/s over OpenVPN and that is the fact here in that game play
nothing else. And on top of this, it might be power saving, silent and must be under £100 too! Please don´t forget
that you were setting the levels and not we are doing so, did we?I'm looking for new and easily returnable if it doesn't work out. I don't like eBay for anything really. Auctioned items have far less protection and returnabilty then store brought items. Looking at images of a dell core i5 it also still seems like it would generate a lot of heat?
Axiomtek has very powerful hardware for pfSense but nothing in your budget region or level.
Supermicro has very stable and powerful hardware but again not in your budget level.
Qotom has also very powerful and silent hardware and nearly to your budget or better not so far away from it.This is what is limiting my spending. I also feel like it shouldn't cost an arm and leg to get OpenVPN to run @200mps.
Once again to get the best mark such as ~300 MBit/s total OpenVPN throughput, with sielnt and not so power
hungry hardware will exactly meeting the Qotom Intel i3 or i5 level.I'd say: just get a Qotom box, pay with PayPal, and be done with it. But you seem to be stuck in a circle where you won't buy anything you don't already know, but you would have to buy it to know it ;-)
Me too, but I will also consider to save more money and get then a more powerful Qotom box that is able to
handle all things at the best.Alternately you may be also happy with a refurbished small and silent Intel E3-12xxv3 server, but using
more electric power and not soooo silent as you may whish it perhaps. -
@BlueKobold:
Once again to get the best mark such as ~300 MBit/s total OpenVPN throughput, with sielnt and not so power
hungry hardware will exactly meeting the Qotom Intel i3 or i5 level.Qotom isn't going to hit the price target, and it's frankly not great hardware in the first place. Yeah, it's an i5, but it's a U-series i5 that's a couple of generations old. I'd rather have a J3355 for a small fanless box. The only reason to buy the qotom is if you don't want to deal with parts, but the OP started out talking about parts so that doesn't seem to be the case.
-
I'd rather have a J3355 for a small fanless box.
Is there a J3355 board with Intel NICs? I've had enough bad experience with Realtek NICs to not want to deal with them, even if they have fixed their earlier issues :p
I'd love to find a site with motherboards where you can search for things like LAN chipsets, number of LAN ports, etc. PCpartpicker.com is more aimed at enthusiasts - they do have some boards listed there that have multiple NICs but most of them are really old and not really what those of us looking to build low power firewalls are interested in.
That's why I keep combing the forums here looking for what others are using/recommending/looking at too - but talk about time consuming!
-
I'd rather have a J3355 for a small fanless box.
Is there a J3355 board with Intel NICs? I've had enough bad experience with Realtek NICs to not want to deal with them, even if they have fixed their earlier issues :p
I'd love to find a site with motherboards where you can search for things like LAN chipsets, number of LAN ports, etc. PCpartpicker.com is more aimed at enthusiasts - they do have some boards listed there that have multiple NICs but most of them are really old and not really what those of us looking to build low power firewalls are interested in.
That's why I keep combing the forums here looking for what others are using/recommending/looking at too - but talk about time consuming!
You can add a dual port nic and still come out ahead
-
Minibox M300 is small, and takes a PCIe card provided you use a riser. http://www.mini-box.com/Mini-Box-M300
J3355B has an x16 slot and dual gigabit NICs will all be x4 slots.
I think minibox sells a riser for the M300 for like $3.
-
@johnkeates:
Don't bother trying to use Amazon for the Qotom, get them directly from AliExpress. Warranty is the same and delivery is maybe one or two days difference.
I used one of these and they are great.
https://www.aliexpress.com/item/New-Braswell-mini-pc-M150S-with-2G-ram-8G-SSD-celeron-N3150-Dual-H-D-M/32533935685.html
-
I realised about two months ago that it will be impossible to get any new box under ~£200 for getting such OpenVPN performance, not in 2017.
Still, the original question is very close to my own search, the difference is that I am willing to buy from China, especially from AliExpress where you get protection.
Maybe someone can help me decide which box should be better, my question was https://forum.pfsense.org/index.php?topic=137651.0 but if you can point to other one i would not mind.
PS. Also my performance requirements are even lower, I only really need 80mbps OpenVPN as that's my VDSL limit so far. Obviously that I would not mind being able to scale up later it it does not double the cost.
-
If 80 Mbps is all you need and you're willing to build something yourself the J3355B is the way to go I think. Most relatively cheap and power efficiënt builds for your speed requirements include the j3355B, a micro psu and an Intel Nic from ebay.
-
Our US$3K (5 year old) main router took a shot during a recent power outage and until we get a replacement we decided to temporarily use a Zotac ZBOX-CI327NANO-U Intel Celeron N3450 dual LAN box.
It has some unsupported hardware (SD socket), for which we found a solution. But otherwise it is an outstanding machine.
With 4GB of RAM and a 60GB SSD it comes for roughly $175, which puts it in your budget.
The hardware build of this little box is far superior to many products out there. I wouldn't want to put down any products that are hyped on these forums (or elsewhere) but since you seem to be interested in doing your homework diligently I suggest that you take a close look at this little box.
Not sure if blue chip still means much in this day and age as it did 20 years ago, but CI327 is definitely a blue chip product.
It will certainly drive your 200 mbps line, ours runs off a 300/300 without a hiccup. It hardly feels warm as it only burns a few watts. Absolutely perfect for home or SOHO use. If you need more ethernet ports simply put a small VLAN enabled switch on one of the ports. -
J3355B w/ Intel NICs > N3450 w/ Realtek NICs
That zotac box is at a good price point for low bandwidthd out non OpenVPN serious though!