Is the SG-3100 a good fit for my network?
-
Hi All,
I have been mostly a DIY pfSense guy, but am now planning to install pfSense on my corporate network. A little more about the network - there are about 20 daily laptop/desktop users, about 25 mobile devices that are endpoint devices. There are 3 servers in a DMZ and 4 hypervisor boxes. Data exchange between these devices and to the Internet is frequent and large in volume (albeit not as many connections).
I was hoping to receive your feedback on how viable it would be to implement the following configuration on the SG-3100.
WAN - to the ISP
LAN - to a wireless router that services local laptops and phones (I'm doing this because the router we are using is a very expensive one that we need to make the most out of)As for the hypervisors, I was planning to hook one of the sg-3100 interfaces up to a switch that connected all the hypervisors to the network. And the DMZ would have a similar set up as well
This left me with two questions -
1. Will this hypervisor set up work?
2. Are there enough NICs on the device for the hypervisor and DMZ network, or will this warrant a VLAN setup?I have some academic background in networking but not a lot of professional experience - so please pardon me if some of the above questions don't make a lot of sense. I would love some feedback on how I could plan this network.
Thank you!
-
I have a sg-3100 in one of our branch offices. Handles all the guest internet traffic - there are sometimes well over 20 devices using this connection, and at some point will route some other traffic over this connection.
The 3100 comes with 2 router interfaces and the 4 switch ports. The switch ports can be broken out to specific interfaces via vlan on the 3100, so you could have 6 total interfaces - keep in mind there is a 2.5gbps uplink from the switch ports to the soc.. Which could be a bit of a bottleneck depending on your use case, etc.
Does that help?
-
@johnpoz This definitely helps. Thank you.
Do netgate devices come with any features that would otherwise be non-configurable on a re-purposed pfSense box?
-
The factory image has some tweaks to have it run better on netgate hardware.. But no there is not loss of features.. And appliance will come with 1 year gold, and you will get access to couple of packages the CE doesn't get.. Some wizards and such..
-
Would the 3100 handle a gig connection, if I'm not using any of the switch ports on it? I'd really like to stop using a VM and move to a physical appliance, i just want to make sure i get the right one for me.
-Thanks
-
The factory image has some tweaks to have it run better on netgate hardware.. But no there is not loss of features.. And appliance will come with 1 year gold, and you will get access to couple of packages the CE doesn't get.. Some wizards and such..
I must not have a factory image on mine because I have never seen those options. I got my image from the support portal link. Not sure I’d use them, just saying.
-
There is no community version for the SG-3100, only Netgate "factory". If you reinstall the system you will probably have to reinstall those factory feature packahes using the package manager.
-
There is no community version for the SG-3100, only Netgate "factory". If you reinstall the system you will probably have to reinstall those factory feature packahes using the package manager.
Well, that makes it easy. I’ve reloaded it every other week I think since I’ve had it playing with snapshots and breaking things to learn. I just didn’t notice the option package. Thanks for the info.
-
… playing with snapshots ...
On an SG-3100?
There are no publicly available snapshots for ARM installations of pfSense.
https://www.pfsense.org/snapshots/ -
… playing with snapshots ...
On an SG-3100?
There are no publicly available snapshots for ARM installations of pfSense.
https://www.pfsense.org/snapshots/I didn't see your question earlier. I get snapshots because I am in fact on the factory releases. I was unaware of the extra packages for the menu shown early in the thread.
-
-
On ARM as well?
You learn something new every day… -
Yup :)
