Questions before purchase of SG-3100
-
Have a few questions before ordering:
-
The standard model has 8GB of Flash but there is an optional 32GB SSD available. Under what conditions would I need the expanded memory? Any speed advantages with the 32GB SSD?
-
If I purchase the 8GB version, can I install my own SSD afterwards? If so, I assume there are straightforward utilities to format the SSD...are these in the GUI? Any need for an SSD larger than 32GB?
-
I doubt I would install many packages on the SG-1000...maybe pfBlocker, maybe Suricata. I plan to add an OpenVPN connection...what can I expect for throughput with OpenVPN?
Thanks!
-
-
@jeff3820 said in Questions before purchase of SG-3100:
Have a few questions before ordering:
-
The standard model has 8GB of Flash but there is an optional 32GB SSD available. Under what conditions would I need the expanded memory? Any speed advantages with the 32GB SSD?
The memory here is storage, not speed. You only need more if you intend to have a lot of logs. Personally I don't so only use about a gig total. -
If I purchase the 8GB version, can I install my own SSD afterwards? If so, I assume there are straightforward utilities to format the SSD...are these in the GUI? Any need for an SSD larger than 32GB?
You call install your own later. The config will be via console and you will reinstall pfSense on the SSD vs integrated flash. Once you learn how everything works it really is easy. I can reload mine in about 10 minutes. -
I doubt I would install many packages on the SG-1000...maybe pfBlocker, maybe Suricata. I plan to add an OpenVPN connection...what can I expect for throughput with OpenVPN?
It varies but its rated about 100Mbps. I see about 90ish using GCM which is plenty. I assume you are asking about being the server. If you are connecting to an OpenVPN tunnel your numbers will be higher. IPSec is about 300Mbps but I prefer OpenVPN when I can get it so I take the speed hit and for my use its plenty. I use pfBlocker, Nut, and OpenVPN client export and thats all.
Thanks!
-
-
Actually, OpenVPN would be a client connected to a service like PIA. Still about 100Mbps??
-
@jeff3820 said in Questions before purchase of SG-3100:
Actually, OpenVPN would be a client connected to a service like PIA. Still about 100Mbps??
As in a device on your network using PIA? I have seen up to 400Mbps here but that was WiFi, desktop would be limited by PIA more than router. I was talking being the server. I route through my firewall for ad blocking when mobile because I prefer pfBlocker to an installed app. As a client it does not change anything that I see. The 3100 has been fantastic for my home use and suspect it would be fine up to a medium business at least. -
I'm on my 2nd day of trying to get the SG-3100 to run suricata or snort in blocking mode with a vanilla block list config. They run fine in alert-only mode.
It's 2018 and the unit only has 2GB RAM and 2 cores.
Methinks it's DoA for the what the current pfSense releases need for horsepower.
-
@lohphat Unit specs are perfectly fine for pfSense and with IDS / IPS of your choice. We made sure of it. Your issues should not be related to it.
Please start a new topic in IDS/IPS section and provide logs, so we can take a look. Thanks.
Need help fast? Our support is available 24/7 https://www.netgate.com/support/
-
@ivor Wilco.
FYI Was finally able to get snort working on both i/f but suricata simply fell over every time I tried to enable blocking.
I'm about to leave for a multi-week trip so it may have to wait until I return.
-
@ivor Here's a start of a thread on the problem:
https://forum.netgate.com/topic/131716/still-seeing-suricata-stop-an-interface-due-to-pid-error
-
Glad you got Snort working!
-
@ivor Well, it's now up to 80% memory usage, blocking on WAN but alerting on LAN.
4GB would have been a trivial cost improvement over 2GB stock.
Also, sort fails to start after a reboot. I have to stop the LAN interface and manually start the WAN, let it stabilize, then manually restart the LAN scanning.
