pfSense box advice
-
@provels said in pfSense box advice:
there are quite a few Intel J-1900 variations available on EBay.
Don't use J-1900 based systems, they are old, don't support AES-NI (and you still want it, even though pfSense 2.5 will not require it) and they tend to have compatibility issues with newer FreeBSD versions.
-
@Grimson Does the SG-1100 support AES-NI. I looked and didn't see anything. Thanks.
This might be the hot ticket before they run out. MBT-4220, but only 2 ports.
Peder
MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic) -
@provels said in pfSense box advice:
@Grimson Does the SG-1100 support AES-NI. I looked and didn't see anything. Thanks.
This might be the hot ticket before they run out. MBT-4220, but only 2 ports.
re "but only 2 ports" buy a switch that supports VLANS :)
-
@provels said in pfSense box advice:
@Grimson Does the SG-1100 support AES-NI. I looked and didn't see anything. Thanks.
ARM doesn't have AES-NI, it has other crypto accelerators. Netgate is IIRC working on adding support for them.
-
Hi
Thanks for the replies.
I was looking at the SG-1100, but cant find a UK supplier with stock, I only need 2 LAN ports, 1 for WAN and 1 for LAN, LAN port goes into a switch, not managed as I don't really need VLANS.
There used to be a list of compatible routers that could be flashed with pfSense but cant seem to find that on the website now.
The MBT-4220 looks nice but not at the prices.
As I say my use of pfSense is really limited, so still not sure what it all can do, I just downloaded it and installed it onto my old laptop to force all my connections to go through VPN, even that isn't the best as it doesn't have a kill switch that I recently found out as when my VPN went down all clients went out through normal internet.
Cheers
DJ
-
Hey All
Any thoughts on this board?
https://www.mini-itx.com/~J3455N-D3H
Cheers
DJ
-
I'd be tempted not to use a celeron mother board.
If your looking at building your own tot up the total cost against a SG-3100 pre building one if you cant get a SG-1100.
I've dealt with Amica in the UK when I purchased my SG-4860 and they were great to deal with.
-
You might find my last post here useful https://forum.netgate.com/topic/140954/returning-user-needs-a-new-pfsense-box/16
-
Hi, thanks for the reply, had a look, the prices have gone up quite a bit since then, I cant get that board and CPU plus memory for that cheap, the board and CPU cost around £200.
-
Oh, just come across something, what about one of these with 2 USB network adaptors?
https://www.scan.co.uk/products/intel-compute-stick-quad-core-atom-x5-z8300-2gb-ram-32gb-emmc-micro-sdxc-slot-ac-wifiplusbt-hdmi-2x-
I use a USB network adaptor in my current configuration and works great.
-
If you want a serious pfSense box, skip USB adapters.
-
Hi
I wouldn't say my use is serious, its just getting used to route network in the home through VPN.
-
This is what I just bought to run at home: https://www.aliexpress.com/item/Minisys-4-Lan-pfsense-minipc-Intel-atom-E3845-quad-core-mini-itx-motherboard-linux-firewall-computer/3282568428.html?spm=a2g0s.13010208.99999999.260.30453c00MTfxbC
I have 3 subnets/networks at home. The main LAN, Google WIFI and VMWare LAB(VLAN off LAN). I am running PFSense with the AES-NI turned on for OpenVPN connected to NordVPN. I have also created Firewall Rules to allow my 2 Roku Boxes to bypass NordVPN as Amazon and Netflix seem to have problems with NordVPN.
The Google WIFI nodes have a static route on the LAN. I normally get 200Mbps/200Mbps from my ISP, with NordVPN on, it drops to about 160-180Mbps/100Mbps.
-
@1druid1 said in pfSense box advice:
I was looking at the SG-1100, but cant find a UK supplier with stock, I only need 2 LAN ports, 1 for WAN and 1 for LAN, LAN port goes into a switch, not managed as I don't really need VLANS.
Try searching for a german one with UK delivery, e.g. voleatech.de does currently have it on preorder (delivery is mid-april ... hopefully before brexit
)BTW since pfSense now supports ARM, it might be possible to be installed on a Raspberry PI (never dug into the topic, it's just an idea)
-
@rebi said in pfSense box advice:
BTW since pfSense now supports ARM, it might be possible to be installed on a Raspberry PI (never dug into the topic, it's just an idea)
No it isn't. The two devices with ARM have custom images. There is no "generic ARM" image for pfSense. Sorry. Besides, a RasPi is a really bad choice for routing.
