Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Great pfsense start

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    22 Posts 5 Posters 2.8k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S Offline
      stephenw10 Netgate Administrator
      last edited by

      Yup, anything Intel based will likely work fine.

      The prevalence of fake Intel cards available new makes rebranded Dell, HP, IBM cards available used quite attractive.
      There are a number of threads here and elsewhere detailing what cards have what chipset.

      Steve

      1 Reply Last reply Reply Quote 1
      • provelsP Offline
        provels
        last edited by provels

        I use a quad port IBM-branded Intel i340-T4, about $20 on Ebay. I found this link to be very helpful.
        https://forums.servethehome.com/index.php?threads/list-of-nics-and-their-equivalent-oem-parts.20974/
        Some other threads there on identifying fake cards, too. Seems many of the Intel-branded cards are gray market or fake, and it may be easier to find an OEM variation to be genuine. Good luck.

        Peder

        MAIN - pfSense+ 25.07.1-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
        BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

        1 Reply Last reply Reply Quote 0
        • kappclarkK Offline
          kappclark
          last edited by

          @provels said in Great pfsense start:

          IBM-branded Intel i340-T4

          Thanks for the suggestions ...

          So, something like this on ebay ?

          provelsP 1 Reply Last reply Reply Quote 0
          • provelsP Offline
            provels @kappclark
            last edited by provels

            @kappclark That's a Broadcom chip and a bit of searching seems to show it doesn't work well with FreeBSD. I'd go Intel, like this, and you can get 4 ports for not much more than 2:

            https://www.ebay.com/itm/IBM-49Y4242-Quad-Port-Ethernet-Gigabit-PCI-E-High-Profile-Network-Adapter/233466919584

            https://www.ebay.com/itm/HP-NC365T-593720-001-4-Port-PCIe-1-Gbps-Ethernet-Adapter/324059575792

            Use the Ebay links in the previously ref'd article. Also, some sellers include both the normal and low profile brackets if you need that.

            Peder

            MAIN - pfSense+ 25.07.1-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
            BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

            1 Reply Last reply Reply Quote 0
            • kappclarkK Offline
              kappclark
              last edited by

              Thanks ! -- just ordered it -- and free shipping !

              I am assuming the card is plug and play ?? Should I re-install pfSense (hope not to do this ..)

              Regards

              provelsP 1 Reply Last reply Reply Quote 0
              • provelsP Offline
                provels @kappclark
                last edited by

                @kappclark pfSense will recognize the new card fine, you'll just need to reassign the interfaces. No biggie.

                Peder

                MAIN - pfSense+ 25.07.1-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
                BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

                1 Reply Last reply Reply Quote 0
                • kappclarkK Offline
                  kappclark
                  last edited by

                  Thank you - will followup with forum when card gets installed...

                  kappclarkK 1 Reply Last reply Reply Quote 0
                  • kappclarkK Offline
                    kappclark @kappclark
                    last edited by

                    @kappclark said in Great pfsense start:

                    Thank you - will followup with forum when card gets installed...


                    Got 4 port card in yesterday -- installed into ITX box. All 4 ports came up, and also the built-in ethernet port on MB.

                    Configured igb0 as WAN and igb1 as LAN ... set interfaces IP and set to auto for speed and duplex. rebooted, and all good ...

                    Now that I have additional interfaces, how hard would it be to hookup a second wireless access point as a 'guest' network for items like Alexa, firestick, vistors' tablets etc ?? I have an extra router, can be set to bridge mode/AP only mode...can PFSENSE create a second scope for the wireless interface (say interface igb2 ?), allowing it to only goto Internet and stay off the LAN ?

                    THX again

                    1 Reply Last reply Reply Quote 0
                    • NogBadTheBadN Offline
                      NogBadTheBad
                      last edited by NogBadTheBad

                      @kappclark said in Great pfsense start:

                      It is a AMD Athlon based box w/4GB ram and 120G ssd ... colossal improvement over the 5 year old Linksys E1200 wireless router, which I always seemed to be rebooting ..I am using a USB ethernet nic for the LAN side, and seems to work fine, but woud like to get a dual-port nic.
                      Can anyone recomment a good one ? I think Intel makes good ones...
                      Bill Clark, Windham, VT

                      IMO you'd be better off buying an access-point and a switch that supports vlans, I use a Ubiquity UniFi AP-AC-Pro.

                      That way you'd have all your wireless networks on a single AP, its a recipe for problems having multiple access-points providing different networks especially at 2.4Ghz.

                      https://forum.netgate.com/topic/132431/simple-vlan-for-pfsense-unifi-ap-ac-lr

                      You could use your old router just for a guest network by switching off dhcp on the thing and connecting it to your guest LAN port on pfSense.

                      kappclarkK 1 Reply Last reply Reply Quote 0
                      • kappclarkK Offline
                        kappclark @NogBadTheBad
                        last edited by

                        @NogBadTheBad
                        Yes - just did that and works fine --- can the new 'guest' network be configured so that it lives on a different subnet from the home network ? Perhaps some kind of dhcp relay ?

                        Thx for reply ...

                        NogBadTheBadN 1 Reply Last reply Reply Quote 0
                        • NogBadTheBadN Offline
                          NogBadTheBad @kappclark
                          last edited by

                          @kappclark

                          If you are using 192.168.1.0/24 on your LAN interface configure an unused pfSense interface as 192.168.2.0/24.

                          Set up the DHCP scope on the new interface.

                          Create a new alias to include all your IP subnets and pop firewall rules on the guest interface like this:-

                          Screenshot 2020-02-11 at 15.42.40.png

                          Configure the old wifi router to have an IP address in the 192.168.2.0/24 range and connect the old wifi routers LAN port to pfSense.

                          No need for dhcp relay.

                          1 Reply Last reply Reply Quote 0
                          • kappclarkK Offline
                            kappclark
                            last edited by

                            Thanks so much -- I have already started on this and will let you know how it goes ..

                            your reply is very helpful

                            1 Reply Last reply Reply Quote 0
                            • kappclarkK Offline
                              kappclark
                              last edited by

                              SO - the router was reset as an AP - now has static address 192.168.2.254 - changed the password and SSID

                              I can connect and authenticate to this wireless with my phone....

                              But - I cannot obtain an IP address..seems DHCP is not working correctly..I have checked that it is enabled ..

                              I have created a scope on the GUESTOPT1 interface going from 192.168.2.100 - 192.168.2.150.

                              The address of the ethernet interface on the pfsense is 192.168.2.211

                              I am sure I am missing something so obvious ...

                              c36948eb-3d2a-4e6b-b472-30270c382042-image.png

                              Confused, I remain ..

                              NogBadTheBadN 1 Reply Last reply Reply Quote 0
                              • NogBadTheBadN Offline
                                NogBadTheBad @kappclark
                                last edited by

                                @kappclark

                                A few things to check:-

                                Can you ping the ap from pfsense?

                                If you connect a PC to the guest interface does it get an ip address?

                                Have you connected the guest pfsense interface to the LAN interface on the AP?

                                1 Reply Last reply Reply Quote 0
                                • stephenw10S Offline
                                  stephenw10 Netgate Administrator
                                  last edited by

                                  How are you connecting the router? Is it really just as an Access Point? If it's just acting as a layer 2 device DHCP should pass it.

                                  Steve

                                  1 Reply Last reply Reply Quote 0
                                  • kappclarkK Offline
                                    kappclark
                                    last edited by

                                    Yes - can ping the AP from pfsense:
                                    710951be-3a5c-4bca-b95b-baa92a017d0d-image.png

                                    Disconnected AP. Connected laptop to OPT port directy -- received IP address from given scope (192.168.2 104) ...

                                    but amazingly - it now works ... I removed the firewall rules on the interface and added only a default rule.

                                    e134e88c-76db-4678-91cc-a34a0353b3c0-image.png

                                    I have the laptop and the firestick both working off the AP ... and Alexa is happy as well....

                                    I will connect wife's phone, laptop and tablet ...

                                    Thank you very much for your help in this ...

                                    1 Reply Last reply Reply Quote 0
                                    • kappclarkK Offline
                                      kappclark
                                      last edited by


                                      Just a followup -

                                      FWIW - Here is a very good guide I found on securing the private network -- maybe be of some help for the next person ..

                                      once the crew here steered me in the right direction, I knew what to search for ... what a valuable resource ..

                                      NogBadTheBadN 1 Reply Last reply Reply Quote 0
                                      • NogBadTheBadN Offline
                                        NogBadTheBad @kappclark
                                        last edited by NogBadTheBad

                                        @kappclark said in Great pfsense start:


                                        Just a followup -

                                        FWIW - Here is a very good guide I found on securing the private network -- maybe be of some help for the next person ..

                                        once the crew here steered me in the right direction, I knew what to search for ... what a valuable resource ..

                                        Slight issue with the guide he creates an IPv4/IPv6 rule with an IPv4 only alias and also allows http, ssh, etc ... access to the guest lan interface.

                                        NogBadTheBadN 1 Reply Last reply Reply Quote 0
                                        • NogBadTheBadN Offline
                                          NogBadTheBad @NogBadTheBad
                                          last edited by

                                          This post is deleted!
                                          1 Reply Last reply Reply Quote 0
                                          • kappclarkK Offline
                                            kappclark
                                            last edited by

                                            Never would have picked that up ! Thx for heads up ... this is gong to be lots of fun ..

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.