Moving from server based PfSense to SG-3100 appliance

znamloot

All,

Wasn't sure where to post - let me know if this forum isn't right.

Background
Currently running a Dell R710 server using Unraid with a Pfsense VM (FreeBSD) using ver. 2.4.5. There haven't been any issues so far. Been running for about a year. Doubled my throughput, averages 700-800 Mbps down on a Bell Canada 1 Mbit line using PPPOE.

Question

My son gave me a Netgate SG-3100 to try out.
Reading the forum there seems to be heat problems among other things.
Also, the process for setting it up seems to be un-unnecessarily onerous (seems they have taken a page out of apple's playbook).

Is there any advantage to moving to the SG-3100 from the server based? (other than not losing internet when I occasionally have to bounce the server for maintenance).

All comments welcome!

Thanks in advance.

SteveITS

@znamloot said in Moving from server based PfSense to SG-3100 appliance:

heat problems

I saw a thread recently about temperature. We have several in service at clients and our office and haven't had an issue. I suspect people are looking at the temp in the dashboard, assuming it's the case temp, and worrying it sounds high. That was my first reaction when seeing it, but they are all that way. I think it's the CPU temp.

You should be able to restore a configuration backup from your existing server to make setup simpler. Note the 3100 has a switch so in essence 3 ports by default. Also note that will cause IP conflicts with the current router if both are live on your existing LAN.

An appliance likely uses less power than a PC but your server is on anyway.

znamloot

Thanks Steve.

Another couple of questions before I decide.

1. I read the manual for the SG-3100 and it indicates that I have to submit a ticket to support in order to get the firmware upgrade file.
   That is part of the onerous comment. Is that true? - I can't see why....

2. In order to access the SG-3100 GUI you have to attach to my original Bell Canada modem. Is that true? I have my server based implementation using the same ip address as is default on the SG-3100 as you rightly pointed out.
   Which means that while I upgrade the firmware and restore the config from my server based implementation I have no internet as I will have to shutdown my server based system.
   That seems silly and un-necessary. Any router I have used allows you to login to the gui with just an ethernet cable from laptop to router. Hmmmmm...

Thanks again!

Cheers

johnpoz

1. No you do not need to submit a ticket for a normal upgrade, the sg3100 will upgrade itself from the internet. Once you select to install an update.

1a) If you want a standalone copy of the factory image that is installed on netgate appliance, then yes you need to submit a ticket. You normally will receive a link to the file to download in a few minutes. It is prob good to do this so you have a copy of the install, in the off chance you have to do a clean install. This should really be a rare occurrence.. But better safe than sorry. So I would suggest you make sure you get a copy of the factory image for your own backup.

2. The appliance does not need internet access to access its gui, you can just connect a laptop to Lan side port and access the gui... You can for sure setup the appliance without it being connected to the internet.

As to the setup process? I have setup pfsense countless times.. Its pretty much turn it on.. And it would be working out of the box. It walks you through a bouncing ball setup asking a couple of questions that are pertinent to setup, like what you want to call it.. Should the wan be a specific nature, dhcp, satic, pppoe, etc. What do you want for your lan IP, or you can just leave it at default. And changing the admin password.

If setup takes you more than a minute or two.. Your doing something wrong ;)

keyser

1: You do not need to contact support to update the firmware. That process is only needed if you need to reflash it from scratch (cleaning the built in flash). It comes with a firmware build onboard, and that will update itself just like you are use to on your server.

2: It does not need internet to be setup. BUT: The GUI is very very slow when no Internet/DNS is available, and if you restore a config to it, no packages are installed automatically from the config. So it’s a tradeoff: You can restore your config “offline” on a very slow GUI, and you’ll have to reinstall any packages (all settings are preserved) once it gets online and have internet access. OR: You can shut down your server, insert the SG-3100 and restore your config.