Share your pfSense stories!
-
@kiokoman I'd rather have my liver taken out.
-
@kiokoman Based on my experience, Zyxel has a high failure rate. We saw a lot of them DOA when you opened the box. Then they'd fail over the first year of service. We speculated that they were using very low-quality parts or didn't put heatsinks were they were needed, etc.
Worst of all was the ones that would fail, but not completely. People would be complaining of assorted problems with their internet connection, and when you went to diagnose and troubleshoot maybe you'd find something and maybe you wouldn't. Or the issue would come and go. After a couple of go-arounds, a replacement of the hardware would resolve it - for a while.
Zyxel was inexpensive to purchase, but it wasn't cost-effective.
-
@stuartkh42 said in Share your pfSense stories!:
Zyxel was inexpensive to purchase, but it wasn't cost-effective.
Precisly. Amen.
Intermittent problems are the most expensive ones, because they are time-consuming and create the most miserable users which reflects poorly on us.
-
well.. I'm using it only as a modem .. everything else(router/wifi/voip/firewall/dhcp/share) is disabled / turned off... I had it for free from my isp. no problem so far.. I will think about it when the problem arises. I already have a couple of other modems as a spare part
-
I've been using pfSense for about 5 years after my Linksys router running DD-WRT was no longer able to keep up with the speed of my internet connection.
I am so thankful for the pfSense project, the community is friendly/helpful, the documentation is good, and the software is very professional/stable. A sharp contrast from what I was using.
When our ISP rolled out IPv6, I read that anyone using the ISP provided hardware as it was configureded was exposing all their Windows file/printer shares on the LAN to the internet! Many consumer routers contain serious security flaws and corrective updates are slow or nonexistant.
pfSense allows me to easilly treat the ISP equipment as part of the untrusted internet. pfSense makes it possible to manage and secure my network using enterprise techiniques that would be impossible with consumer equipment. Secure remote access, Multiple VPNs, VLANs, IDS, IPS, IP/DNS Blocking, Proxies, Reverse Proxies and Enterprise Grade Firewall, pfSense has it all, and more.
There are some very bright and talented people in the community who really care working with this software, so security gets taken very seriously and the few CVEs that are found get patched very quickly.
For anyone willing to learn how to set it up, (or pay someone) the possibilities are endless and pfSense can't be beat.
-
I came from ddwrt and was looking for some better security, so maybe 6yrs? Just recently started actually "using" pfsense (snort/vlans).
My pfsense system has gone through multiple iterations, with the last motherboard dying. I'm "in the process" of building a new box with the new i3 1200 socket.
So in the meantime I pulled out some random board I had bought back in 2014 and loaded my config on it and it blew me away at how well it runs with +/- 40 clients and two people working from home with mucho teleconferencing.
My current setup (Don't laugh too hard)
J1800 motherboard
1x pcie 2 port intel nic
1x ssd
It literally sits on top of a shelf with an atx power supply next to it (It's fun trying to remember which pins to jump to boot the system).
I have snort and multiple vlans running and it supports my gigabit connection just (If snort is configured correctly, that's another "in process" thing). -
@nullvalue
If the PSU has colored wire's it will be the green wire and any black wire. -
Former organisation hunts companies who are practicing corruption, collusion and nepotism. Usually, these organisations do hostile takeover of other companies. The organisation's goal is one organisation to control them all.
Short story, me and a few of my colleagues resigned because of their new policies against our conscious and moral values. Remember! Just do the opposite of what this organisation tells you. If they advised you and your family to implant microchipped (WO/2020/060606) for (Covid) prevention, refuse it. When they tell you don't use an open source OS/firewall/router like pfSense, use it. That's my story on why I use pfSense.
-
Home user, but I have been using pfSense since 2014ish.
My first install was on an Intel DQ77KB, and that was fun and worked great.
Later, I moved to virtualize pfSense in ESXi for around 2 years (stable, but was a bear to properly configure).
Currently, I have my install on a Pcengines APU2. It works perfectly other than a weird issue with an upgrade to OpenVPN causing a boot hang (had to use my serial to see the error).
The weakness of pfSense is wireless, but that seems to flow from the underlying FreeBSD.
I will post an update about a new project: a "DIY Nighthawk X10," which is a wireless router/NAS/Plex box. Unlike some other people, I don't need AC-wireless and would prefer an older, but stable platform.
Cheers!
-
@garrett-0 said in Share your pfSense stories!:
Home user, but I have been using pfSense since 2014ish.
My first install was on an Intel DQ77KB, and that was fun and worked great.
Later, I moved to virtualize pfSense in ESXi for around 2 years (stable, but was a bear to properly configure).
Currently, I have my install on a Pcengines APU2. It works perfectly other than a weird issue with an upgrade to OpenVPN causing a boot hang (had to use my serial to see the error).
The weakness of pfSense is wireless, but that seems to flow from the underlying FreeBSD.
I will post an update about a new project: a "DIY Nighthawk X10," which is a wireless router/NAS/Plex box. Unlike some other people, I don't need AC-wireless and would prefer an older, but stable platform.
Cheers!
It's way easier to buy a Ubiquiti Unifi AP AC Lite for €60 and run the controller on the pfSense:
https://github.com/gozoinks/unifi-pfsenseI have roughly 100-150 of those exact installations out there running perfectly for at least 3-5 years. For larger installations just add a switch and more APs. And for high density environments just replace the Lite with Pro. You can easily handle up to a thousand users this way, probably more. The largest such installation I have is running pfSense on an APU2, five or six switches and about thirty mixed Lite and Pro APs. About 800-1000 devices divided on 4 VLANs. Works like a charm.
-
I had always wanted my own server setup for various things. I was advised by a friend to get a firewall as well. This is where I started looking into different options for my own home firewall for my network which will be getting quite extensive. I came across pfSense. I watched youtube videos about it and had read the forums for a few weeks before really delving into it myself. Started out with an old Watchguard X750E when pfSense was still supporting x86. When pfSense went fully x64 I was thrilled. I knew that 64-bit can really do a lot more and offer more. Tho I did have some issues getting it going I was able to do so with help from others in the community.
I have since upgraded my old X750E to a Watchguard XTM550 with the latest version of pfSense. Love it. Will not use another firewall for anything. Simply love the setup and ease of use. Am quite happy with the software. Does more than I could ever dream of and allows me the ability to learn more and more as I go. I can't wait for pfSense Plus to be supported across 3rd party hardware as I really want to have it installed on my XTM550. It will offer so much more for me at home and it will be able to be setup quite easily. Thanks for offering a really nice piece of software. I really don't know what else I can say. It is just that much of a nice thing to have.
-
Okay, I'll add my story now.
For years I've had issues with wifi connectivity throughout the house, and over the last couple of years my wife would complain about the wifi printers not working. At first I thought my routers were just old, so I paid more money to upgrade a D-link to a Netgear, then to another Netgear, and you know that story. Wifi would improve slightly, and seemingly quite well for the first while, but ultimately after a few months wifi got worse, and wifi printers started dropping again.
Then I started researching enterprise level routers and the name Netgate came up. The installation was sure a steep learning curve for me, and even now I would consider myself a sub-novice at it. But I got it up and working. But I was still using the old Netgear router as an wireless AP, and guess what? My wifi printers were still dropping and I still had lousy Internet at the opposite end of the house.
I have since added two Unifi Lite AP, one on the top floor, one on the main floor. I keep them on medium power and wifi is fine. Even on basic 20 Internet, we can Zoom call, watch TV on the Roku, and surf Youtube all at the same time. I haven't lost the wifi printer once in the 6 months I've had this set up.
I know I've wandered into a field I probably have no business mucking with, given my knowledge, but it works better than the consumer junk I had. I even started making my own cables so I could make specific lengths, and connect the Unifi APs.
-
@larryjb great job! You came to the same conclusion as many of us have, all on your own!
I have at least 150 installations with PFsense and Unifi APs (most of them Lite) in residential buildings, hotels, schools, offices and industries. There is very rarely any problems, and wifi performance is steady without reboots, year after year after year. It's like it should be!
-
Installed pfsense 2.5.2 on Barracudda F18 firewall device. it's awesome for home use.
Intel Atom CPU C2358 @ 1.74GHz (2 CPUs: 1 package(s) x 2 )core(s)
2gb ram[to be upgraded to 4gb soon]
50gb msata ssd
Fanless and super silent. -
@mr-rosh cool, how much did it cost you?
-
it's a second hand device and cost me less than $40 US dollars [in my local currency]
-
Intel(R) Atom(TM) CPU C2358 @ 1.74GHz 2 CPUs: 1 package(s) x 2 core(s)
-
2GB RAM [i am yet to upgrade it to 4GB] say another $10 US dollars
-
50GB mSATA SSD Disk
-
4 x Intel 1gb nics setup as
-
Best part is it's silent and pretty good for home use.
-
RJ45 Console PORT, VGA Port and 4x USB Ports. So hooking up keyboard, mouse and monitor was easy as and was able to boot from USB and install pfsense.
-
-
@mr-rosh the price is great. I paid something like €150 for the fanless quad core, 4GB, SSD hardware, but it's really, really fast. I get 970+Mbit/s port to port no problem. And the real advantage comes when using crypto services like IPSec where you don't lose as much speed thanks to the fast CPU.
But for home use that is a really nice setup!
-
@phatsta thats cool.
-
@mr-rosh you got it for like $40? That is a steal - they are still being sold, they are not eol til like 2025 I don't think.. Rev A, I take it?
-
@johnpoz Yes, it's a Rev A. u can look around on ebay if u like. I am certain that there are many barracuda's out there [decommissioned /second hand, simple because it's out of warranty and or so]
something similar is;
https://www.ebay.com/itm/274832571200?hash=item3ffd4c3b40:g:B64AAOSwXdZgxrBm