Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Anyone have pfSense installed on Stonesoft / Stonegate hardware?

    Hardware
    5
    9
    1429
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      steveharman last edited by

      Hi,

      There seem to be quite a few Stonesoft / Stonegate firewall appliances on eBay these days - reasonable spec's for the price.

      Has anyone had any luck installing pfSense on them?  If so are there any guides around?

      Thanks,

      Steve

      1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        You have an example? Or any specs?

        Steve

        1 Reply Last reply Reply Quote 0
        • D
          datzhim last edited by stephenw10

          I am trying to do this i have a FW-1050. Here's datasheet for a 1030

          SOFTWARE FEATURE SPECIFICATIONS
          See the Firewall/VPN datasheet www.stonesoft.com
          LICENSED PERFORMANCE FW-1030 FW-1030P
          Firewall throughput
          (UDP 1514 byte packets, no inspection)
          1 Gbps 1.6 Gbps
          Throughput
          (UDP 1514 byte packets, with inspection)
          450 Mbps 450 Mbps
          64 byte packets per second
          (no inspection)
          500 000 620 000
          HTTP inspection
          (21 kB payload)
          130 Mbps 130 Mbps
          SSL inspection client / server side 40 Mbps / - 40 Mbps / 40 Mbps
          New TCP connections/sec
          (no inspection)
          15 000 20 000
          New inspected HTTP connections
          (21 kB payload)
          800 1000
          Concurrent connections 700 000 1 million
          Concurrent connections
          (with inspection)
          100 000 150 000
          VLANs 150 250
          VPN throughput (AES-128-GCM) 140 Mbps 220 Mbps
          VPN tunnels 1000 1000
          Concurrent mVPN Clients 25 100
          CONNECTORS
          2 x USB, 1 x serial
          MEASUREMENTS
          Form factor 1U 19” rack unit
          Dimensions (W x H x D) 425 x 44 x 362 mm / 16.73 x 1.73 x 14.25 inches
          Net weight 5.5 kg / 12.13 lbs
          Gross weight 8.5 kg / 18.74 lbs
          SAFETY/EMC CERTIFICATIONS
          CE, FCC Class B, LVD, CB, Gost-R, RoHS
          POWER
          Power supply 180 W, AC input 100-240 VAC, 50-60 Hz
          Typical power consumption 65 W
          
          1 Reply Last reply Reply Quote 0
          • A
            akuma1x last edited by

            I would bet money that the BIOS is probably locked up tight on these boxes, meaning it won't let you boot from anything that could install pfsense.

            Jeff

            1 Reply Last reply Reply Quote 0
            • stephenw10
              stephenw10 Netgate Administrator last edited by stephenw10

              Mmm, most are not locked that tight. But it certainly could be.

              What is the CPU in it. How much RAM does it have? Is it upgradable?
              Those things will determine if it's worth the attempt.

              It looks like a Supermicro device so there is probably quite a lot more info available. It has ps/2 ports so that implies old!

              Steve

              1 Reply Last reply Reply Quote 0
              • stephenw10
                stephenw10 Netgate Administrator last edited by stephenw10

                Looks like it's this:
                https://www.supermicro.com/products/motherboard/Xeon3000/3000/PDSMi-LN4_.cfm

                So socket 775. It's old (really old!) but will likely run 2.4.4 and can probably be upgraded for very little. It doesn't support any AES-NI capable CPUs though.

                Steve

                F 1 Reply Last reply Reply Quote 0
                • F
                  FlashPan @stephenw10 last edited by FlashPan

                  I had 2 stoneware FW-1050 devices with the supermicro motherboard.

                  Will not run newer pfsense as the cpu the board can take do not support aes-ni plus max FSB is 1066. Noisey as hell being a 1u server but you could put the board in another box. Nothing special firewall wise about the board. Just a normal intel cpu board with normal bios etc

                  1 Reply Last reply Reply Quote 0
                  • stephenw10
                    stephenw10 Netgate Administrator last edited by

                    I bet you could reduce the speed if those fans, most have some tunability.

                    Also it looks like 2.5 will not yet have the restconf API and hence not require AES-NI so you would be good for some time on this.

                    https://forum.netgate.com/topic/140586/heads-up-snapshots-moving-to-pfsense-2-5-0-on-freebsd-12-expect-initial-instability

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • F
                      FlashPan last edited by

                      Sadly not at least on the 1u version. The only fan was a cpu blower designed to pull from the cpu and motherboard and push the heat out which you can clock down but still noisey. I did buy some 1u silent Gelid fans as supermicro are always generous with connecting fans but still did not work well. The other issue is the very noisy (although labelled as silent) 1u PSU.

                      I've been on the periphery with pfsense for a while now so did not know that "aes-ni must have compatibility" was pushed back. I went out last year and dropped £200 on one of the fanless and silent qotom boxed. ALthough am very happy with it as against running a vm.

                      Cheers

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post