Kodlix AP42 Install possible?

Guest

Anyone tried to make pfsense work on a Kodlix AP42 (http://www.kodlix.com) ?

I've found isorespin.sh (https://linuxiumcomau.blogspot.com/2017/06/customizing-ubuntu-isos-documentation.html) and rEFInd (http://www.rodsbooks.com/refind/) for making Debian/uBuntu variants, but it's far too complex along with limited info on AP42 for me to have a clue if it's even possible  ::)

Thanks in advance.

VAMike

what are you expecting to do with the one ethernet port?

Guest

@VAMike:

what are you expecting to do with the one ethernet port?

Probably VLANs? ;-)

VAMike

@johnkeates:

@VAMike:

what are you expecting to do with the one ethernet port?

Probably VLANs? ;-)

That's one possibility. Another is that he's trying to build an AP, another is that he's planning to use USB Ethernet. It seems like a bad choice of hardware, but more details would help.

Guest

@VAMike:

@johnkeates:

@VAMike:

what are you expecting to do with the one ethernet port?

Probably VLANs? ;-)

That's one possibility. Another is that he's trying to build an AP, another is that he's planning to use USB Ethernet. It seems like a bad choice of hardware, but more details would help.

It'll be a bad choice either way ;-) Probably some crappy Realtek NIC in there. Thermals won't be good either. Getting a Qotom for the same price makes more sense to me.

Guest

@Mesmurized:

Anyone tried to make pfsense work on a Kodlix AP42 (http://www.kodlix.com) ?

I've found isorespin.sh (https://linuxiumcomau.blogspot.com/2017/06/customizing-ubuntu-isos-documentation.html) and rEFInd (http://www.rodsbooks.com/refind/) for making Debian/uBuntu variants, but it's far too complex along with limited info on AP42 for me to have a clue if it's even possible  ::)

Thanks in advance.

Why not taking a PC Engines APU2C4? Is it price based or oriented?

Guest

@VAMike:

what are you expecting to do with the one ethernet port?

Here's the plan …
TWC modem ....
connected to AP42 w/USB GbE with easily managed full-featured firewall + always-on VPN ...
connected to TP-Link DD-WRT router w/internal GbE serving all intranet devices.

Details:
Short term goal: 100% always-on always-encrypted firewall+VPN Internet for all church intranet devices. Nothing is allowed in unless specifically configured. Reliable (within $0) buget. (Free lifetime subscriptions to StrongVPN, PureVPN, and RA4W) PPTP unacceptable. L2TP/IPSec minimim, OpenVPN next). Continuous monitoring/logging/intrusion alert notifications.
Longer term goal: remotely administered/monitored (by me).
Possible additions: limited+controlled guest WiFi when proven safe
Internet considerations: Internet use is minimal. Increased latency is acceptable.
Cable modem: Old (and slow) TWC (3M/1M).
intranet (local only): Speed IS important. 15 devices (and growing to 20-25) using a combination of 10/100/GbE, Wi-Fi n & WiFi ac + a couple old WiFi b legacy devices. Windows (3+), Mac (2+), NAS (2), cheap (un-tweakable) IP cams (6) + network printers (2)
Primary (and only) router: TP-Link w/DD-WRT as master (and only) AP
Data: very sensitive, history of prior break-ins, paranoid users (haha)
Budget: desired $0 
Admin (me): Retired computer engineer (now admin for local church). 70/30 Windows+Unix/Xenix+networking knowledge. Limitation: Some but limited security/firewall/network specialist knowledge. Easy (but full featured) GUI interface desired. IE: Iptables is great but complicated and I'm too old to spend days and days learning only to forget it next week. Then relearn all over again next year when a change is needed.

Notes: DD-WRT is awesome but limited (unless I spin my own). Using it as a primary Internet VPN client is problematic. Various issues: frequent disconnects and/or 60 minute automatic disconnect/reconnects, unacceptable reconnect delays, limited error logs, etc, etc, etc.

Thought about using Windows 10 or uBuntu on the AP42. Both are easily available. But Windows is too bloated, way too chatty, and difficult/impossible to tame. uBuntu is great but requires more firewall/routing/iptable knowledge than I currently have. Would prefer a simplier solution that also offers complex configurations when needed.  Hense pfsense.

Did I come to the right place, or are you bored? (hahaha)  Sorry, old joke b/c I'm old :) :)

VAMike

@Mesmurized:

@VAMike:

what are you expecting to do with the one ethernet port?

Here's the plan …
TWC modem ....
connected to AP42 w/USB GbE with easily managed full-featured firewall + always-on VPN ...
connected to TP-Link DD-WRT router w/internal GbE serving all intranet devices.

Details:
Short term goal: 100% always-on always-encrypted firewall+VPN Internet for all church intranet devices. Nothing is allowed in unless specifically configured. Reliable (within $0) buget. (Free lifetime subscriptions to StrongVPN, PureVPN, and RA4W) PPTP unacceptable. L2TP/IPSec minimim, OpenVPN next). Continuous monitoring/logging/intrusion alert notifications.
Longer term goal: remotely administered/monitored (by me).
Possible additions: limited+controlled guest WiFi when proven safe
Internet considerations: Internet use is minimal. Increased latency is acceptable.
Cable modem: Old (and slow) TWC (3M/1M).
intranet (local only): Speed IS important. 15 devices (and growing to 20-25) using a combination of 10/100/GbE, Wi-Fi n & WiFi ac + a couple old WiFi b legacy devices. Windows (3+), Mac (2+), NAS (2), cheap (un-tweakable) IP cams (6) + network printers (2)
Primary (and only) router: TP-Link w/DD-WRT as master (and only) AP
Data: very sensitive, history of prior break-ins, paranoid users (haha)
Budget: desired $0 
Admin (me): Retired computer engineer (now admin for local church). 70/30 Windows+Unix/Xenix+networking knowledge. Limitation: Some but limited security/firewall/network specialist knowledge. Easy (but full featured) GUI interface desired. IE: Iptables is great but complicated and I'm too old to spend days and days learning only to forget it next week. Then relearn all over again next year when a change is needed.

Notes: DD-WRT is awesome but limited (unless I spin my own). Using it as a primary Internet VPN client is problematic. Various issues: frequent disconnects and/or 60 minute automatic disconnect/reconnects, unacceptable reconnect delays, limited error logs, etc, etc, etc.

Thought about using Windows 10 or uBuntu on the AP42. Both are easily available. But Windows is too bloated, way too chatty, and difficult/impossible to tame. uBuntu is great but requires more firewall/routing/iptable knowledge than I currently have. Would prefer a simplier solution that also offers complex configurations when needed.  Hense pfsense.

Did I come to the right place, or are you bored? (hahaha)  Sorry, old joke b/c I'm old :) :)

You don't come out and say it but I'm assuming you already bought the AP42 and are trying to figure out what to do with it. I personally think trying to get pfsense running on it will be more trouble than its worth because it's a bad hardware selection for the application (especially with a USB network adapter). It's free to try, but on that hardware you'd probably have better luck with linux based firewall.

Guest

@VAMike:

You don't come out and say it but I'm assuming you already bought the AP42 and are trying to figure out what to do with it. I personally think trying to get pfsense running on it will be more trouble than its worth because it's a bad hardware selection for the application (especially with a USB network adapter). It's free to try, but on that hardware you'd probably have better luck with linux based firewall.

Partially true. Didn't even think about using specialized hardware for this minimalist job. intranet <-> Internet traffic is small (max 3M/1Mbps). intranet<->intranet is 99.999% (Gbps+).

Never expected basic USB booting issues on this AP42. Assumed Intel based, running Win10 fairly well == AP42 more than enough + pfsense that works on an even lighter platform (Atom) == AP42 is more than adequate for my needs.

Guest

Hi all …. I'm still here  ;)

Clarifications: I bought the AP42 after a cursory hardware/software review (including pfsense). The Gigabit traffic is not seen by the AP42 because it's isolated locally to the primary DD-WRT router network. So IMHO 10Mbps AP42 interfaces is adequate (Gbe a nice overkill). Yes/No?

Back to the basic problem - booting the pfsense USB (built with rufus 2.17)

The USB is not recognized by the BIOS, even in legacy boot mode. Tried building on uBuntu with dd. Same issue. Downloaded again, same issue. Seems I'm overlooking something very basic.

I was able to boot a rufus built OPNsense img so it must be something else I'm missing.

Advice?

Final update:
9 days, two posts, no response. Good bye.