Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense hardware advice

    Scheduled Pinned Locked Moved Hardware
    4 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      Yakje
      last edited by

      Currently I have my NAS (FreeNAS box) pretty much setup. Now I want to be able to access it remotely in a secure manner.
      Currently I am running: Nextcloud, Plex, Plexpy, Sabnzbd, Sonarr, Radarr, Headphones, NzbHydra, Jackett & Organizr as generic jails.

      My idea is to setup a secure VPN connection using Pfsense. I have no experience using Pfsense whatsoever, so any advice is highly appreciated!

      My current Nas setup:
      OS: FreeNAS 11.0-U4
      CPU: Intel Celeron G3920 Boxed
      MOBO: Gigabyte GA-X150M-PRO ECC
      MEMORY: Kingston ValueRAM KVR21E15D8/8HA
      PSU: Seasonic G-series 360 watt
      HDD (3x): WD Red WD30EFRX, 3TB
      USB (for OS) : Sandisk Ultra Fit 16GB Zwart
      CASE: Fractal Design Define Mini

      Pfsense router requirements:

      • Act as a VPN client (OpenVPN + PIA)

      • Act as a VPN server

      • Act as a Firewall

      • Act as a proxy?

      • Act as a dynamic DNS server?

      • Setup multiple VLans: Internal (FreeNAS), Family, Guests, etc.

      • Be able to handle Gigabit speeds

      I want to be able to run the latest Pfsense version, as well as being future proof for atleast a couple of years
      First off i have to select what hardware to use. I know about the possibility to install Pfsense in a VM on my NAS, but feel more secure seperating my VPN / Firewall from my files system a.k.a NAS. I have read a few topics about DIY Pfsense router builds (which is definitely is an option), but feel like the: Qotom Q355G4 will be able to do everything I require for a decent price and with the ease of just installing Pfsense and having a compact system. Would this be a good pick?, feel free to advice me otherwise ;)

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        Qotom is fine, lots of us using one quite happily.

        Lots of other choices though - before someone accuses me of being biased.  :)

        1 Reply Last reply Reply Quote 0
        • Y
          Yakje
          last edited by

          What build would you advice me? Since there are different options available for the Qotom Q355G4 when it comes to RAM/SSD/CPU etc. It will be put to use in a so called "SOHO" environment.

          Could you maybe eleborate on some of the other possibilities aswell?

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            The choice of how much ram etc is yours. pfSense will run happily in 2Gb of RAM but I would go for a minimum of 4Gb. A small SSD or mSata is fine, a 30Gb mSata is sufficient for pfSense and say running pfBlocker, you'll need more if you run lots of other things.

            My setup, and I bought mine barebones, so I used some RAM and mSata I already had is 8Gb RAM and 60Gb mSata,

            The options for putting your own pfSense hardware together are endless. Basically, the main things to watch for are:

            1 . CPU supports AES-NI
            2.  NIC ports are Intel - There can be problems when they are not, or at least there are fewer problems with Intel NICs
            3. Choose something that has been on the market for a while that has been proven to work. Some of the latest boards do not yet play nicely with FreeBSD, they will eventually but there may be driver/bios issues, so take care on some new MBs.

            So, existing hardware that works out the box, and don't forget to look at Netgate Hardware, it is built for the job. I can only give you advice on the hardware I have and use, there is other hardware mentioned in this section of the forum, others will chime in I'm sure.

            Here is what I use.

            Qotom i5- 4 Intel Nics, The i3 would do to, the i5 is a bit of an overkill for my system but it is very quick, noticeably so when using the pfSense GUI.

            PCEngines APU2 - I would stick with the 4Gb version, takes a single MSata - 3 Intel Nics - very compact and energy efficient.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.