Pfsense on a new HP Microserver GEN10
-
HP (a.k.a. Compaq) boxes are weird.
-
In this case is looks like some issue with the graphics hardware in that APU and FreeBSD 11. Though HP may have injected additional weirdness. ;)
Steve
-
Hi. Thank you for all your input.
As I mentioned earlier, I am not a hardware expert but I still do think this microserver is not a bad option (apart from the issue I have) the pricing of this server is very low. I am in South Africa. So firstly I don't even think there are distributors of the netgate appliances in SA.
Secondly if I look at the pricing of the netgate sg-3100 it is $349. So with th4 ZAR TO USD exchange rate that is about R4500 then I will have to pay shipping and import duties which wil make the total cost +- R6000
I got the microserver brand new with 2 x drives for R4999 . So that was my deciding factor. The client we are implementing this firewall are 14 users. So the hardware will be sufficient.
Sammy you are correct. The Gen10 is fitted with an AMD cpu and not intel like the Gen8. And I think the graphics is causing the issue yes.
Nonetheless, I am going the ESXi option and run the FW as a vm. I gave John's suggestion some thought and if I add another 2 drives and maybe add 2 NICs also then I have available capacity for i.e. a NAS vm. Or even a windows VM that can be used as a jump box.
Cheers!
-
I show like 5 in SA
https://www.netgate.com/partners/locator.html#south-africaOnce you get atleast another nic you should be fine.. I personally would make sure you get atleast a dual so you can break out the vmkern from your other networks, put it on its own vswitch even if on the same actual layer 2 network as your lan, etc.
I would bump your ram up as well on the microserver. I have an OLD N40L and it still can run windows VMs - even windows 10 runs on it.. I wouldn't call it FAST ;) But it works and can use it for testing, etc. Got some windows 2012r2 that run on it without issue..
Mine is not long for this world though.. Its really showing its age, time to retire it for something with more umph..
Hmmm.. Most of those sites don't load.. But one shows sg3100 at R6790
https://getred.co.za/products/sg-3100-pfsense-firewall-applianceThat does seem high…
https://justechnologies.co.za/wp/
cert expired back in Feb... Not sure trust a tech company that can not even keep their websites ssl site current ;)
-
Thank you John for your input. I did go and google.a bit for a supplier in SA. Like you said most of the websites I found did not load and I contacted one and their phone number is out of service..
And yes I think with import duties and the ZAR USD exchange rate the appliance is going to be more expensive.
I just cannot get the ACPI problem sorted. I tried all the suggestions with no luck. The server comes with 2 x NIC's. I am planning on installing a 3rd NIc to use as you mentioned for the VM host network. And the other 2 dedicated to the FW vm for WAN and LAN .
Server came with 8GB memory. So yes if I want to also load a windows 10 vm I will probably add more memory.
-
Hi ,
I am currently running Pfsense 2.4.2 on the HP microserver Gen10 as a vm (ESXI)
it comes with two nics onboard and i added 1x2 port intel card (cheap on ebay) ,the reason i used the GEN10 is its cheaper (£180, mine was £130 with cashback from HP) than most of the PFSENSE Chinese boxes which support AEN-IS hardware cryptographic accelerator £ 200+ (future proof for pfsense 2.5).
this is my main firewall at home (adding snort/suricata IDS etc.) i can add any spare disk in the extra bays for logs etc without compromising performance
i think its the best of both i also have sophos, nas4free and zentyal (Directory services)
I think its the best bang for your buck PFSENSE platform for home/ Small business or PCLab
-
Yeah I ran like that for years on way older hardware..
-
Hi,
Just saw this thread workaround, looks like its a known FreeBSD issue:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221350
I tried it in pfsense startup option 3
Set hw.pci.realloc_bars=1
bootgets you past the boot screen error , hav not got the time to do a full setup as i am running Pfsense as a VM on my GEN10 as my home firewall/router, my son and wife want the internet back now.
will try a full install on friday when they are asleep :)
-
Hi,
Just saw this thread workaround, looks like its a known FreeBSD issue:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221350
I tried it in pfsense startup option 3
Set hw.pci.realloc_bars=1
bootgets you past the boot screen error , hav not got the time to do a full setup as i am running Pfsense as a VM on my GEN10 as my home firewall/router, my son and wife want the internet back now.
will try a full install on friday when they are asleep :)
Thank you very much you saved me a lot of time and frustration :-)
-
has someone an idea wether the Gen10 has more horsepower than the SG 3100?
-
@krom12 Hi,
finally got the time to play with pfsense on the GEN10, was able to do a bare bones install to ssd from usb media, adding this at the initial boot-up, select option 3 then 'Set hw.pci.realloc_bars=1' , boot. (add this line to /boot/loader.conf to make it permanent), boots up and installs without any other errors.its stable and works very well, , have just updated to 2.5 dev, also working well, throughput is much better than running pfsense as a VM on the same box and Nics :)
-
Add it to
/boot/loader.conf.localto avoid it being overwritten during a firmware update.Steve
-
@bubbletop said in Pfsense on a new HP Microserver GEN10:
has someone an idea wether the Gen10 has more horsepower than the SG 3100?
The comparison is void as the SG3100 is ARM vs HPs little buddy is a low-cost Intel architecture. With all the Intel bugfixes etc. and Hypervisor in between, I'd guess the SG-3100 would be a faster solution (and cheaper/more power efficient) than HP. But it depends on the variant and CPU of the HP, there were various build on a G10 with different CPUs/APUs.
