pfSense Setup and security



  • Hi,

    Firstly I would like to set up a pfSense router to encrypt all my data using PIA VPN. I have two questions regarding this:

    1. My internet bandwidth is 100 Mbps, so I would like a setup that can handle OpenVPN for this bandwidth. I have this in mind:
      CPU: Intel Core i3 8300 Coffee Lake
      Motherboard: ASUS PRIME Intel B360M
      RAM: 2 x 4GB Corsair DDR4 Value Select, PC4-17000 (2133) (total 8 GB)
      Storage: SSD 64 or 128 GB
      Do you think this is an overkill or good for now and future?

    2. secondly, I would also like to setup a NAS on the same PC, so use a VM to install pfSense and the NAS on the same setup. Now, I have read mixed comments on the security of such setup, since pfSense will be running on VM etc. Do you think this is a terrible idea or ok for a home network?

    Many thanks



  • The set up will be fine there is no overkill for pfsense :) (Realtek® RTL8111H, 1 x Gigabit LAN) Intel is a better option.

    When you say VM for pfsense and Nas do you mean all in the same VM? Could you not just make two VMs one for Pfsense and one for your Nas?

    I wouldn't do them all in the same VM thats for sure.



  • Sorry, that's what I meant. so running them both on something like VMware as 2 separate virtual machines. The thing is, I read since Vmware will be between the pfSense and the physical LAN connection that can compromise the security i.e. firewall etc. do you think this will be an issue?

    Thanks



  • @sasansgh Ive ran pfsense in a VM with I think it was 24 other VM's ive had no problems (don't mean there isn't any tho) all my firewall rules work fine and ive seen nothing bad in the logs.



  • @sasansgh said in pfSense Setup and security:

    CPU: Intel Core i3 8300 Coffee Lake
    RAM: 2 x 4GB Corsair DDR4 Value Select, PC4-17000 (2133) (total 8 GB)
    Storage: SSD 64 or 128 GB

    That's fine for pfSense. Alone.
    But when you want to run a hypervisor on that HW with two VMs spinning permanently then it might be a little too small...

    Sharing 8GB Ram with the hypervisor AND a vNAS seems optimistic. NASses need ram.

    "64 or 128 GB SSD" for what? Not HV and two VMs on there, right?


  • Netgate Administrator

    You certainly can run those things as VMs and I would think it entirely possible on the hardware you have listed.
    It's also true though that NASs love RAM. Depending on what sort of duties that NAS will be performing you may want to add more to that VM. Try it and see.

    In terms of security you are to an extent depending on the hypervisor. Many thousands of others run like that though with no issues.

    Steve



  • @stephenw10 99% of them do but OMV don't love ram that much :) I run with 4gb and 2gb free, 20x 3TB



  • What's your backup for when the system goes down ?




 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy