Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    (Resolved) - Options for Mac Mini pfSense System.

    Scheduled Pinned Locked Moved
    Hardware
    2
    2
    4.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      Iron_Man
      last edited by

      Re: Mac Mini pfSense System Hardware?

      Thanks for all the responses!

      Okay, so here's what I found out and what I did.
      The mini will boot from a pfSense USB and install the software. There are difficulties and some workarounds, they are below.

      Option 1 - Install pfSense on the Mac Mini

      • The mac will boot from the pfSense USB installer. Hold down option and choose the install drive. I had problems with the Apple BT keyboard, so wired is best. You might get it to work, I had a wired Windows keyboard so I did not bother. The install will delete everything on the drive. Go through your normal setup and BAM! You'll have a power house for pfSense.

      • If you want, and you should 2x1GB Ethernet NICs you'll need the Apple Thunderbolt > Ethernet adapter, pfSense is happy showing both NICs. This means you can't use a Mac monitor during install, or to trouble shoot at the console. The work around for this is to use a the Mac's HDMI output for the monitor and configure the system. ( A newer TV will also work) After install you can continue to run the system headless, attaching a HDMI monitor and keyboard as a "crash cart" when needed.

      Option 2 - Use VmWare on the MacMini

      • Using the complete Mac system for a firewall got you down? install VMWare ESXi 6.x. It's available FREE for home use. You give up enterprise features, vSphere and etc. But everything else works. You can get it here. https://my.vmware.com/en/web/vmware/evalcenter?p=free-esxi6

      Install ESXi the as per VMWare's instructions. They are not very difficult for a basic install, but too much to go into here. Be sure to use a static IP address, you'll need to know the address to get to the ESXi server. ESXi has a web console that will allow you to access the host and virtual machines. When you are done shutdown the Mac, unplug the monitor and plug in the Thunderbolt > Ethernet adapter, and turn on the system. You'll need that static IP now, since DHCP won't be running at at reboot, until pfSense loads, you'll need to know where to access the server.

      Once ESXi host is running it will show the internal NIC and the TB interface. Create a VM with power and disk you need.

      Some notes...

      • Follow pfSense's VM install guide.
      • Set the ESXi server and pfSense VM to auto boot.
      • You can always increase/decrease CPU & Disk as needed.
      • You should have enough power on the Mac Mini to install OSX and/or Linux desktop.
      • Other VM instances won't bother pfsense. ESXi can dynamically allocate resources, moving resources to accommodate load.
      • Using VNC you now have a desktop and a pfSense server.

      What I did, crazy I know...
      I had a Dell Optiplex with 4GB ram and i5 -3470 with aes-ni, and 128GB SSD. Picked it up a refurbished unit for $144. I got the Ultra Small Form Factor, a mistake since there is no room for additional NICs. IT was too late and returning it would mean 15% restock fee and I pay for shipping. Not worth it for a $144 PC. I was able to add 2x1GB NICs via USB 3.0 using this. https://www.amazon.com/gp/product/B00D8XTOD0/ With the adapter the rig runs $200.

      I have 400Mbps at my home, so far the configuration can keep up. I have not loaded any packages yet. If needed I can add RAM. Be warned, I went through several USB 3 > Ethernet adapters to find one that would work (thank you Amazon for free returns). Even when the adapters are working some have said the they can be flakey and/or slow. SO home use is good, I would not do this in production or critical environment. My setup has worked out so far and I have 30 days to make sure it works, again thank you amazon.

      I like this configuration it gives me 2 LAN ports & 1 WAN, I can use the additional LAN port for a VLAN later. Additionally, it frees up my Mac Mini to tool around with. I left VMware on it and I'm able to switch between Linux/OSX. BIG plus for me I'm using the PC I mistakenly bought. Was not a lot of money, but I hate wasting.

      If things go south, crossing fingers that they don't. OR If I need to add too much more RAM, I don't want to invest more in that Dell. I can always put the Mac into service.

      Hope this help some one else out there.

      Thanks!

      P 1 Reply Last reply Reply Quote 0
      • P
        pbe @Iron_Man
        last edited by

        @Iron_Man

        Did this... and it works nicely.

        Last year I got a used Mac mini 2014 with 8GB RAM for a great price. Installed two left over Thunderbolt Ethernet adaptors and ProxMox virtualisation software.
        This runs pfSense, next to a few small VM for automation and other stuff. I even have a VM with macOS Monterey for occiasional testing purposes on it and this all works quite well.

        For pfSense I assigned 2GB memory and 200GB virtual storage. And I added a few tweaks for better performance for multi core CPU's
        https://docs.netgate.com/pfsense/en/latest/hardware/tune.html#pppoe-with-multi-queue-nics

        pfSense works fast. Great throughput.

        1 Reply Last reply Reply Quote 1
        • First post
          Last post