UK BT FTTP User, About to make the jump
-
Hi All,
I am about to purchase a device for use with PFsense, I've decided to go for a Compulab Fitlet2 as it's fanless, low power, low cost, rated for continuous operation and also has a AES-NI capable Intel J3455 and Intel dual nics which from my limited investigation into Pfsense is a pretty ideal set of specs as far as I understand? A big plus for me is the physical size, being in a 1 bed flat I dont really want a huge pc tower taking up space.
Anyway before I make the jump, I was wondering if anyone would be able to share their experiences of any similar setups as I will have and also alleviate some concerns.
The main reason I started considering it is, i wanted something to replace my BT router (its playing up and I hate the lack of configurability) and wanted something that was also scalable,
As I have FTTP (currently 330mbs) although I fully expect BT to at some stage rollout 500mps or higher as really there's no reason they can't now other than marketing. So room for growth there would be nice.Second thing I want to get out of new router was firewalling and ability to wall off my various IOT devices, i.e Alexa, Smart TV, Hue, Kasa etc from the internal stuff (xbox laptop, phones etc)
I want to do all the above, while retaining ability to manage these devices from my phone on the internal end.
This seems pretty difficult on most off the shelf kit and so I thought i'd investigate other options and so here I am.Third aim, more of an "in the future" one is to have some way of defaulting some traffic to a VPN and others just to go out unchanged, here i'm thinking my laptop for example could be on VPN and my xbox (because i want full speed and no slowdown when gaming) to run without. I believe again this is pretty much not one for off the shelf stuff but very much in the realm of possibilty for pfsense.
Lastly, i enjoy fun projects like this, I used to look after Cisco ASA's and Routers and Palo Altos etc in my own job but don't anymore and this seems like a fun way to keep in touch with firewall skills and to keep my techie side going.
So I suppose to summarise, Will Pfsense do what i need?
Is running an Xbox (and playing on Xbox Live) using a PFsense FW as my gateway going to cause issues from your experience?I assume the hardware I have settled on is good for routing 1gbps?
Thanks in advance :)
Oh and I was going to go 8gb ram and 120gb ssd for the fitlet unless thats not enough?
-
Hey all,
Any ideas?
Thanks:)
-
Personally I'd go for the brand new SG-1100 atm for SOHO use:
https://store.netgate.com/pfSense/SG-1100.aspx
https://forum.netgate.com/topic/139370/announcing-netgate-s-espressobin-based-sg-1100
https://forum.netgate.com/topic/139326/sg-1100-Rico
-
Yeah I like the look of them was happy to see it announced it certainly looks a great option, my only thought was whether it would be powerful enough for some of the more advanced features i was thinking of without impacting on the internet speed, I.e VPN only subnets etc.
I suppose we may not know until they get into peoples hands.
Any thoughts on the other general Pfsense questions (non hardware stuff)
-
It certainly can do VPN routing etc but the VPN throughput will be limited. It will be limited by anything though unless you get something much more powerful.
I would want at least an SG-3100 or equivalent on a 500Mbps connection though to be able to use packages etc. That should do ~100Mbps OpenVPN.
The roll-out of FTTP seems to be creeping along. Might actually get near me within 10 years.
I'm not even anywhere remote. Grrr.Steve
-
Thanks,
How do you fancy the Fitlets2 chances?
-
I've never tested one but I'd expect it to be fine. Certainly at 330 or 500Mbps for Firewall+NAT.
Steve
