I have a Intel 10th gen i7 NUC with proxmox up and running . I wanted to know which of the following two are recommended for a newbie setting up pfsense for first time
- Create a VM with pfsense
- Running pfsense on dedicated hardware like SG-1100/2100/3100
Appreciate any feedback . Thanks !
I wanted to know which of the following two are recommended for a newbie
I don't know about Intel NUC with at least dual NICs...?
(f.e. in case WAN / LAN default interfaces)
It has a wired port and - a WiFi option in it, correct me if i know wrong.
I wouldn't use wireless stuff in more serious NGFW installations for key interfaces, only for WLAN maximum.
The answer is clear, anyway:
Running pfsense on dedicated hardware like SG-1100/2100/3100
First try and first play, use a VM and go for a Setup and try some Rules, Packages, etc.
For a real Setup and produtic using, ip prefered the hardware appliance.
Personally, I'm a fan of appliances and I use an SG-3100 and an SG-1100 remote on my parents' house to use a nice S2S IPSec tunnel for NAS backups.
@pmadem You can try it, but you're going to have to run VLAN's if there's only 1 network port on that NUC. Do you have a smart/managed switch that can also run VLAN's?
@akuma1x Depends on your speed needs.
nucs use realtek nic and is fine for speeds up to 300mbi.
Anything above that is problematic
Thanks All . I have Google wifi with mesh network . I believe if I had to use the dedicated hardware such as SG 1100/SG 2100 I will have to disable the mesh and configure the google wifi as bridge ,right ? Are there any options wher I can use the mesh network and also a dedicatted hardware such as SG 1100 to run pfsense ?
@NOCling : Great idea to use for secure NAS backups
@akuma1x : No ,I do not have a smart/managed switch that can run VLANS
@pmadem How many physical network ports does your NUC have? If only 1, I'm almost positive that you still have to run a smart/managed switch to make this work, VM virtualized or not.
@DaddyGo Original nuc's by intel utilize realtec single port gigabit ethernet adapters
Confirmed in many occasions
Original nuc's by intel utilize realtec single port gigabit ethernet adapters
Confirmed in many occasions
You're just kidding me, aren't you?
That would be a terrible thing for Intel, I think you could see some fake Chinese NUC.
Fortunately, I have already worked and are still using NUCs in our installations for thin clients.
I can help you learn more about what is in NUC as PHY:
Intel i219-V and wireless AC-8265
(Believe me in all Intel NUCs, that's right -
possibly - i211)
Realtek, spelled correctly, not with "c"
@DaddyGo Maybe on the bigger models...
We are talking about original sealed boxes, bought through official distributors.
Here you go
00:00.0 Host bridge: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series SoC Transaction Register (rev 35)
00:02.0 VGA compatible controller: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Integrated Graphics Controller (rev 35)
00:10.0 SD Host controller: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series MMC Controller (rev 35)
00:13.0 SATA controller: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series SATA Controller (rev 35)
00:14.0 USB controller: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series USB xHCI Controller (rev 35)
00:1a.0 Encryption controller: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series Trusted Execution Engine (rev 35)
00:1b.0 Audio device: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series High Definition Audio Controller (rev 35)
00:1c.0 PCI bridge: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series PCI Express Port #1 (rev 35)
00:1c.1 PCI bridge: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series PCI Express Port #2 (rev 35)
00:1c.3 PCI bridge: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series PCI Express Port #4 (rev 35)
00:1f.0 ISA bridge: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx Series PCU (rev 35)
00:1f.3 SMBus: Intel Corporation Atom/Celeron/Pentium Processor x5-E8000/J3xxx/N3xxx SMBus Controller (rev 35)
01:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. RTS522A PCI Express Card Reader (rev 01)
02:00.0 Network controller: Intel Corporation Wireless 3160 (rev 83)
03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)
DaddyGo last edited by DaddyGo
Here you go
This HW, now you are presenting just a toy box, sorry...
(and a fairly old edition)
You are not reading the OP's message properly
@pmadem "I have a Intel 10th gen i7 NUC with proxmox up and running ."
well it's no longer a "toy" box, ergo Intel PHY should be in it
The quality of Realtek used to be acceptable, but today they do terrible things, pls. forget it...
What I said is that some original nuc's come with realtek lan adapters. This is a fact.
One should check to see what's inside.
Since Intel does it, it needs to be verified.
As for realtek lan and freebsd issues, its a well known issue.
DaddyGo last edited by DaddyGo
have a nice weekend
Correctly, Realtek PHY, because the acronym "LAN" can be misleading, as it provides poor performance on any interface
f.e.: WAN, LAN, OPT1, OPT2, etc. - or whatever you want WLAN, DMZ, IoT..........
And it's not just in FreeBSD, pls. avoid Realtek chip-based NICs everywhere
I've got one of these sitting in a spare parts bin somewhere - was a great little box (until its purpose was replaced by a VM), but the Realtek NIC was a bit of a sore spot (look under I/O Specifications):
was a great little box
Yes I like NUCs, but we're talking about Intel Core i .... platform (10Gen)
Not about the cheap version, which is Intel Pentium Silver Processor Series and moreover Q4'17
but I think the our opinion about Realtek - doesn't change from that yet
the OP clearly described what kind of NUC it had - - Realtek PHY is definitely not there
@akuma1x Yes , I only have one LAN port on the NUC
Here's a link to check the specifications for the NUC that I have :
Integrated LAN Intel Ethernet Connection I219-V
@pmadem The Intel i219-V is reported to work just fine with pfsense, and I'm assuming FreeBSD. But, since it's got only 1 single network port, you're still going to need a smart/managed switch to make this project work.
@akuma1x Thanks Jeff ! I m trying to find a good managed switch . Do you have any recommendations ?
@pmadem What's the size of your network, how many WIRED devices?
@akuma1x I have around 10 wired devices currently but also would like to have some extra room for some wired devices
@pmadem Ok, here's some quick recommendations:
D-Link Ethernet Switch, 24 Port Gigabit Easy Smart Managed Switch ($128 USD)
NETGEAR 24-Port Gigabit Ethernet Smart Managed Switch ($177 USD)
There's also some 16-port managed switches, but they are very close in price to the 24-port models. Hope that helps!
@akuma1x Thanks !
Do you have any recommendations ?
I'm correcting myself now and exist an Intel NUC with dual NICs, but it’s just yet to come:
Plus, with the new Intel PHY (2,5 GbE), we’re looking forward to it...
This post is deleted!