State of the pfsense 2 beta - good enough for personal use?



  • Hey all,

    Im setting up PFsense to work as my main router via VMware on my server. PFsense is too complex for me to get a sense of the state of the beta, so I want to ask the regulars here wether or not the beta is "good enough" for personal use, or if it still has too many bugs in important systems to rely on yet. I realize the official word is "not good enough for production", but im not running any critical services here - my demands are much lower, and if I have to tinker a little here and there and get some downtime as a result its not a huge issue.

    For my part im mostly just using the traffic shaper, NAT port forwarding and other really basicrouter functions such as DHCP ect.

    I also want to ask a quick question: I have gotten PFsense2beta to connect directly to my PPPoE connection, but for some weird reason I can only ping to a few IPs from the client machines.Pinging from diagnostics within PFsense however seems to work fine. Also, connecting the PC directly to PPPoE via dialup connection also works fine. im using the very latest beta build with default settings (via VMware) except for the settings needed for PPPoE obviously. Any tips on what might be blocking me? I could not get PFsense1 stable build to connect to PPPoE at all using the exact same setup. If anyone knows why that might be, im also interrested in knowing that.

    -Stigma


  • Rebel Alliance Developer Netgate

    If you're just doing NAT, port forwards, and the shaper, it's pretty solid.

    You may find some rough edges here and there but it's been stable for me at home (and I work from home).

    I haven't seen anything like the problem you are describing there, but you might want to try it again with a newer snapshot. If it works fine from pfSense but not from a client, the usual suspect would either be outbound NAT, or perhaps a subnet misconfiguration on LAN (too wide of a mask, perhaps).

    If you post some more details about your config it might help.



  • Don't mean to hi-jack this thread ! 
    I have 2 networks running 1.2.3 , 20 or so clients on each
    Is it possible to grab another computer install 2.0 beta and upload the config from a 1.2.3 system?
    I have a long list of nat rules on one system and a longer list of queues and rules on the other for the traffic shaper.



  • @jimp:

    If you're just doing NAT, port forwards, and the shaper, it's pretty solid.

    You may find some rough edges here and there but it's been stable for me at home (and I work from home).

    I haven't seen anything like the problem you are describing there, but you might want to try it again with a newer snapshot. If it works fine from pfSense but not from a client, the usual suspect would either be outbound NAT, or perhaps a subnet misconfiguration on LAN (too wide of a mask, perhaps).

    If you post some more details about your config it might help.

    Actually (after much testing) I found out how to get it to work - but its a workaround so maybye its a bug/weakness that can be corrected:

    In the latest stable version it would NOT connect to PPPoE no matter what I tried, until I did a reboot (from the webconfig).

    In the latest betas (i tried about 5 different recent snapshots), it connects to PPPoE fine and gets the right IP ect, but the connection either dosnt work at all, or only works to ping a few IPs like one of the DNSes (but not the other some of the times). A bit of random weirdness in other words. But lo and behold! A restart allways fixes it. Nothing SEEMS to have changed after reboot, but it allways works then. I think it must be a "warm-reboot" from the webGUI, but il test a few variations and report back. All seems to work well now, but its a real hassle to have to reboot the whole system each time after I have turned it on. its weird - but i have tested it enough times in a systematic manner now to know that its not just a random fluke or because of some other setting.

    EDIT: After a few more tests I have determined that this need for a reboot is only after the intitial installation. I have to reboot after install to get it to work, but it seems that after that i can turn it off and on cold or warm without problems. Still weird that both the stable release and the beta simply refuse to work before rebooting though, unless thats intended, but I never saw any prompts telling me a restart was required. Anyway, hope this helps someone in the same situation or helps squish a bug if one exists.

    -Stigma



  • If I correctly got the underlines, Stigma is a home user like me.
    If so, I'd ask you to give some updates as to your current experience in combining Pfsense with virtualization, either from the architectural and security standpoints.
    I'm a newbie home user who is trying to get rid of poor hardware routing apps, but I'm still pretty much afraid that virtualization could present a threat in terms of security.
    Thanks


Log in to reply