PF sense on a p4 1.6 512 MB and a CF card or…



  • I need to change my remote firewall (watchguard III 700)  the throughput is terrible and the vpn between this box and my pfsense box will not work properly, I dont' knwo why but when the ipsec goes down on the watchguard it will not automatically reconnect unless I restart racoon manually.

    So

    I want to build a PFsense box, I have a p4 1.6 with 512 sitting here, I was going to rackmount it and put in an intel pro/1000 dual.  and I was thinking about getting this to run on a CF card instead of an HD, but I am wondering if the write limitations on the CF card will pose problems.

    Also I was considering buying a intel atom 1u or barbones and use this instead but with all the aditional costs associated I may be better off buying a complete unit for $500 from another vendor, sonic wall or a new watchguard.

    It's nice to put some old hardware to use but they do consume more power and may not be as reliable, I definitely need this very reliable since this is my remote location and I would need to take fly there to fix any issues,  does anyone here have any advice on using a p4 or intel atom and also running on a cf card.

    Thanks



  • If you use the NanoBSD images, only configuration changes are written to the card.  The OS is loaded into memory and run from there upon boot-up.



  • I'm confused sorry,

    DO I need ot buy a "DOM" if so what is a decetn size to buy 2GB? IF I want to be able to upgrade to PFSENSE 2 in the future also I run squidguard which will require about 100-200MB for the data base, if I buy a DOM will this be sufficient or do I need to also have a DOM with a CF card and card reader built into the machine for the programming.

    thanks



  • Common opinion here seems to be that if you want to use packages that write a lot of data to disk (like squid does)  it's better to do a full install on a hard disk.



  • Thanks for the input, Although I like the DOM option After reading your post I think I will go with the HD option not only is it cheaper it's a proven method, easy to install and I easily available.  As long as the HD is in good condition I should have years of life on this solution.

    Thanks.



  • If you want to run packages like Squid, the full install with a HDD is the way to go.

    Saw your post on the other sub-forum.  If reliability is an issue, I believe pfSense 2.0 supports RAID 1 so that might be an option for HDD full installs.


Log in to reply