Why PFsense sucks
-
I was a bit surprised to see Windows XP, although chunking up lots of CPU usage compared to PfSense on the small Asus 2g, actually held its own in terms of battery performance. Both builds run approximately 2+ hours on an old battery. Pretty impressed.
And now you do a 180…
I think Im more in agreement with marcelloc...
I think the subject could be changed to Why Newbie/windows admins sucks.
If you want to express your input on the project, why dont you use your 12 years experience and help by helping to fix any alleged problems.
1. Bring your problems to light.
2. Show how to reproduce.
3. Help by testing the fixes.
What you have complained about would be good to understand and get fixed if it exists. The devs here have built a first class product and would not want to have issues hanging out there.
-
Go to the interfaces menu and choose WAN. Just click on the innocuously named 'insert local mac address' and voila your internet connection is gone, forever.
"I created a MAC address conflict, why does my network no longer work?"
Obviously you have no idea what you're doing. What you did there will break every network device on the planet.
-
I was a bit surprised to see Windows XP, although chunking up lots of CPU usage compared to PfSense on the small Asus 2g, actually held its own in terms of battery performance. Both builds run approximately 2+ hours on an old battery. Pretty impressed.
And now you do a 180…
No, not really. I was actually surprised that Win XP wasn't as much of a drain on the battery as I thought it would be. I am pretty damn impressed by the way Win XP runs on that little guy as compared to a X-Windows-less system like PFSense on FreeBSD.
Yes, and I still stick by my assertion now: I really do think PfSense, although nicely architected, is poorly implemented. For instance, just now I could not log onto the LAN interface. I was connected to the host_ap interface and received a DHCP lease on that subnet. So, why wasn't I able to log on web configurator much less ssh or ping that machine??? Even after many reboots and debugging exercises, I had to move config.xml to / and then restore the entire system from factory default. Then, after it rebooted and I went through that whole initial config spiel, I recopied config.xml from / to cf/conf. I rebooted and only THEN was I able to get on web configurator. I mean, WTF??? It was working fine one minute, then completely hosed the next?? I don't get it.
And the weirdest thing is, I think the entire firewall table is hosed now. I can see that the wireless WAN interface has a DHCP lease from our AP; I can see the IP information through ifconfig; but I can't ping any host on the Internet. I went to check the NAT and firewall rules and everything seems to be make sense. So, I deleted all the rules, etc…, and recreated them, rebooted, and I still cannot ping any host on the Internet. WTF???
You know what? I give up. I'm going back to Win XP and NAT32. To hell with infrastructure AP. I'm telling my guys to use their tablets at home.
-
More then 100.000 installs and you realy think the problem is with pfsense?
I don't think so.Windows xp is old, unsecure and bug full.
Real IT Administrators don't use Windows xp for nothing.
Try something else, grow up your nowledge.Go to console, do some tcpdumps.
-
As a standard install I would expect Windows XP to have far better power management than pfSense.
pfSense is not expecting to be running on a laptop. By removing or disabling many power management features that are present in FreeBSD the standard pfSense install is more stable and more secure.
That doesn't mean to say that you can't add those same features back in you install. I have reduced the power consumption of my own box quite considerably by playing with the options but I also crashed it a number of times by enabling things that weren't fully/correctly supported by my hardware.I will agree with you that wireless is networking is not pfSenses strongest feature! I am using a mini-PCI card as an AP myself but I had to do some tweaking to get it running reliably.
I'm sorry that your pfSense experience hasn't been a good one. :(
Steve
-
I can't decide if this was a troll or if this guy was legitimate. I'm not sure which would be funnier.
-
@submicron:
I can't decide if this was a troll or if this guy was legitimate. I'm not sure which would be funnier.
My thoughts exactly…
Hmmm, pfSense or WinXP+NAT32, that's a tough decision ;D
-
Here's even more weirdness about PfSense. So, even after reloading the filters and rules that I recreated last night, PfSense would not see past the external gateway. I checked the routing tables, deleted the routes, rebooted, and rechecked the tables. Looked fine. Anyways, still, I couldn't ping anything outside of the local domain on the WAN interface. It was late at night, I left it alone and went to bed. The next morning I check it out and it's miraculously working!! WTF???
I run this setup on a small ASUS 2G Surf laptop. It's really no different than the network appliances you guys recommend people to use for PfSense. Sometimes our gateway will be mobile using a long range point to point connection. Most of the times it will be local. It is important for me to test the current draw using either system. I also notice the snide remarks and all I can say is sorry to crap on your beloved software. From my experience, wireless as the WAN interface just blows.
-
mililani … I agree that wireless as a WAN sucks. But for me that sucks universally. pfSense once tweaked was still more stable than the last wireless for WAN that I used. That didn't last long as it was temporarily borrowing WAN from a friend while I waited for hookup.
-
I also notice the snide remarks and all I can say is sorry to crap on your beloved software. From my experience, wireless as the WAN interface just blows.
The snide remarks were more in response to your comparison between pfSense and WindowsXP+NAT. Its true that wireless as your primary Internet connection is painful at best, but its not exactly fair to blame pfSense for that.
-
I have to stop reading this thread as it just cracks me up. I'll agree that wireless support sucks but that doesn't have to do with pfSense for the most part but with the FreeBSD OS that is the foundation for pfSense. Check out the forums at freebsd.org and you will notice that wireless interfaces aren't 100% stable. This have to do with the drivers that are develop for FreeBSD. You just can't try a card in the box and expect it to be 100% stable without researching the wifi card and its driver for freebsd. There are some card that are 100% stable and user's love them.
If you have to use a wireless wan, do some research on this forum and freebsd.org and find a card that everyone agrees is stable or just go out and buy a Wireless AP to handle the wifi part and connect it to your pfSense box.
-
You just can't try a card in the box and expect it to be 100% stable without researching the wifi card and its driver for freebsd.
I think that says it all. For many people that is a reason why pfSense sucks. For a M$ based solution (and increasingly Linux) you can just try a card and have a reasonable expectation that it will work well.
As pfSense becomes more popular it is inevitable that more first time users are going to be disappointed. There are probably far more satisfied users but most of those don't complain. ;)Steve
-
Why on earth would anyone complain for a piece of software that is FREE and free to change to anyway you like. Opensource is about collaborating and sharing of knowledge. The developers have given a lot to the project without asking you for a single dime (but of course you can donate or purchase support which would help them a lot to get more full time developers). I have these routers running in production environments for business where it is critical to them. Yes I am facing many problems but this forum itself is paying off as I would have been paying thousands of dollars for similar knowledge from other solutions. Please think before blaming anything.
Eric
-
lol….What a great thread! Reminds me of the MaximumPC threads back in the 90's. I had figured that most trolls had by now contented themselves with participating in flame wars on YouTube comment threads...this OG troll is kicking it old school. Bravo!!
-
I think that says it all. For many people that is a reason why pfSense sucks. For a M$ based solution (and increasingly Linux) you can just try a card and have a reasonable expectation that it will work well.
And do not forget that if you are going to build a decent firewall (and a server too), you first have to select good hardware, check that it is compatible and then install and run it. There is no point in being able to support a low-cost crappy wireless card if only a few are running a firewall with it; supporting good hardware matters most. This is not meant to be that FreeBSD (and pfsense) do not have to support all the hardware, but having a priority to good and server level one. That is my opinion.
-
You just can't try a card in the box and expect it to be 100% stable without researching the wifi card and its driver for freebsd.
I think that says it all. For many people that is a reason why pfSense sucks. For a M$ based solution (and increasingly Linux) you can just try a card and have a reasonable expectation that it will work well.
As pfSense becomes more popular it is inevitable that more first time users are going to be disappointed. There are probably far more satisfied users but most of those don't complain. ;)Yeah this entire thread can be summarized as FreeBSD's wireless drivers for some cards really suck, and on the rest the guy has no idea what he's doing, things like creating MAC address conflicts and wondering why the network breaks.
But Linux has much the same issues with drivers, you really have to research your cards before you buy one especially since many of the bigger manufacturers (DLink, Linksys, etc.) will change the chipset used in their cards without changing the model # at all, so even finding a working model # on some cards is no assurance you're going to get the same card they used to sell under that model.
It looks like the situation with wireless will be getting a lot better with FreeBSD 9. Adrian Chadd has done quite a bit of work in FreeBSD 9 for a commercial software company that uses FreeBSD in their appliances and relies heavily on wireless. I have hopes that will be a great step forward on wireless.
