What hardware to replace BT Inifnity Home hub and add firewall functionality ?

stephenw10

Yep I was thinking about getting one myself but Intel seem to have discontinued it.  :(
Perhaps it was taking custom from their more expensive boards, too good.  ::) There are a couple of other similar boards available from other manufacturers but none have Intel NICs.

If you only need two NICs there are some thin clients that people have used. Search the forum. They may be underpowered for your purposes though. What connection speed do you have? What services are you wanting to run?

Steve

Anonymouslemming

@stephenw10:

If you only need two NICs there are some thin clients that people have used. Search the forum. They may be underpowered for your purposes though. What connection speed do you have? What services are you wanting to run?

Steve

I'd ideally like 3 NICs, but I'm prepared to settle for 2.

My WAN speed is 40 down, 8 up and I host a number of services on public IP addresses on my LAN. I also have a number of workstations and devices that need outbound NAT. I don't do any VPN from the firewall box - any VPN stuff is client based from PCs on the network.

I've not completely tested, but I'm hoping that on a 2-device setup I'll be able to have a public IP address with a 192.168 alias on the same NIC.

stephenw10

Ah yes, sorry, you already stated your connection speed, I should have read back. ::)

If you don't want Squid, Snort or vpn in the box then a thin client should be fine for you. Let me see if I can find a link…...
Edit: http://forum.pfsense.org/index.php/topic,64420.0.html
Many of those HP models seem suitable after adding an extra nic.

Steve

Anonymouslemming

@stephenw10:

Ah yes, sorry, you already stated your connection speed, I should have read back. ::)

If you don't want Squid, Snort or vpn in the box then a thin client should be fine for you. Let me see if I can find a link…...
Edit: http://forum.pfsense.org/index.php/topic,64420.0.html
Many of those HP models seem suitable after adding an extra nic.

Steve

I'll have a look at those - thanks.

I saw some posts about HP / Dell PCs, but I need this to be really quiet. The thin client looks like a good call for that.

kaipee

@Anonymouslemming:

@Hollander:

I could recommend the hardware in my sig. All credits for discovering this goes to the man who refuses to let me buy him a cup of coffee for his great, great, help  ;D

I'd not seen your post, but thanks. It's still more than I want to spend, but I'm running out of other ideas, so I may have to go that route.

I just wish the new ALIX boards would happen. They seem ideal.

Edit - one small problem - I can't find your board anywhere in stock at the moment. Bah. I knew it was too good to be true!

My apologies for resurrecting this thread, but I am thinking about a similar scenario. I would like to have pfSense put in place of my BT Home Hub connection (home user).

Have you considered looking at any of these? (are they suitable?? - I'm not much of a hardware guy)
http://linitx.com/category/alix-apu-firewalls/178/113,176,178

stephenw10

Yep those will work fine as long as you have a separate modem. I understand that some BT devices now have the VDSL modem built in.

The ALIX box is good for ~85Mbps and the APU for 350-400Mbps. That's without running any packages.

Steve

Jumbosausage

@stephenw10:

Yep those will work fine as long as you have a separate modem. I understand that some BT devices now have the VDSL modem built in.

The ALIX box is good for ~85Mbps and the APU for 350-400Mbps. That's without running any packages.

Steve

I've just recently switched ISP's and I've got one of these BT Home hub 5 boxes. It does indeed do away with the separate modem, the VDSL is built in. I'm looking to set up a pfsense router for the first time and I'm also looking at one of these http://linitx.com/product/linitx-apu-1c-4gb-3nicusbrtc-pfsense-msata-firewall-kit-blue/14230

Is this not possible with having the built in VDSL?

Ignore this one mate you just answered in the other thread : )

firewalluser

Is the VDSL you refer to the fibre port?

If so, this works on talktalk routers just like a normal Ethernet port, in other words, I can plug my pfsense into the talk talk fibre port and then serve the net over the talktalk's wifi.

Are BT having a US based IP address accessing the routers and downloading usage data with these new hubs or is it restricted to the home hub 3's I've seen?

If you go into the BT home hub logs, you will see it in the home hub 3 logs, but yet to setup one of these new fibre one's so cant check.

stephenw10

Nope. The HH5 has the VDSL modem built in so it has an RJ11 socket that connects directly to the openreach face plate on the master socket (or filter I guess if they've brought those in for VDSL yet). See this review for pics.

Steve

firewalluser

If we are talking about the red socket, thats what I call the fibre port, its identical to the heuwei talk talk routers.

I know BT or openreach were talking about rolling out two different fibre services some time ago, one which I suspect is the more common rollout is the fibre to the larger than life green street cabinets and then copper to the property, basically shortening the adsl cable as its no longer going to the exchange but in some instances, they can place a small equivalent of the green cabinet, in this case a small grey box of sorts, to the outside of the property and then you have fibre to the property which has a different setup AFAIK.

I suspect it will be possible to put the BT HH5 into bridge modem and just use them as a modem much like how we do it with the talktalk routers, which can then feed onto the pfsense box. Without seeing one of these devices in the flesh, thats still mainly a WAG though, parents might be getting it soon although BT having been trying to push a leased line instead of fibre and thats way more money for what they need.

stephenw10

Exactly, that have two services both being referred to as 'fibre'. The common one is FTTC where the service is fibre to the green cabinets and then VDSL to your house from there. Much more expensive is FTTH where the fibre is terminated actually in the customer premises in some fibre to ethernet box.
The HH5 can operate on both those services. It has an Ethernet WAN (the red port) for FTTH but it also has a VDSL modem (the grey port) for directly talking to FTTC cabinets.

Steve

Jumbosausage

I've just received my Pfsense box this morning and I'm about to go about installing it. I'm just wanting to clarify. I have the BT home hub 5 as mentioned above but I also have an old BT open reach modem from a previous ISP. Is it going to be best to use the home hub 5 with the built in VDSL or the old openreach modem and just use the HH5 as my wireless access point?

Secondly how exactly do I go about it if using the old openreach modem? does it need to be unlocked and then configured somehow?

stephenw10

I would use the old Openreach modem. That way you know exactly what is happening on your connection. You can always fall back to using the HH5 instead if you have some problem and getting it to work takes longer than you think.  ;)
To use it set it up the WAN as a PPPoE interface and connect it to the modem.

Steve

Jumbosausage

It looks like I've got one of the problem BT modems. https://hackingecibfocusv2fubirevb.wordpress.com/ I've got the /r model and it would seem this is a pain to unlock. I guess my best bet is to order one of the HG612 models on ebay.

stephenw10

You don't need to unlock the modem to use it with pfSense.

EdwardDavis

This post is deleted!