4. Mini-ITX pfSense Build

Mini-ITX pfSense Build

  • U

    Looking to build a pfSense system to support firewall, routing, outbound load-balancing, and both site-to-site and client-to-server vpn. Also hoping for filtering websites and application access both internally and externally. The two WAN connections need to support gigabit speeds (Google Fiber/TWC).

    I'd like to maintain gigabit connectivity throughout the network. There will be multiple end-devices both connected wired and wireless through a 24 port switch and wireless access points around the house.

    At minimum I'll need 4 Gigabit ports.

    0
  • Netgate Administrator

    That sort of budget and spec you need to make some hard definitions of what you need.

    So you have 2x1Gbps WAN connections so you need 2Gbps throughput? Or simultaneous up and down, 4Gbps throughput?
    If you want to filter http traffic, using the Squid proxy and Squidguard, that will increase the hardware requirements considerably if you still need the same throughput.
    What sort of throughput do you need for the VPN?

    You're going to be toward the top end of the hardware spectrum whatever you decide.  :)

    Steve

    0
  • U

    @stephenw10:

    That sort of budget and spec you need to make some hard definitions of what you need.

    So you have 2x1Gbps WAN connections so you need 2Gbps throughput? Or simultaneous up and down, 4Gbps throughput?
    If you want to filter http traffic, using the Squid proxy and Squidguard, that will increase the hardware requirements considerably if you still need the same throughput.
    What sort of throughput do you need for the VPN?

    You're going to be toward the top end of the hardware spectrum whatever you decide.  :)

    Steve

    I updated my original post. TWC doesn't offer GB speeds yet. I'm on the 50Mb plan currently. It would mostly be used as a backup in case Google Fiber was down for some reason.

    VPN would like to get at least 20Mb/s per user. No more than 5 concurrent users.

    0
  • Netgate Administrator

    If you want to do 1Gbps with Squid/Squidguard for http filtering you are going to need something pretty powerful so that limits your options in mini-ITX terms. I would expect to need something like a high frequency i3 for example. However it's beyond anything I've speced out personally so have a look through the forum for example builds.
    Anything that can handle filtered 1Gbps will have no problem with 100Mbps VPN.

    Steve

    0
  • A

    i3 with 4GB RAM should easily do it.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy