Help me build my pfsense box please!
-
Basically I'm trying to find:
Compact+Lowest Power Usage+Very high quality wifi G/N signal & range + enough juice to undergo 50/50mbps throughput OpenVPN 24/7 without drop in speed/performance from it.
Are there any prebuilt out there that are cheap and would do this well? I really dont feel like going custom if I can avoid it, I just want something neat slim with a good lil case to it, budget preferably under 350$?
If you can't or don't have a specific unit to recommend, can you tell the ideal cpu's that could do the job well and how much more power would be needed to have 100mbps/100mbps to futureproof it?
Also the best wifi chipset or adapter to use in the pfsense build?
-
Read previous posts. It is recommended to run wifi separately because pfsense doesn't support 802.11n currently.
My access point of choice is the Ubiquity Unifi units. They offer enterprise features and reliability at consumer prices.
There are lots of choices for compact/low power use which will be more than adequate for a 50/50mbps connection with openvpn. Do some research here for builds that work.
One platform to look at are atom integrated boards which will meet your low power requirements. These can also be run without fans.
-
Any recommandation for which device would be best to run wifi separately? I currently have a linksys E4200 with dd-wrt but Im not that impressed by the quality of the signal and its a fairly decent device.
-
802.11 b/g/n v 802.11 ac
http://www.ubnt.com/unifi/unifi-ap/ or http://www.ubnt.com/unifi/unifi-ap-ac/ -
I second the http://www.ubnt.com/unifi/unifi-ap/
I use these at all my sites and they work great.
pfsense and wifi for me was nothing but a nightmare, separate AP and all is well :)
-
This is exactly what I was looking for, thank you very much!!!
I'm gonna get the unifi ap long-range version!
-
This post is deleted! -
@SunCatalyst:
This is exactly what I was looking for, thank you very much!!!
I'm gonna get the unifi ap long-range version!
the Unifi LR (long range) has a HIGH failure rate. keep that in mind and also be aware 3.2.1 of the controller
software and firmware have been Buggy and NOT horribly reliable. stay with 2.4.x of the controller software
if you can as well as the firmware on the AP.Do you have an alternative to recommend? I dont like failing hardware!
-
I haven't had any LR units fail. I suspect that most people who are using them and reporting problems aren't using them properly though and assume they're defective. The most likely issue you'd experience is that many clients have no connectivity even though they're well within the rated range and report a mid-level signal. What they don't understand is that there are two sides to the conversation and that it doesn't matter if the AP has a LR transmitter which the client can hear if the client device doesn't have the power to send messages back over the same distance.
If you're going to use Unifi hardware I'd suggest the Pro models. If you're only using one AP though these things are a hassle. Just get an Engenius AP (I like the ECB600) or an Apple Airport Extreme.
-
This post is deleted! -
I also second Ubiquity. I have UAP-PRO, UAP, and UAP-LR. Recommended to me here in the past, and they work marvelously. The LR is real-ly LR ;D
It does 150 meter with 100% connection quality according to Windows 7, on a Lenovo T420. Download speed wired for this VDSL is 50 Mb/s, @ 150 meter it drops to 32 Mb/s.
-
I haven't had any LR units fail. I suspect that most people who are using them and reporting problems aren't using them properly though and assume they're defective. The most likely issue you'd experience is that many clients have no connectivity even though they're well within the rated range and report a mid-level signal. What they don't understand is that there are two sides to the conversation and that it doesn't matter if the AP has a LR transmitter which the client can hear if the client device doesn't have the power to send messages back over the same distance.
How would you determine if the problem is with the client, Jason?
-
@Hollander:
I haven't had any LR units fail. I suspect that most people who are using them and reporting problems aren't using them properly though and assume they're defective. The most likely issue you'd experience is that many clients have no connectivity even though they're well within the rated range and report a mid-level signal. What they don't understand is that there are two sides to the conversation and that it doesn't matter if the AP has a LR transmitter which the client can hear if the client device doesn't have the power to send messages back over the same distance.
How would you determine if the problem is with the client, Jason?
Unless you've explicitly bought a client wireless card noted for its "Long Range" abilities (read: high-powered & large antennas) you're going to have issues at the middle-to-edges of the signal area. Basically, anything without an external antenna will be flaky. You can test for this case with a specific device by running speed tests as you walk away from the AP. If you get to a point where you have 1-2 bars of "signal", which would still work fine with a "normal" AP, you'll have essentially zero throughput with the LR.
-
Hey Jason,
For the wireless i just need something for 1 floor that covers up to 800-1000sqf with a good and strong signal, with the linksys E4200 with dd-wrt Im using, I just go in the bathroom 25 feet away from the router and I get 1 bar of wireless signal and it can be unstable on my galaxy phone.
I'm trying to spend as little as possible for my needs, not sure some of those pro or extreme 200$+ units are needed I dont have a house or anything overkill to cover either.
I dont need any crazy features just something durable and power efficient wireless G/N and a very good & strong radio signal that is stable and consistent!
-
It's been my experience (admittedly, I haven't used it in a year or so) that DD-WRT makes things worse unless you know exactly what settings to change. If you want something simple and reliable then get an Apple AirPort. I use two, one on the 1st floor of my home and another on the second.
-
This post is deleted! -
I grabbed an Apple airport express for 85 bucks, I'll see how that go, about the box for pfsense, what kind of minimum cpu is needed (lowest power usage) to perform well for 50mbps openvpn traffic and basic plugins? No intense firewalling or pps or anything else needed much. Also how many gigs of ram would be ideal for it?
Is it possible to configure pfsense to have a failover/alternate vpn that it would connect to if unable to connect to the main/first?
-
Intel Celeron G1610 should be do the trick. An i3-2120T, 35W if you can find it used would fit into your budget and be cool (pun intended).
2GB of ram will be more than enough.
OpenVPN is rock solid once setup properly. Point to point, mobile connections have been problem free for me. However if you feel the absolute need to have a backup, you can setup ipsec as secondary.
-
Intel Celeron G1610 should be do the trick. An i3-2120T, 35W if you can find it used would fit into your budget and be cool (pun intended).
2GB of ram will be more than enough.
OpenVPN is rock solid once setup properly. Point to point, mobile connections have been problem free for me. However if you feel the absolute need to have a backup, you can setup ipsec as secondary.
Thank you very much for this quality post :)
-
Unless you've explicitly bought a client wireless card noted for its "Long Range" abilities (read: high-powered & large antennas) you're going to have issues at the middle-to-edges of the signal area. Basically, anything without an external antenna will be flaky. You can test for this case with a specific device by running speed tests as you walk away from the AP. If you get to a point where you have 1-2 bars of "signal", which would still work fine with a "normal" AP, you'll have essentially zero throughput with the LR.
Thanks Jason ;D
Shouldn't the bold part be the other way around? Or do you mean 'will work fine with a "normal" AP in it's particular relatively small range'?
(What I mean is: the "normal" AP will not work fine if it is at the range of the LR, since it won't work at all there).