Pfsense 2.2 installation



  • I need to install on December a pfsense 2.2 firewall with 6 ethernet adapters.

    Which hardware do you suggest ?

    My hardware suppliers has suggested this configuration:

    1 x 733732-421 = Server HP DL360p G8 con 1 Proc. Intel® Xeon® E5-2603 v2 (1.8GHz/4-core), 4GB RAM, Smart Array
    P420i, 8 SFF HDD bay, 4 ethernet ports, 1 power supply, 6 redundant fans, iLO, 3y warranty on-site
    NBD
    1 x 713981-B21 = HP 4GB 1Rx4 PC3L-12800R-11 Kit (RAM aggiuntiva)
    1 x  503296-B21 =HP 460W CS Gold Ht Plg Power Supply Kit (alimentatore aggiuntuivo)
    1 x  647594-B21 =HP ethernet 4 ports
    3 x  655708-B21 = HP Hard Disk 500GB SATA
    1 x 652238-B21  = HP 9.5mm SATA DVD ROM Jb Kit

    I think that the  647594-B21(Broadcom BCM5719) is not compatible It isn't ? Should you suggest another network adapter ?
    Thank you for your support.


  • Netgate Administrator

    What is this box going to be doing? What's the expected throughput? Packages? VPN?
    Why 2.2?

    Use Intel based NICs if you have that option.

    Steve



  • Steve thank you for your reply.

    Your consideration are corrects.

    I would like to use Pfsense for:

    • Firewall
    • VPN concentrator,
    • OpenVPN
    • Load Balancer
    • Traffic Shaper

    Package:
    -pfBlocker
    -haproxy

    I  expected throughput
    4 Gbps = firewall throughput
    1 Gbps = IP sec VPN throughput

    Why the installation is scheduled in december.

    We will  start to use the IPV6 in the LAN network.
    I think that IPV6 with pfsense 2.2 (freebsd 10)  will be better supported.

    Cuccu

    Thank you


  • Netgate Administrator

    OK. Just to be sure you do realise that 2.2 is in beta and has only just reached that stage? If you're running this in production you should be using 2.1.5 unless you have a very good reason not to. IPv6 is well supported since 2.1.

    @cuccu:

    I  expected throughput
    4 Gbps = firewall throughput
    1 Gbps = IP sec VPN throughput

    Ok. So these requirements are getting towards the top end of what's possible (under 2.1.X at least). This is going to have to be your biggest consideration and to be honest it's beyond my experience. Anything I suggest here is going to be based on the comments of others so it's probably best to let someone with first hand experience answer.  ;)

    I will say though that your list above contains only Gigabit NICs so how have you come to your 4Gbps figure?

    Steve



  • Thanks you for your consideration.

    I live in Italy :-D ….. I think that with my administrative offices I will able to buy the hardware only in November and the install of the firewall is scheduled for Jannuary.

    I hope that the 2.2 will be stable in Jannuary 2015 :-D.  I think that IPV6 on freebsd 10 (pfsense 2.2) is better than IPV6 on freebsd 8.3 (pfsense 2.1.5).

    I will say though that your list above contains only Gigabit NICs so how have you come to your 4Gbps figure?

    My network Is complicate…..  Now I use a firewall with 6 NICs.  Now I use 2Gbps (I see on my mrtg graph).

    If I buy a new firewall I want double the fire power. I don't want to be precise.

    Thank you


Log in to reply