First time pfSense build for homelab

dpsi

So I have been looking forward to replace my existing dd-wrt routers with a pfSense solution. The setup will take in a 100/5 connection to a Nortel Baystack 5510-48T switch which connects to the rest of my home/lab. The switch will handle most of the routing so the pfSense box shouldn't have to be too beefy. I do intend on running a VPN server and some form of a firewall.
After reading a couple pages in this board and the vendor board I am thinking of something like this: http://www.aliexpress.com/item/-/1943481997.html but would like some feedback from the community for a different whitebox build. For now I just need the normal router features like QoS etc. I might try an IDS later on but its not high on the list.

My budget is CAD$200 or USD$170. I prefer Canadian vendors but I have a US address I can ship to if need be.

stephenw10

Almost anything you happen to have already will have no difficulty with a 100Mbps connection for just firewall and NAT. If you need a VPN connection at 100Mbps that significantly ups the hardware required. An older Atom D5** series will push ~50Mbps encrypted for example. That Celeron you linked to should do it. Do you need it to be a small and fanless build? If not you're paying for that unnecessarily. If you do go for one of those Chinese boxes don't get the wireless option, they seem to be supplying unsupported Broadcom cards.

Steve

thekamikazepr

@stephenw10:

Almost anything you happen to have already will have no difficulty with a 100Mbps connection for just firewall and NAT. If you need a VPN connection at 100Mbps that significantly ups the hardware required. An older Atom D5** series will push ~50Mbps encrypted for example. That Celeron you linked to should do it. Do you need it to be a small and fanless build? If not you're paying for that unnecessarily. If you do go for one of those Chinese boxes don't get the wireless option, they seem to be supplying unsupported Broadcom cards.

Steve

Don't want to hi-jack his post but don't see a reason to double post asking a similar thing.

When you say " Do you need it to be a small and fanless build? If not you're paying for that unnecessarily. "    What options would you recommend?

Also are there any other vendors closer to USA/Canada

how about those mini barebones in newegg Zotac, foxconn.  Are they any good?

stephenw10

What I would suggest, if you've never used pfSense before, is that you gather together whatever old hardware you have to hand and run that as a test.
If you find it's too loud, too big, uses too much power, doesn't have enough computing power etc then go out and spend money on something more appropriate. You'll have a much better idea of how to configure it when your new hardware arrives and you'll have some sort of benchmark to use when ordering new hardware.

Determining what hardware might be appropriate depends on several things:
What throughput you need.
What packages you are hoping to run.
Whether you're running any VPNs.
Any additional restrictions you might have such as size, heat, noise, power.

Steve

dpsi

It's either something new or I go and buy a 2-port intel NIC and drop it into a Pentium D tower I have, although I am concerned about how much power its going to guzzle hence my aim for a newer processor with a lower TDP.