Want small form pc for pfSense … recommendations
-
Hello,
My main need is an OpenVPN server so I can pass through it for secure internet
Please read an answer from @gonzopancho here in the forum related to exactly this point, Link
Also, I want to explore snort and other features without worrying about processing power.
Snort, Squid, + SquidGuard, AV Scanning, VPN,…....
Better to know all first really all about your needs and wishes, not to run in a trapI want overcapacity, but not something too expensive.
Likes all others, 100 MBit/s Internet, VPN and all other on top for $50,
but as I see it right this will not even really work.Also, low power requirements are wanted.
There are some of them out know, really enough power but
power saving also. Intel´s C2xxx series could do this job.Is there a Zotac model that would work? What about other brands? What processor, how much ram, anything else is suggested?
- VK-T40E pfSense Security Gateway Appliance from the pfSense Shop based on an
Alix APU Board really enough for 50 - 100 MBit/s
But without AES-NI and Intel´s QA! - Supermicro Mainboard with a C2358 CPU
Not a power saving firewall, but powerful - SG-2440 pfSense Security Gateway Appliance from the pfSense Shop
Really wicked firewall that matches all your needs and power saving, but not cheap - Supermicro Mainboard with C2358 and 8 GB ECC RAM would be also matching
But a case and some other things are also needed on top
So as I see it right a CPU with AES-NI and/or Intel´s QA or a Atom C2xxx CPU
with 2 -8 GB RAM and Intel NICs or LAN Ports would be great for you.In my eyes it is better for to save some money for over some month and then buy
a SG-2440 pfSense Security Gateway Appliance, this will be running for years for
you well and saving power on top also. - VK-T40E pfSense Security Gateway Appliance from the pfSense Shop based on an
-
Thanks. Lots to think about.
-
Take a look at the Intel NUC. Think there is one with dual Ethernet.
-
Take a look at the Intel NUC. Think there is one with dual Ethernet.
Intel NUC5ix series, latest with 5th gen i3/i5/i7 is single ethernet only. You can mod using a different case and using pci slot to fit the second ethernet adapter.
I own NUC5i3RYH. -
Maybe this is what I saw. Not sure if this is considered a NUC, but it does have to RJ45 connections.
http://www.newegg.com/Product/Product.aspx?Item=N82E16856205007Or I may have been thinking Thunderbolt NIC adapter.
Personally though I'd settle for single NIC and VLAN unless there is specific requirement for no VLAN or bandwidth constraints.
-
Better to go with 2 seperate NIC's than VLAN's. You can always VLAN the LAN part to get things seperated…
I prefer the WAN and LAN on 2 seperate physical interfaces. Even if its running virtualized....
-
The suggestions here have been helpful. I think I'm going to have to spend a few bucks but less than $400 if I'm careful. I will either build one using the suggestions here about the motherboard that has the new Intel Rangeley chip and Intel nics or explore a Jetway small form PC that will need memory and a drive. I read about them elsewhere and they appear to have some capabilities … but not all models have Intel nics so care is needed in the selection.
It's been a long time since I built a PC so it might be fun to build a router.
Is a small form case just a case or are there specs to look for?
Regarding ram, 4GB or 8GB? The cost is negligible. With a router is there any advantage to having a reserve of ram?
I have a spare 2.5" 500GB drive, but a small SSD is cheap. Any pros or cons to either? 32GB ok?
-
snort and Suricata are memory hogs. Point to 8GB for that, otherwise 4GB is completely sufficient.
Personally, I don't like running HDDs in my routers as they have moving parts. A small SSD is fine even though there won't be much of a speed improvement. -
I suggest Supermicro MB with C2558 or 2758, 8GB to run Snort and pfBlockerNG. A small SSD is fine. On the market there are a lot of cases available, both fan and fanless. Such a setup will secure your future bandwidth upgrades, up to 1000Mbps. With upcoming OpenVPN supporting in full AES-NI it will be the standard.
-
Umm, I used some left over computer parts from a PC upgrade to build mine. It is a larger build but then again, it is rack mounted with my server. I used a Asrock z77 board, i5 CPU, 2x2 gig ram, an old 1TB HD, 2 x Intel EXPI9400PTBLK network cards and 2 Emulex 4GB LPE 1150-E fiber cards. I am running pfsense and snort with NO memory lag as mentioned by a previous poster. Overall system performance will be determined by the quality of the hardware. If you looking for a low power system then maybe 8 gig is necessary. If not concerning with physical size then 8 gig may be overkill. Just as with an SSD which again is overkill
-
Use Innodisk DOM for the drive instead of a normal HD.
-
You could seek out the local electronics recyclers. 3 to 5 year old PC's can be had cheap. For me my first pfSense box was a $50 Dell 760 small form factor core2, 4gb ram. I added a 2.5 40gb hd. I scored a NC360T dual nic cheap.
Then you can decide later how much power you need and what you want to spend on low power vs hp. You may even run into a stack of old firewalls you could revive with pfSense.Unfortunately, visiting a place like that can be habit forming. I need special permission from my significant other just to drive by the place..