Help on cheap build…



  • My main reason for the build will be to run OpenVPN for the whole network. Everything that connects wi be under vpn. I would ultimately love for the box to be as small as possible. I have a 100mb/20 line and wants to max it out.

    My main questions of course are:

    What's the monthly/yearly cost of running these vs an actual router?

    What build do you recommend and how do I wireless to work? (Switch coming off 2nd nic connected to a home router in access point mode?)



  • This is my "on the cheap" setup.

    Repurposed notebook running pfSense connected to a smart switch (port n: member vlan x).
    pfSense WAN as VLAN x interface
    pfSense LAN as native NIC interface
    AP connected to switch
    ISP connected to switch (port n+1: vlan id x, member vlan x)

    One of the beauties of a notebook is the built-in console and UPS.



  • The cost of using any old laptop or old computer is generally electricity because old equipment uses more of it than newer equipment generally.  That being said, if its not my money being spend I don't usually press the hardware efficiency issue.  I use a old Athlon X2 for my personal box (60W maybe).  When that breaks I will update to a new 5 or 10 Watt machine.

    If I were going to spend money to update the efficiency of something just to save electric, it would probably be spent on a new air conditioner or refrigerator but thats just me.

    The pfsense store is full of new machines that will work for you.



  • My main reason for the build will be to run OpenVPN for the whole network. Everything that connects wi be under vpn. I would ultimately love for the box to be as small as possible. I have a 100mb/20 line and wants to max it out.

    You want to max out the 100/20 MBit/s line but the pfSense hardware should be the tiniest you
    can get hands on? Hm, as I see it right you can get a $30 used router and flash him with DD-WRT
    or OpenWRT to get your OpenVPN running as I see it right there is nothing in the price comparison
    that beats a set up like this, but if you want to go with pfSense and related to your Internet connection
    speed I would be prefer to get a device that can also handling the Internet connection right.

    My main questions of course are:

    What's the monthly/yearly cost of running these vs an actual router?

    There are routers out there that are alsoi using much of electric power and often more
    then a small self made appliance for sure and vice versa there are also many alliances
    that needs many more power then a consumer great router like a Netgear or D-Link.

    But this is like viewing only with one eyes on the situation, owed to the circumstance
    what pfSense is really able to serve and what a consumer router is able to do.

    I would at his day have a closer look on two devices, Alix APU based platforms if
    VPN is not the entire goal and angle point in the game and a Intel Atom C2000 SoC
    based device that is beating them all in VPN, speed and power consuming.
    C2558 is <14 watt
    C2758 is <20 watt

    But both comes with AES-NI and intel QuickAssist.

    What build do you recommend and how do I wireless to work? (Switch coming off 2nd nic connected to a home router in access point mode?)

    Ok to be really truth I think you can get the most benefits from pfSense by;

    • Intel CPU
    • Intel NICs
    • No WLAN

    But this is no matter as you where telling you are using a WLAN AP or router in AP mode
    this would be fine as I see it right and matching the Captive portal of pfSense really.

    The pfSense store offers also some nice boxes based on the above chips and brands
    but they are also comming woth 3 miniPCIe slots + 1 SIM slot for mSATA, modem and
    WLAN cards so it could be an ideal choice for many years.



  • DDWRT wont handle openvpn on a 100/20 network - you would be lucky to get 6/6 and that would be smoking your CPU 24/7.



  • @kejianshi:

    DDWRT wont handle openvpn on a 100/20 network - you would be lucky to get 6/6 and that would be smoking your CPU 24/7.

    This is right but it matches also his wish like;

    I would ultimately love for the box to be as small as possible.



  • There is only a couple of boxes that small that can handle what he wants and they are in the pfsense store.  Other than that, you can build a cheap computer, or recycle and old one but the size and power draw will be higher.



  • Forget the size of the box.

    Using a normal router for open vpn will not get anywhere close to the speeds I want.

    I don't want to use a laptop as my box because I am not skilled I'm pfsense to get that working.

    I was looking at this box on eBay that has been upgraded and is quite small, but do you think it can handle the speeds I'm looking for ? 100mbit down 20mbit up?

    http://pages.ebay.com/link/?nav=item.view&alt=web&id=321707965681

    Or

    http://pages.ebay.com/link/?nav=item.view&alt=web&id=261849217216



  • Second one might get it but I'd rather recycle a used quad core AMD machine than either of those.



  • I do have a spare Asus pb z77 lx motherboafd with a i5 processor. I'm just concerned with power consumption… I'm new to all this, how many watts do you think it would run at? Also does the power supply itself play a roll? Not sure what power supply I have in it



  • Well - It will pull more than 10 watts.  Look up the power consumption of the CPU and add 20% or so.  Just a guess.







  • Hello and thank you for your post confirming the hp t5730w works. Couple questions to make sure I can get this working if I buy on eBay. I have a 100mb connection but if I could get 66mb is be more than happy honestly.

    Now… Since this only has 1 nic... That would be from the cable modem to the nic... If I wanted other direct Ethernet connections how could I get this to work ?

    Also what could I do to get this client machine to be a wireless router ? Any help would be awesome!!

    Thank you !



  • 1st - You are just going to melt that CPU if you keep it pegged at max throughput all the time.

    2nd - You need a vlan router and you use its port as WAN/LAN and put a VLAN trunk on the one available pfsense NIC



  • Another words… Look for 2 nic machine ? ;)



  • and abit more processor….



  • http://pages.ebay.com/link/?nav=item.view&alt=web&id=261849217216

    Same as above but upgraded to a dual core AMD and 5 gbit Ethernet…
    What do you think ?

    I am not doing constant downloads, it's for a NAS server that downloads tv shows via rss and just normal web traffic. All home use.



  • I'm pretty sure a single thread of openvpn will be core-locked.

    Meaning 2 cores of the same speed might not get you more than one.

    I'd be looking for 2.5GHZ in that architecture or 2.0 GHZ per-core in a modern architecture.

    And at least dual core.





  • @BlueKobold:

    My main reason for the build will be to run OpenVPN for the whole network. Everything that connects wi be under vpn. I would ultimately love for the box to be as small as possible. I have a 100mb/20 line and wants to max it out.

    You want to max out the 100/20 MBit/s line but the pfSense hardware should be the tiniest you
    can get hands on? Hm, as I see it right you can get a $30 used router and flash him with DD-WRT
    or OpenWRT to get your OpenVPN running as I see it right there is nothing in the price comparison
    that beats a set up like this, but if you want to go with pfSense and related to your Internet connection
    speed I would be prefer to get a device that can also handling the Internet connection right.

    My main questions of course are:

    What's the monthly/yearly cost of running these vs an actual router?

    There are routers out there that are alsoi using much of electric power and often more
    then a small self made appliance for sure and vice versa there are also many alliances
    that needs many more power then a consumer great router like a Netgear or D-Link.

    But this is like viewing only with one eyes on the situation, owed to the circumstance
    what pfSense is really able to serve and what a consumer router is able to do.

    I would at his day have a closer look on two devices, Alix APU based platforms if
    VPN is not the entire goal and angle point in the game and a Intel Atom C2000 SoC
    based device that is beating them all in VPN, speed and power consuming.
    C2558 is <14 watt
    C2758 is <20 watt

    But both comes with AES-NI and intel QuickAssist.

    What build do you recommend and how do I wireless to work? (Switch coming off 2nd nic connected to a home router in access point mode?)

    Ok to be really truth I think you can get the most benefits from pfSense by;

    • Intel CPU
    • Intel NICs
    • No WLAN

    But this is no matter as you where telling you are using a WLAN AP or router in AP mode
    this would be fine as I see it right and matching the Captive portal of pfSense really.

    The pfSense store offers also some nice boxes based on the above chips and brands
    but they are also comming woth 3 miniPCIe slots + 1 SIM slot for mSATA, modem and
    WLAN cards so it could be an ideal choice for many years.

    Existing routers with DD-WRT….I don't think there is any capable to handle 100M VPN speed.
    ALIX, the Geode LX actually has hardware encryption so the VPN performance is not bad.



  • I think that last CPU you listed should keep pace pretty well.

    I'd not use the syba NIC though.  I'd use a Intel chipset 1000 pro of some sort with PCIe interface and dual NIC ports.



  • okay was able to find the Intel pro 1000 dual port. If I'm using the on board nic do I need a dual nic on top of that? Sorry for the noob questions



  • Probably not but the Intel NICs are usually better.



  • I thought this was supposed to be a "cheap build".  :-\



  • When you build a pfsense box, unless the goal is just to learn and play you should probably have a list of minimum specs in mind, otherwise it will cost you.  You pay for internet service and certain speeds and if the minimum spec doesn't meet your requirements for something like openvpn then every month you are paying for bandwidth you can't utilize.

    So price, while important shouldn't be all important.



  • Existing routers with DD-WRT….I don't think there is any capable to handle 100M VPN speed.

    But cheap and OpenVPN is given.

    ALIX, the Geode LX actually has hardware encryption so the VPN performance is not bad.

    The chaepest complete Bundle I can get here is 158 €

    • ALIX.2D13 Board
    • Alix case and PSU
    • 4 GB Industrial CFCard

    And the cheapest offer for an Alix APU Bundle is at 187 €

    • Alix APU 2 GB
    • Case and PSU
    • 16 GB mSATA

    So then I would preffer to go with the Alix APU platform.

    I thought this was supposed to be a "cheap build".

    Me too! Cheap, OpenVPN, 100 MBit/s Internet line

    When you build a pfsense box, unless the goal is just to learn and play you should probably have a list of minimum specs in mind, otherwise it will cost you.

    Surely this is right, but then each Intel Atom platform in miniITX format for 80 € - 100 €
    should do the job in my eyes.



  • ALIX.2D13 Board is definitely not going to cut it for him.

    It would make a good Client + Firewall to his machine but not the server with his bandwidth wants/needs.



  • Well if $200 is too much in your eyes what do you all recommend part wise?



  • Its your thread.  You are the one who decides whats too expensive or not.



  • Looking around I fell into another thread that linked me to

    http://m.newegg.com/Product/index?itemnumber=N82E16856205007

    Barebones, I have a hdd so I just need some ram. Any insight?
    If you think this is fast enough would u say 2gb or 4gb ? Again only used for routing and openvpn



  • This one won't cut it.  The last one I said was probably ok is probably ok.  (-:



  • Okay I reconfigured it to be all from Amazon so I can have it shipped in 2 days for free via prime… Can you check me one last time :) also, I'm a little concerned if the dual nic will fit with this mobo/case

    http://pcpartpicker.com/user/Amendolaro/saved/mMzj4D



  • Disk controller JMicron JMF661 -  :'(

    Have you seen anyone have successful install with the mobo you have chosen?



  • I honestly didn't think it mattered.. Sorry.. What should I shoot for ? Use same mobo from the original build I made ?



  • Not a fan of A-Data

    First USB flash drive I ever bought was one of their 16 GB devices.  It only lasted a couple of months.  RMA'd and the replacement lasted only a few months as well.  Both where light usage (back up of music and documents).  Very little writing.  Those are the only two USB flash drives I've had die unexpectedly.  The only other one was a PNY running pfSense.  It lasted about a year with doing a beta upgrade or two a month.  So that one was expected.

    Personally I will not buy any A-Data products (unless forced to by no other choices).



  • Thanks! I will change that now. Better performance going ssd than hdd for just pfsense?



  • I actually just Checked the first buildand it's the same mobo.. If you don't like that controller what do u recommend ?



  • What about this board?

    Has built in Celeron quad j1900 with dual nics

    http://m.newegg.com/Product/index?itemnumber=N82E16813128698



  • @amendolaro:

    What about this board?

    Has built in Celeron quad j1900 with dual nics

    http://m.newegg.com/Product/index?itemnumber=N82E16813128698

    Read the reviews. J1900 boards seem to often have BIOS issues. This was one of the prominent ones.


Log in to reply