Help a noob out in creating the best home PfSense firewall!



  • Hello everyone! I am going off to college soon and I have decided that if I am going to be on the school network, I should have a firewall. That is where I fell in-love with PfSense ;D. There's just one problem, I don't know what parts to get and how to set it up! There is plenty of videos on youtube of how to set up the software, but I need some help with actually getting my future PfSense box connected to the network and my computer(s). Down below i'll provide the setup that I want to do and the questions that I have. I am very open to constructive critism so please have at it!!

    The build list

    Mobo: ASRock N3050B-ITX Intel Dual-Core Processor N3050 (up to 2.16 GHz) Mini ITX Motherboard/CPU/VGA Combo (http://www.newegg.com/Product/Product.aspx?Item=N82E16813157618&cm_re=intel_mini-itx_motherboard--13-157-618--Product) $58.99 Max Wattage: 6w.

    RAM: G.SKILL Ripjaws Series 8GB (2 x 4GB) 204-Pin DDR3 SO-DIMM DDR3L 1600 (http://www.newegg.com/Product/Product.aspx?Item=N82E16820231726) $45.00

    SSD: Mushkin Enhanced ECO2 MKNSSDEC60GB 2.5" 60GB SATA III (http://www.newegg.com/Product/Product.aspx?Item=N82E16820226677) $39.00

    Case: M300 Enclosure with 1 PCI Slot and Bootable CF Reader option (http://www.mini-box.com/M300-Enclosure-w-Bootable-CF-Reader_2) $60.00

    PSU: PicoPSU-80 + 60W Adapter Power Kit (http://www.mini-box.com/picoPSU-80-60W-power-kit) $35.00

    NIC: Intel PRO/1000 Pt Dual Port Server Adapter (http://www.amazon.com/Intel-1000-Dual-Server-Adapter/dp/B000BMZHX2) $27.00

    Other Parts:
    PCI-E riser card: PCI Express PCI-E 1X to 36-Pin Riser Card Extender (http://www.dx.com/p/pci-express-pci-e-1x-to-36-pin-riser-card-extender-ribbon-cable-for-1u-2u-155034#.VamJ7_lVhuA) $2.90

    Fans: ENERMAX EVEREST Advance UCEVA12T 120mm Blue LED Case Fan (http://www.newegg.com/Product/Product.aspx?Item=N82E16835214044&cm_re=silent_120mm_fan--35-214-044--Product) $13.99
    2pcs 40x40x10mm 2 Pins New Case Fan 12V DC (http://www.newegg.com/Product/Product.aspx?Item=9SIA76H2GU0395) $4.99
    (I will probaby need a 3 pin fan splitter but those are cheeeeaaap)

    Okay, so I think that is all the parts that I will be needing. Total cost is $286.96 plus or minus about $10 dollars. I think that is a good price. I don't think you should really spend more than $300 dollars to build a PfSense box. What I have listed is probably overkill but I think the purpose of building these boxes is to have them "futureproof" so you don't really have to upgrade them at all.

    The Questions

    So my first question is, how do I go about plugging in ethernet cables into my PfSense box? I watched a video on youtube of a guy's PfSense setup and he had his ethernet cable from his modem go into the onboard ethernet jack on the mobo. He then had ethernet cables coming out of the NIC card to his computer and server. I was planning to do the same but only difference was that my ethernet cable is going directly from the wall into the onboard ethernet jack on the mobo. I was also concerned about that the onboard ethernet jack is LAN and not WAN. Does that matter? Here is the video that I watched https://www.youtube.com/watch?v=O8Lk07vi98o (skip to 3:18 to see what I am talking about)

    The picture included is a diagram of what I plan to have. The wireless access point is there so I can have Wi-Fi in my dorm. I will probably add a switch later on so I can have more computers but for now I do not need one.

    So I think that is all folks! Please give me feedback on what you think and ask me questions! ;D



  • I will let others comment on all the bits and pieces of hardware - I will just say that you can get http://store.pfsense.org/SG2220/ soon and be done with all the bother of buying all those separate bits and pieces… Of course it depends if you really want space on an SSD for cached stuff...

    You can assign LAN and WAN to whichever physical devices you like. So no problem changing it if the default assignment does not suit you.

    From your picture it will be a really simple network. The access point is likely to have 4 LAN ports on it anyway, so you can plug pfSense LAN and up to 3 cabled devices into that.



  • I must really consider more to the statement from @phil.davis!

    Your cost is nearly around ~$290 for the named above equipment, but must be fiddled together
    and a $299 SG-2220 unit will be right mounted together and came with a pre installed pfSense on top of this.

    SG-2220 $299 and ready to fly
    –--
    M2 SSD SSD ~$60 only if more storage will be needed

    Netgear GS105Ev2, GS108Ev3 or GS108Tv2 ~$40, $60, $80 if some times more ports are needed

    Plus on top the option to insert another miniPCIe card if needed or wished

    The picture included is a diagram of what I plan to have.

    Nice try but no way as I see it right!
    The SG-2220 unit will be coming with two Intel GB LAN Ports an so you should be
    define one Port to be the WAN Port and the other one to be the LAN Port!
    Connect the WLAN AP to the SG-2220 and the PC to the WLAN AP, thats it.

    Matching your hardware, it would be going smooth with three ethernet Ports!

    • WAN (cable from the wall)
    • LAN (PC)
    • LAN (WLAN AP)


  • Considering I had two high level members say that it would be better to buy the SG-2220, I will do just that! I have no problem with building a PfSense box as I have built computers in the past. But seeing there is one that is already prebuilt and ready to go for the same price, why not just do that?  :P Thanks for the input guys, if you want you can still comment on my hardware that I chosen so I can see if my research was any good at all ;). This is just for me in my college dorm so I won't need any major power here. That is why I can see the SG-2220 would be good as well. Thanks! ;D



  • I notice that the SG-2220 at http://store.pfsense.org/SG2220/ says "STARTS SHIPPING 31 AUGUST 2015" so there is a bit of a wait still. From memory it was initially planned for end of July, so I guess something slipped in the supply chain.
    I have 2 of the http://store.pfsense.org/SG2440/ in production but they are significantly over your budget.
    So it is up to you if you can wait.


Log in to reply