Hardware for Small network with VPN and Snort

kipTry

Hi,

I want to build my own pfsense box. This would be my network:

• ISP Router (bridge mode) -> pfsense box (NIC 1)

• pfsense box (NIC2)-> Switch

• Switch: Port 1: AP (2 wlans), Port 2-3: LAN, Port 4: DMZ

Now I have:

• 20mb ADSL (soon I hope 300mb optical fiber)

• WiFi: 2 mobiles, 2 laptops and tv

• lan: 1 PC

I'm looking for a build between 200-300€. I want to install OpenVPN and Snort.

This is my current configuration:

• Mini-ITX cpu onboard: Gigabyte GA-C1037UN-EU V2.0. 86€

• RAM 4GB DDR 1600MHz: Kingston ValueRAM 4GB DDR3 1600MHz PC3-12800 CL11. 23.25€

• Case Mini ITX M350. 49€

• SanDisk SSD 64GB SATA3. 40€

• PicoPSU 80W 12V DC-DC 32.27€

• AC-DC 12V 6.6A 80W 32.27€

• Wire 4-Pin P4 miniPower para PicoPSU 80W

Questions:

• Is enough for my network, snort and vpn?

• Is it ok with a PicoPSU of 80W or I need more?

• How many disk space I need?

Thanks!

Guest

Over the Gigabyte GA-C1037UN-EU was a talk here in another thread.
pfSense with Gigabyte GA-J1900N-D3V

I would better go with;
Intel Celeron G3260 @3,1GHz
mini ITX Board with dual Intel I217 GB ALN Ports
8 GB RAM

If this is for a home setup;
If not so many is coming on top, a SG-2220 fron the pfSense store would be also really
good running for you or perhaps an Alix APU 1D4 would be matching also the numbers.

kipTry

It's for a home setup. I think 3.1GHz with 8GM RAM is too much.

SG-220 and AlixAPU 1D4 are more expensive and less powerful than my set-up, right?.

Now, I have doubts about the motherboard. It seems some gygabyte have problems with bios, usb, etc. But I think this one, it is newer, so I hope everything will go fine. What do you think?.

Some recommendations about RAM, Hard drive and PicoPSU?.

Thanks!.

Guest

3.1GHz with 8GM and/or SG-2220 is more powerful then your set up!
Please don´t forget that snort will be "eating" many speed and throughput and also sometimes RAM.

In normal 4 GB would be sufficient with Snort and/or Squid or both it would be better to go with 8 GB in my eyes

What do you think?.

Don´t try it out with the Gigabyte board! This is waisting the money and time.

kipTry

OK, I'm going to check out again. I'm from Spain so with the shipping it is about 370$ (340€). I guess I can find something more powerful than SG-2220 for 300€.

Any recommendation of motherboard? They are expensive with 2 lans…

Thanks.

Guest

OK, I'm going to check out again. I'm from Spain so with the shipping it is about 370$ (340€).

Hola, this is really chaep, here in Germany I have to pay for something between 420 € - 440 € the cheapest
I can get my hands on.

They are expensive with 2 lans…

Netgear GS105Ev2 5 GB LAN Port Switch for ~30 €
Netgear GS108Ev2 8 GB LAN Port Switch for ~50 €
Netgear GS110T 10 GB LAN Port Switch for ~100 €
Intel Quad GB LAN Ports NIC used for ~60 €

I guess I can find something more powerful than SG-2220 for 300€.

Not really, but the Intel Celeron G3260G for 80 € is sufficient to manage pfSense and
Snort easily.

Any recommendation of motherboard? They are expensive with 2 lans…

You will be needing a Board that is capable to install pfSense and then a used Intel Quad
Port card such as the Intel 1000 PT for something around 60 €.

As I am in your situation I would be doing the following:
Cheapest:
ASRock Q1900TM-ITX SoC So.BGA Dual Channel DDR3 Thin Mini-ITX Retail ~105 €
8 GB RAM ~50 €
SSD 60 GB ~70 €
mini ITX M350 ~50 €
PicoPSU 120 Watt & external adapter 100 €

Cheap:
Intel Celeron G3260 @3,1GHz
mini ITX Board pfSense compatible
mini ITX case M350
PicoPSU 120 Watt + external Adapter
Intel Quad Port NIC (1000 PT)
SSD 60 GB
8 GB RAM
Budget:
Supermicro A1SRM-LN5F-2358-O Intel Atom C2358 ~250 €
Supermicro chassis & PSU ~120 €
8 GB ECC RAM
mSATA 60 GB

Sufficient enough:
Supermicro A1SRi-2558F-O Intel Atom C2558 ~250 €
Supermicro SC101i chassis ~60 €
PicoPSU-150-XT 150W 12V DC-DC ATX ~45 €
External PSU adapter ~30 €
SSD 120 GB
8 GB ECC RAM

Guest

pfSense with Gigabyte GA-J1900N-D3V
Could be also interesting for you.

kipTry

Thanks BlueKobold!

I have to choice the cheapest one. I found the Asrock Q1900-ITX (Intel Quad-Core J1900 2GHz) for 84€. I think it is sufficient.

I will look for a 8G RAM, 60gb ram and the case mini itx 350.

What picoPSH has enough watts for my setup?. I don't know how to measure. 80, 90, 120, 150?

So, now I have to find a network adapter with PCIe:

• it will be fitted correctly to the box?

• PCIe has a good perfomance, right?

• It is enough with 1 port (to the switch and vlans), althought with 2-4 ports would be perfect

Thanks a lot.

Guest

I have to choice the cheapest one. I found the Asrock Q1900-ITX (Intel Quad-Core J1900 2GHz) for 84€.
I think it is sufficient.

Yes but please read the thread in the post before complete, because then you will be first do some "things"
on the board before using it.

I will look for a 8G RAM, 60gb ram and the case mini itx 350.

Would be good but then there would be no chance to insert the PCIe card!!!!

What picoPSH has enough watts for my setup?. I don't know how to measure. 80, 90, 120, 150?

PicoPSU

kipTry

@BlueKobold:

I have to choice the cheapest one. I found the Asrock Q1900-ITX (Intel Quad-Core J1900 2GHz) for 84€.
I think it is sufficient.

Yes but please read the thread in the post before complete, because then you will be first do some "things"
on the board before using it.

Do you mean to bugs in booting process?.

I will look for a 8G RAM, 60gb ram and the case mini itx 350.

Would be good but then there would be no chance to insert the PCIe card!!!!

Why?

This board has "1x PCIe2.0 x1", what means 500mb/S, right?

Guest

Why?

Because of the mini ITX case! There is no PCIe card breakout slot!

This board has "1x PCIe2.0 x1", what means 500mb/S, right?

In the theory all is even going, but what is if you must set the PCIe slot to PCIe 1.0 to to get the card working?
I mean this would not be even the case, but I was also reading this often here in the forum, in other threads.

Do you mean to bugs in booting process?.

Yes this is what I meant.

kipTry

The bug in booting process is fixed?. I see too much problems with motheboards: no Gigabyte, no AsRock…

wiretap

I used this board for my build and it works great. http://www.amazon.com/gp/product/B00XNR4HE2/  The only downside is, no AES-NI. VPN for a small network will still be in the 100mbit range though. Throw in a 8GB stick of RAM and a small mSATA SSD and you'll be in the price range you're looking for.

Guest

@kipTry:

The bug in booting process is fixed?. I see too much problems with motheboards: no Gigabyte, no AsRock…

Therefore I was sending you the link above if there are still problems, because this thread is like a HowTo
to fix it by your own!

@wiretap:

I used this board for my build and it works great. http://www.amazon.com/gp/product/B00XNR4HE2/  The only downside is, no AES-NI. VPN for a small network will still be in the 100mbit range though. Throw in a 8GB stick of RAM and a small mSATA SSD and you'll be in the price range you're looking for.

• 1 from me this was a really good choice, under your link Amazon was also offering another two full featured
  solutions that match his budget also really good!

Jetway NF9HG-2930 Intel Celeron Quad Core Fanless PC w/ 4X Intel LAN, 2GB, M350 ~$299
Jetway Intel N2930 Network PC w/ 5X Intel LAN, 2GB, JBC200F9N-E4IN-B, ADE4INLANG ~$309

Both comes with 2 GB pre installed RAM and ready assembled in the case, one time a M350 one
and one time another one.

kipTry

OK, so finally I'm going to buy in Amazon. It is cheapest

Thanks for your build wiretap (I see your post too) but I'm looking for a board with HDMI because maybe someday I need another box and I cand re-use this one like HTPC.

With this one: http://www.amazon.com/Jetway-Intel-Network-JBC200F9N-E4IN-B-ADE4INLANG/dp/B00X6GPUO6/ref=pd_sim_sbs_147_3?ie=UTF8&refRID=0ZN28MFCV1Y2YC5DJEFE it will be perfect. I have to buy more ram, ssd and access point (I don't need the switch now with 5 ports). 400€ with everthing.
Is it fanless?.

I will take a look for more boxes in Amazon under 300$, but I think this one is perfect.

Thanks!

messerchmidt

i would go with the j1900 gigabyte build

8gb of ram

kipTry

I'm going to use the board Jetway NF9HG-2930. If I need HDMI output in future, I'll buy a PCI-HDMI card.

So, my list is:

• Jetway NF9HG-2930 - http://www.amazon.com/gp/product/B00XNR4HE2/

• 2 x 4GB Crucial SO-Dimm DDR3 1.35V

• 1 x SSD mSATA 60GB aprox.

• AC-DC adapter 12V 5A 60W

• m350 case

I'm going to order everything in Spain. But I can't find the jetway NF9HG-2930 here. Do you know some website with free/cheap shipment?

am I missing something?.

Thanks.

Guest

1 x 8GB Crucial SO-Dimm DDR3 1.35V [52€]

If would be prefer to use 2 x 4 GB because 8 GB is the maximum so both RAM slot get filled.

CarTFT
JETWAY NF9HG-2930 (INTEL BAY TRAIL-M) -214,00 €
Shipping to spain
Paket (FedEx Economy) 13.50 EUR
1 - 3 days
Paket (FedEx Express) 19.50 EUR
1 - 2 days

MiniPC
JETWAY NF9HG-2930 (INTEL BAY TRAIL-M) -214,00 €
Shipping to spain
Paket (FedEx Economy) 13.50 EUR
1 - 3 days
Paket (FedEx Express) 19.50 EUR
1 - 2 days

Jailer

That jetway board does not have an ATX power connector so you don't need a pico psu. Get the 60w power brick with 5mm/2.5mm barrel connector and you plug it directly into the rear I/O connector.

kipTry

Everything is clear. I'm just looking for a website with free/cheap shipping to Spain for order the jetway NF9HG-2930.

Thanks, you have saved me of many mistakes and lose money.