Share your pfSense stories!

larryjb

Okay, I'll add my story now.

For years I've had issues with wifi connectivity throughout the house, and over the last couple of years my wife would complain about the wifi printers not working. At first I thought my routers were just old, so I paid more money to upgrade a D-link to a Netgear, then to another Netgear, and you know that story. Wifi would improve slightly, and seemingly quite well for the first while, but ultimately after a few months wifi got worse, and wifi printers started dropping again.

Then I started researching enterprise level routers and the name Netgate came up. The installation was sure a steep learning curve for me, and even now I would consider myself a sub-novice at it. But I got it up and working. But I was still using the old Netgear router as an wireless AP, and guess what? My wifi printers were still dropping and I still had lousy Internet at the opposite end of the house.

I have since added two Unifi Lite AP, one on the top floor, one on the main floor. I keep them on medium power and wifi is fine. Even on basic 20 Internet, we can Zoom call, watch TV on the Roku, and surf Youtube all at the same time. I haven't lost the wifi printer once in the 6 months I've had this set up.

I know I've wandered into a field I probably have no business mucking with, given my knowledge, but it works better than the consumer junk I had. I even started making my own cables so I could make specific lengths, and connect the Unifi APs.

Phatsta

@larryjb great job! You came to the same conclusion as many of us have, all on your own!

I have at least 150 installations with PFsense and Unifi APs (most of them Lite) in residential buildings, hotels, schools, offices and industries. There is very rarely any problems, and wifi performance is steady without reboots, year after year after year. It's like it should be!

mr.rosh

Installed pfsense 2.5.2 on Barracudda F18 firewall device. it's awesome for home use.

Intel Atom CPU C2358 @ 1.74GHz (2 CPUs: 1 package(s) x 2 )core(s)
2gb ram[to be upgraded to 4gb soon]
50gb msata ssd
Fanless and super silent.

@phatsta

Phatsta

@mr-rosh cool, how much did it cost you?

mr.rosh

it's a second hand device and cost me less than $40 US dollars [in my local currency]

• Intel(R) Atom(TM) CPU C2358 @ 1.74GHz 2 CPUs: 1 package(s) x 2 core(s)

• 2GB RAM [i am yet to upgrade it to 4GB] say another $10 US dollars

• 50GB mSATA SSD Disk

• 4 x Intel 1gb nics setup as
  

• Best part is it's silent and pretty good for home use.

• RJ45 Console PORT, VGA Port and 4x USB Ports. So hooking up keyboard, mouse and monitor was easy as and was able to boot from USB and install pfsense.

Phatsta

@mr-rosh the price is great. I paid something like €150 for the fanless quad core, 4GB, SSD hardware, but it's really, really fast. I get 970+Mbit/s port to port no problem. And the real advantage comes when using crypto services like IPSec where you don't lose as much speed thanks to the fast CPU.

But for home use that is a really nice setup!

mr.rosh

@phatsta thats cool.

johnpoz

@mr-rosh you got it for like $40? That is a steal - they are still being sold, they are not eol til like 2025 I don't think.. Rev A, I take it?

mr.rosh

@johnpoz Yes, it's a Rev A. u can look around on ebay if u like. I am certain that there are many barracuda's out there [decommissioned /second hand, simple because it's out of warranty and or so]

something similar is;

https://www.ebay.com/itm/274832571200?hash=item3ffd4c3b40:g:B64AAOSwXdZgxrBm

johnpoz

@mr-rosh not in any need for anything, I have a netgate sg-4860 here at home ;) When its time to replace - I would get another netgate appliance for sure..

But that is pretty good price for such hardware.. And yeah makes a great pfsense box.. enjoy! And thanks for sharing..

guardian

@mr-rosh @johnpoz Any idea what the specs are like on these boxes? CPU/RAM/Storage etc.

mr.rosh

@guardian

For the Barracudda F18 [Rev A.] Below are specs;

Intel Atom CPU C2358 @ 1.74GHz (2 CPUs: 1 package(s) x 2 )core(s)
2gb ram[to be upgraded to 4gb soon]
50gb msata ssd
Fanless and super silent.

Joe Friday

ROCK SOLID, to sum it up. Home environment, minimal packages (pfBlockerNG, nut) pfSense has been rock solid over the years for my family. Home built machine (Intel Celeron G3930, 8GB RAM, Intel NICs) Speed from ISP has been rock solid (600Mbps Down, 20Mbps Up - Shaw Cable Calgary AB Canada) Have contributed to date $100 Canadian, before yearly payments discontinued. Please make yearly contributions available again! Love pfSense (Netgate)!

jimmychoosshoes

Dell R430 with 32GB Ram and a RAID1. Running server 2016core hyper-v with veeam backup. 2x Failover PPPoE WANs supplying the network if failover gateway mode. Snort and PFblockerNG installed. We have been running pfsense for some time. R430 is a nice chassis but noisy.

currently on 2.4.5 as it is a gen2 hyper-v which wont play nicely with a 2.5.x upgrade (bootloops) so im waiting until I get a decent sized maintenance windows to park the VM, create a fresh gen1 VM and restore from backup.

nimrod

Protectli Vault FW4B with pfSense v2.5.2. Running pfBlockerNG, Snort, and Squid. Zero issues. I must say that im pretty impressed with Protectli Vault build quality. The case is one solid piece of aluminum with cooling fins on top of it. You can literally run this unit over with your car, it wont be damaged. It is that solid. Oh and its completely silent, since there are no moving parts.

Only issue i had is that my DSL modem power adapter decided to die on the same day when Protectli box arrived. For some strange reason, faulty adapter on my DSL modem caused Protectli box to behave strange. That misled me to believe there might be some issue with the box or pfSense software. Took me a few days to figure out that power adapter was an issue. As soon as i replaced it, all issues that i have been experiencing were gone.

lonblu

'Pfsense is the cosmic belch among network devices.' That's how I got it described 8 years ago from a friend, a Fortinet trainer. I never stopped using it since then, in Vmware esx, HyperV and Virtualbox.
Nice it has the .xml backup and restore features.

That's an OS I can't stop recommending on IT encounters.
Flawless, lightweight, huge, capable...bsd? Wow!

Too bad I rarely got an answer from Netgate forums. I enjoy reading anyway.

mer

@nimrod
Your last bits about power. I'd bet that the power supply on the DSL box was causing issues with the ethernet devices, causing link to bounce at least as far as pfSense was concerned. But it's a good reminder that the order of debugging should always be:

Physical connectivity (are my cables actually plugged in and are they good)
Power is stable and good

Then you can get to the "what did I muck up in my rules" and other complex things.

nimrod

@mer said in Share your pfSense stories!:

@nimrod
Your last bits about power. I'd bet that the power supply on the DSL box was causing issues with the ethernet devices, causing link to bounce at least as far as pfSense was concerned. But it's a good reminder that the order of debugging should always be:

Physical connectivity (are my cables actually plugged in and are they good)
Power is stable and good

Then you can get to the "what did I muck up in my rules" and other complex things.

I agree. But since i was new to pfSense, i was suspecting the hardware at first (Protectli), or some hidden option in pfSense which i was missing. I guess you can say that power adapter issue is not that common, especially if its "working" partially. It would be much easier to troubleshoot if the power adapter just died. But it was dying slowly, and voltage was dropping slowly, and thats what made it tricky to find. If i didnt had my trusty multimeter, i would never figure that out.

However, since replacing the power adapter, pfSense is working like a charm. ZERO issues with it. Its actually working so well, that it makes me feel kinda guilty for using it for free. There are paid solutions out there that cant get even close to what pfSense is offering. My next device will definitely be a Netgate device, because these guys are deserving all the support and respect for their work. And this forum/community is awesome. Im on these forums every day and reading all the posts from @johnpoz and @stephenw10 and learning a lot by just reading. They are super active and willing to help everyone. That is rare these days.

mer

@nimrod Agree on the Netgate hardware and the folks on this forum. Of course "it would be nice if the hardware was cheaper" but having a few they are a solid build for the price point.

Understudy

So I have been posting a few questions in the forums, but as of right now I am really happy with the setup. I will of course tweak it some more in the future but this is such an improvement over what I had. Now for the story.

In a galaxy far far away....oops wrong story.
In my little office in South Florida live an electrician who worked on a lot of IT stuff , mainly structured cabling, fiber and things like that. When not dealing with 3 phase motors or 277 volt light fixtures, I did Low Voltage. For years and years. I remember thinnet and thicknet, Type 9 and when cat 5 on Ethernet was becoming a big deal. I was dealing with OS/2 warp and RISC. In my office was Windows Me and I hated it. Blue screen constantly. Some friends from the irc would talk about FreeBSD. So I decided to give it a try and loaded FreeBSD 4.4 on my home computer. I used it as a desktop. And loved it. WindowsMaker, Opera, Aterm, Openoffice, Gimp, and dockable Icons. I was happy.

Now I am running servers, not a major operation. I am just an electrician. I don't want my stuff on the cloud. I am in the field a lot, I don't get to spend as much time trying to learn outside of my clients operations as I would like. And time is often the enemy on what I can do.

In my latest location for my office. I had to setup with a linksys LT214 router. Not bad but very limited in the rules.

I wanted to get away from IPFW , IPTABLES, and IPF because they caused me to drink to deal with the migraines caused by those pieces of software. Don't get me wrong I love the command line but those programs are not always easy to work with. My bartender...er therapist will confirm.

I had some old equipment a old supermicro case with a fried motherboard. I bought a new one with 6 1000+ MB nics. a 3.5ghz CPU and 8 Gb of Ram, some fans, a cf card reader and a 4gig CF card. Some of these were just spare pieces I had laying around. Some of these were items I purchased last year in the hopes I would get to it. That didn't happen. Between pandemics, pandemonium, and sheer panic I was plenty busy.

So eventually I would just have to abandon family and friends to spend some time putting my Frankenstein monster together. Double sided tape is your friend. I stayed in contact with the people who actually matter, discord and the support forums, along with many youtube videos and upping my google fu.

Now I have a firewall with a DMZ for public IP servers, an office on a LAN. The ability to serve pages, store info, to be able SSH into my servers and block the hell out of a lot more than 50 ip address that are constantly trying to see if I have an open port they can take advantage of. Thank you pfblockerng.

I will probably be able to cut my virtual therapy sessions to twice a month instead of twice a week, at least until my daughter starts dating but that is a whole different story.

Thank you for your time. Have a beautiful day.