PFSense w/ ALIX kit from NetGate



  • I have known that you could create a firewall out of an older computer, but I just found out through the PFSense website that you can actually make your own Firewall appliance using the hardware at NetGate.  I'm looking for something to replace my WRT54G.  Every time I use BT for an extended amount of time I have to reboot the WRT(running DD-WRT, btw).  I'm looking for something that can run BT for long periods of time w/o having to be restarted.  The specs for the ALIX + CF kits trump those of the wrt54g exponentially.  Would hooking up an alix kit with pfsense attached to an unmanaged switch do the trick for my BT Issues?

    I also had some general questions about NetGate.  I've seen some customer responses on these forums and they sound like the way to go.

    1. Does the mounting hardware (screws, nuts, etc…) come with the kits?
    2. Is all I need beside the kit a cf r/w and physdiskwrite, and can someone please tell me a cf r/w they have used, I see them ranging from $15-$60.


  • I've been running pfSense on an Alix 2c3 (kit from Netgate) with an embedded image on it at my boss' house since late March.  One of his sons in particular is Mr. BT, and we haven't had any issues to date, and 15 mbit symmetric FIOS from Verizon leaves plenty of pipe to hang ourselves with (to his credit, he seems to have limited his outbound to 3 mbit lately).  The Alix only rarely makes it above 10% cpu utilization and is more often in the 4% range.

    Wireless in the (large) house and barn is provided by a set of Apple Airport Extremes in bridge-only mode, on staggered channels for painless roaming between them.

    For maximum satisfaction with BT, you'll need to enable static port (http://doc.pfsense.org/index.php/Static_Port) and probably uPnP as well.

    If you buy the package from Netgate that includes the enclosure, be aware that there are two flavors of enclosure - the ones with and without antenna holes.  The ones without antenna holes are made of noticeably thicker metal (I put a dial caliper on both flavors, side by side; it's not my imagination) and have nicer fit and finish.  The ones with antenna holes while not as nice, are actually available, as opposed to the other ones which are perpetually on backorder.

    Netgate includes all the screws you would need in order to mount the board, close up the enclosure, etc.

    The kits include a CF card as well as a power supply.  I've used their supplied CF cards and I've used random cheapie CF cards which I picked up from Micro Center.  No problems either way.

    All things considered I've been pretty happy with the Alix2c3.  In the interest of full disclosure, I have two complaints about the Alix in general:

    1. the second serial port on the CS5536 is not brought out to where I could actually use it for anything.  I'm told this will be fixed in a future product.

    2. The Via VT6105M (10/100 ethernet chip) that PCEngines decided to use is what I would have selected if someone told me to go out and get a fairly crappy NIC for as little money as possible.  I realize that everything is a cost tradeoff, but for $20 more on a 3-nic system they could have done worlds better and had a machine that was capable of saturating 100 meg ethernet at a substantially lower cpu load.



  • thanks for the post Atomic…what brand of cf r/w are you using.....



  • I've just purchased their "m1n1wall" kit with the ALIX board last week.

    Have to say their service was great. I believe they ship from Texas, and twice I got my order within 3 days. (I'm NW Canada.) They install a 1/2 Gig flash SanDisk in it, which is often plenty. The pfSense embedded install takes it to 57% full. They sell 4G compact flash disks for $30 (SanDisk as well), if you think you'll be needing more. They will also put on the latest stable monowall or pfSense for you if you wish.

    Coming from a Linksys the difference is huge, couldn't be happier. Now if I could only get my Atheros CM9 wireless card goin.. =/



  • @200mg:

    thanks for the post Atomic…what brand of cf r/w are you using.....

    As Molski points out, they ship a half gig Sandisk; I'm also using Micro Center house brand 1g and 2g CF cards with no issues whatsoever.



  • You can also use a Microdrive and install the regular pfsense (the one ment for regular cpu) rather than the embedded version. It gives you the advantage of being able to use the package system and install additional features. The regular version writes logs and stuff to the CF which has a limited number of writes. This will destroy your CF, hence you have to use a microdrive that does not have this limitation. I tried a seagate initially but it did not work. FreeBSD would not recognize it. I then bought one from Hitachi on ebay and worked flawlessly.
    There is no comparison between pfsense and one of the generally available routers from linksys etc. I also had a lot of problems with BT and even more with emule when using Kadamelia. It would regularly crash the Linksys and/or Netgear routers after a few minutes. PFSense works like a champ.
    However I have to point out that on PFSense I am having some problems with the wireless part of the router. Things have improved using the 1.2 version compiled with the 6.3 FreeBSD kernel. Wireless is functional but with a significant numbers of errors. I am waiting eagerly for pfsense 1.3 based on FreeBSD 7 that should have better wireless support.



  • @AtomicPlayboy:

    @200mg:

    thanks for the post Atomic…what brand of cf r/w are you using.....

    As Molski points out, they ship a half gig Sandisk; I'm also using Micro Center house brand 1g and 2g CF cards with no issues whatsoever.

    Thanks for all the rpleies everyone…

    I understand that the Sandisk is the brand, of which there are several, of the actual CF disk that is shipped, I'm inquiring about the cf reader writer, the hardware you use to write pfsense to the disk with you computer.  I see alot of brands out there and am wondering if any of you guys can suggest one that you're using and know that work well for this type of thing.



  • I don't think I've ever heard of a CF writer that won't work. I've used no name generic ones and various name brands. I mostly use Sandisk 8 in 1 (older model) or 12 in 1 writers, might also be a newer one from Sandisk by now.

    I really like my Sandisk writers, and they don't cost much more than anything else. That's what I would recommend.



  • @cmb:

    I don't think I've ever heard of a CF writer that won't work. I've used no name generic ones and various name brands. I mostly use Sandisk 8 in 1 (older model) or 12 in 1 writers, might also be a newer one from Sandisk by now.

    I really like my Sandisk writers, and they don't cost much more than anything else. That's what I would recommend.

    Thanks cmb


Log in to reply