Which Hardware to Choose For pfsense? Netgate VS Protectli, Qotom, Yanling, etc...
Рет қаралды 191,697
Күн бұрын
@ramosel Жыл бұрын
I ran pfSense on old hardware for years... But when I started to move to an "off grid" model at my home in the mountains I looked for low power consumption and reliability. I listened to Tom and bought a Netgate SG-4860. I've never regretted it. I had one problem with the first one and even though it was technically out of warranty, because it was a known issue at Netgate, they replaced it at no charge. That said, for the 9 days I was without my SG-4860 I had to fall back to a plastic box router... not the best scenario. The replacement has been trouble free for years now and I was able to pick up a backup off eBay that is the exact same model and features so I keep it updated and on a shelf - just in case. Couldn't be happier with Netgate products or support.
@sharedknowledge6640 Жыл бұрын
I also highly recommend the Jetway (a long standing legit company with offices in the US) N3160 box with 4 Intel Gbe ports. It’s rock solid, fanless, plenty fast, and only uses a couple of watts.
@gh8447 Жыл бұрын
I bought a Netgate 6100 shortly after I started working from home during lock-down (I got the 6100 because I also wanted to experiment with 10G fibre). I'd previously had pfsense virtualised on a ESXi server along with my TrueNAS servers. Whilst that worked flawlessly, anytime I needed to shut down ESXi for whatever reason, I wouldn't have Internet access! The 6100 has been rock-solid.
@acerides1724 Жыл бұрын
I’m eyeing on that too. I now have 5gb and 2gb multi ISP on my house
@PictureStrain Жыл бұрын
I used to run pfSense, for business use, on old hardware, but, for about 2 years I started to use SuperMicro SuperServer E300-9A-4C model for the main offices. Probably, in the future, I will use NetGate, due to all the great things they are doing. Thank you for your videos and opinions, Tom!
@runelarsen3412 10 ай бұрын
😂
@KonjonoAwesome Жыл бұрын
I've been running pfSense on Supermicro's 1U Atom based servers for years with great results. Started with d525 based systems, then moved to the c2000 and now the c3000 series. Work great and are solid enough for a production environment. I can also buy two of them and put them in fallover for what one Netgate appliance of the same capability would cost. I paid for pfSense Gold for years and also did their paid training when it was offered. I wish both of these things were still an option to support Netgate.
@TheWebstaff Жыл бұрын
Manual was another way I supported them.
@timalbrecht5120 Жыл бұрын
I just set up pfsense at home on an old Sophos XG105 rev3 box that we had decommissioned. I did upgrade from 2 to 4 GB RAM and so far Im really happy with the performance. That said, if I were to ever deploy pfsense for a business, I would go with Netgate.
@slip0n0fall Жыл бұрын
REALLY appreciate you keeping these PF videos updated and relevant
@Shadow_Banned_Conservative Жыл бұрын
I've had good luck running my own hardware. I started out with a HP thin client T-620, moved to a T-630, and currently on a Lenovo M720q tiny, 1L PC with an I3-8300T and 8gb of memory along with a 4 port Intel i-350 NIC. All have been rock solid, and pretty low power consuming devices.
@theflyingjapman5771 10 ай бұрын
I currently have a T630 as a learning device for me. Will it be noob friendly to setup pfsense and hopefully replace my ISP router.?
@Shadow_Banned_Conservative 10 ай бұрын
@@theflyingjapman5771Yeah, it should be fine. Both the T620 and T630 worked well for me, especially if you just want to use the firewall and don't plan to install tons of add-on tools. I only ran OpenVPN on my setup and several firewall rules along with four separate networks and it was perfectly fine, pfsense picked up the internal network interface without issue. The T630 is a little more powerful than the T620, but I IIRC, uses about 50% more power, still not a lot but it does use more power than your router. I think the T620 was around 12w average load and the T630 was around 19w IIRC. These little machines are more powerful that most people realize. I ran Windows 10 and we browsers on the living room TV on the T620 before I turned it into the pfsense appliance. I wasn't lightning fast, but it was usable for basic web browsing.
@pjohnson21211 Жыл бұрын
I've been using one or another of the inexpensive Aliexpress boxes for years now. They work just fine for my home needs. But for a commercial install I think you can make an excellent case to deploy a Netgate sourced and supported hardware
@denniskluytmans Жыл бұрын
Care to share which on you got bro? I am searching one which is 1Gb/s compatible and not breaks the bank
@xanderthunder69 Жыл бұрын
@@denniskluytmans Most likely one of the "Topton 2.5Gb Intel I226-V Router" Boxes with 4 / 6 ETH-Ports I'd assume. But be warned that the NIC I226-V is only supported by pfSense CE 2.7.0 and onwards or pfSense Plus 22.05 and onwards!
@pjohnson21211 Жыл бұрын
@@denniskluytmans mines too old for you to purchase the same....at least 2018 vintage specs: Celeron 3855U 6x Intel Ethernet Controller I211 gigE NICs 4GB RAM 32GB industrial m.2 chose this one for price, AES-NI and 6 NICs
@echoztrip Жыл бұрын
I've had pfsense running at 100+ locations using PCengines hardware over the last 10-15 years - very reliable, but good to see what is out there
@RandomTechChannel Жыл бұрын
Another great video Tom! I'm glad to see other channels covering this topic. Keep up the great work!
@bassbacke Жыл бұрын
Bought an HSIPC New J4125 Quad Core Firewall Micro Appliance in March 2022 triggered by your fine reporting on pfSense. Thanks for that! I replaced the pre-installed pfSense SSD with a new and bigger SSD (also better quality). Works great with pfSense 2.6.0-RELEASE (amd64). It's mainly for my home use. Serial console interface also works fine. Can recommend it.
@keylanoslokj1806 11 ай бұрын
So is that like a mini computer acting as a firewall? Can we find it on Amazon for those that live in eastern Europe?
@bassbacke 11 ай бұрын
@@keylanoslokj1806 A mini PC with 4 ethernet interfaces. I bought mine from Amazon Germany. However, it's a chinese product and devices like that should be also available in eastern Europe. Best of luck.
@steensadolin8749 Жыл бұрын
I have used a SG-2100 since it came out and am very pleased. Yes the Netgate hw is not cheap, but it is reliable. I have only had one problem… the last update (23.01) failed but Netgate was very quick to submit an image for me to manually load on the box. So now I can also have an opinion about their service, which is exelent. I will for sure buy another netgate, but understand the people that find it expensive.
@rjy8960 Жыл бұрын
I started with a Netgate SG3100 about 7 or so years ago. It ran out of steam when I upgraded to 1Gbit WAN at home. I bough an old Dell R210MkII and a 4-port Intel NIC and it's been bombproof. I do keep the SG3100 in the rack as a standby and have the ports of the two Pfsense boxes brought out to a patch so can quite quickly switch between should I need to witch to the Netgate. Not exactly hot-swap, but it will suffice. I also have a Chinese fanless box that runs Pfsense for demonstrations to clients / exhibition use and that has been fine. I have needed support from Netgate and have always been impressed. If I were to implement a mission critical system, it would be based on Netgear hardware.
@ersterhernd Жыл бұрын
Thin MiniITX Intel motherboard from 2012, i5-3470T, 8GB DDR3 and an Intel i340-T4. Quiet, efficient and cheap. Running 24/7 since 2018. Love PFSense.
@rockfreek13 Жыл бұрын
I’d support Netgate if their devices were even close to reasonably priced. I’m in Australia and paying 1k for 4100 BASE is way too much.
@derekp6636 Жыл бұрын
running on a qotom box myself and had a broken gigabit port for awhile now, been watching for a 2.5gbe version to replace with. you are exactly correct, it is enough for my homelab/home entertainment needs. I have a few simple traffic rules for game servers etc and it does what I need.
@wagnerj01 Жыл бұрын
I purchased 2x Protectli Vault FW4B - 4 Port, Firewalls for my primary residence and a vacation home. I installed one in my primary residence 1st and it would reboot 2-3 times during operational hours. I configured the 2nd one, same mess. Returned to Amazon and purchased 1x Netgate 2100 for primary residence and 1x Netgate 1100 for vacation home. I couldn't be happier. Not a single issue.
@philh7474 Жыл бұрын
Former Netgate SG-2220 user here. It failed about two years after deployment in a home power user environment. Board inspection didn't show anything unusual. Bought a FW2B (running pfSense 2.6, with Snort and pfBlocker) and it's been stable for over two years now. I did place a USB fan on top of it to get the temps down, hoping cooler temps will extend life. Recommendations back then steered me to Protectli which was around the time the SG-2100 came out. Will put Netgate hardware back in the mix if the FW2B gives out.
@WebeloZappBrannigan Жыл бұрын
Perhaps your SG-2220 fell victim to the AVR54 bug that plagued the first batch of Atom 2000 series CPUs. I'm pretty sure that's what killed my RCC-VE 2440. Did it fail after a power outage or reboot?
@satamototo Жыл бұрын
Good to know about the low quality failures, thanks a lot. I usually use wide spread brand SFF PC with Haswell + CPU and Intel card.
@therealb888 Жыл бұрын
Which one are you using? Could you recommend me a few deals?.
@satamototo Жыл бұрын
@@therealb888 Brand PC from Fujitsu, Dell, Lenovo or HP with i5-4570 or newer. All these are good, cheap and the second hand market is flooded with them. Plenty of performance even for 3 x 1gbps multiwan with zenarmor for 1000+ devices.
@RobertGallop Жыл бұрын
I had just clicked on order for a 6100 right before this came out. I got nervous maybe I’d messed up. But even though I’m a “home” user, I do work form home 100% of the time, and just like the “always works” nature of the netgate devices. I have a 3100 now, but will be getting > 1GB internet, I almost went 4100 for the 2.5, but thought maybe, someday I’ll have even faster internet, and these things are not cheap! So buy once cry once, hopefully I get a good 5-10 years out of this one, and will leave my 3100 around as a backup device just in case. Thanks for the videos!
@andymok7945 Жыл бұрын
My first pfSense usage was done on the Netgate 2440 and ran it that way for 4 years. Then I switched to a segmented network and then my design needed more ports and such. I bought a Qotom 6 NIC port brick for my new setup. It has been running great for 4 years now. This is a home setup and to buy an equivalent unit from Netgate was just not financially possible. I still have the SG-2440 unit and it still works. I use it for testing and is a well built unit.
@TumescentPuma Жыл бұрын
The SG-2440 is a great little appliance. I still have one as a backup and it chugs along when I go to use it.
@SB-qm5wg Жыл бұрын
I'm glad to see the pfsense/Netgate team being profitable but for home usage, the Netgate line is above my price-point for tinkering.
@krisdphillips Жыл бұрын
Netgear, huh? /s
@williamp6800 Жыл бұрын
Netgate, not Netgear.
@SB-qm5wg Жыл бұрын
@@williamp6800 TY. Typo fixed.
@philipcheung2669 Жыл бұрын
A lot of people haven't had the experience of being on the pressure tip (lucky for them), or 'having got away with it' - once you've had that experience you will truly understand the value of absolute reliability and the peace of mind it gives you, and be able to face the 'what if' situations. With that said, I personally deployed an IPFire system with just off the shelf computer hardware - I know what brand of hardware I can trust and the system has been running for 2 years without a glitch. Although I have to say it comes with a price, many sleepless nights and tears....
@slipknottin Жыл бұрын
I’ve been running pfsense on a R210 for a couple years but I’ve been considering getting something more efficient. But I really want to keep it rackmounted, rather than sitting on top of something, the shelf I have is already full of other devices and my rack doesn’t have much more room
@NORULERUST Жыл бұрын
Great video lad, do you know how to connect pf sense to a ubuntu server and route traffic through it for a game server ? Using wireguard or any alternative you think would be good. Thanks for the video .😃
@Martimus98 Жыл бұрын
I'm still running pfSense on an old Check Point T180 firewall. It's big and clunky but works just fine! 👍
@Calauu Жыл бұрын
I use also PCEngines APU 4D4 as hardware for pfSense and I have tens of boxes and no one of them broke, and previously I was using PCEngines ALIX and I still have some in production after more than 10 years. If the performance fit’s the purpose I recommend them as really reliable hardware.
@sharedknowledge6640 Жыл бұрын
I’ve had great luck with Jetway fanless boards and prepackaged bare bones units. For example the Jetway HBJC430U941 is a tiny fanless Intel N3160 with 4 Intel Gbe ports. It only draws a few watts, no fan, nice aluminum heat sink enclosure, M.2 SSD slot, and is from a real company that’s been around a long time, has offices in the USA, and even a phone number you can call. Their products are not no-name sketchy scary Amazon Chinese junk like several of the products you mentioned. In many ways it rivals the $600+ Netgate products. I paid $279 for mine and it’s been flawless for 3+ years now.
@dervaretyndigtland4760 Жыл бұрын
I wouldn't trust a random Chinese device, especially for a firewall. Am I too paranoid?
@ramosel Жыл бұрын
Considering their activity in recent years, nope. I don't buy Chinese, period.
@marcogenovesi8570 Жыл бұрын
yeah I'm not trusting them either
@DR19X Жыл бұрын
No
@elgato7557 Жыл бұрын
I recently swapped a bunch of Tenda AP's around my house with ones from Mikrotik over similar concerns. There's still a few TP-Links I want to swap out eventually but I'm less worried about those.
@troksii Жыл бұрын
We used quotom with opnsense in a few instances, all of them died. No ryhme or reason. For business we only recommend fortinet now. For personal we recommend negate.
@ThisIsNotMyHandle Жыл бұрын
I use a PC Engines APU 3D4 and it's been serving me great. It handles A LOT of traffic.
@spexpl Жыл бұрын
I at home use the HP 620 Plus terminal, as a router (after adding 4 NICs). And it's a nice budget option for the home.
@nickcalladine Жыл бұрын
Great technical insight from a person who is unbiasted honesty review and allowing someone like me making a entry level a generalised understanding, but does not have a everyday hands of use and real time / long term view of what works and what doesnt, espscially who hasnt got the biggest bank balance :( Would like the latest bells and whistles top end reviewed hardware being reviewed.. but in reality cant afford or scared that I will screw it up as a first step on the ladder approach / dip my toe in aproach rather than being overwhealmed with information overload / the "real life" or "my scenario" platform rather than just sighing and then giving up! Tech by "real tech people" explained in simplistic short bites and layman terms :) Great Stuff. Thank you and keep doing what you are doing !
@KikiNation1 Жыл бұрын
Have never used Pfsense or Netgates as I have always stuck to the enterprise stuff like Sonicwall, FortiGate, etc. But, I’m going to try this for a client who cannot pay the higher prices. Seems like a decent option.
@mikelieberman6924 Жыл бұрын
I have a third party unit as I am in the Philippines. I note that the black case with fins runs hot, car too hos, even thought the dashboad says 27.9C I don't believe that for a moment. I have a fan on order and will run it against the finds to see if I can cool the unit off a fair bit. My best guess is the failures are heat related.
@alsinclaire Жыл бұрын
Thank you for the link to the Qotom! Finding a budget friendly router that has 2.5G ports to go with my 2.5G Fiber to the home has been difficult. Now I just need to decide on a new WAP. =)
@Muzzup 10 ай бұрын
My Netgate 6100 is very awesome , I highly recommended it if it fits your budget and needs. No affiliation
@BorisJohnsonMayor Жыл бұрын
I was about to splurge on a Protectli FW6D but now I am skeptical considering the hardware failures people are talking about. I currently have a Netgate 2100 but want more power and physically isolated network ports (rather than their switch based configuration). The next one up is the 4100 but these have the same number of ports as the 2100 (same with the 6100).
@bmbiz Жыл бұрын
That Twitter thread is pretty meaningless. For all we know there are 100 satisfied Protectli users for every one that complained. People with problems are a much more vocal lot than those without. Not saying there's nothing there, just that it's hardly scientific. On the flip side, on this page here I'm seeing a lot of people saying they've good results with their Protecli's. Without hard data, who can tell either way? :)
@red94mr28 Жыл бұрын
@@bmbiz "People with problems are a much more vocal lot than those without" Totally agree. And not specifically with pfSense boxes but with any product.
@rpsmith Жыл бұрын
I have deployed over a dozen Protectli firewalls over the years and only had one that gave me any problems and they replaced it even though it was out of warranty! They are a great U.S. company with tech support you can easily reach with a simple phone call!
@keetam_worth82 Жыл бұрын
I have been using for home networking a device virtually identical to the one in the video (except for the motherboard whose brand is not easy to figure out, but same CPU and same NICs) for two years and everything works perfectly at gigabit bandwidth with 5 vLan and quite a lot of stuff going on. Fingers crossed.
@lightingman117 Жыл бұрын
Love the new intro!
@JimtheITguy Жыл бұрын
As Tom says, if you a business, buy the right hardware, over here in the UK for home/lab/test if you want to use PFsense/OPNSense consider looking at used Sophos/Checkpoint/Fortinet hardware if you cant find Netgate Hardware, not a fan of the China clone mini PC's personally
@mikescott4008 Жыл бұрын
I'd agree re Sophos XG hardware, I had a XG230 Rev 2 running really nicely, shouldn't have sold it tbh. However when I'm offer more than I paid for it and it's using more power than I'd like on a home connection it went. Based on the poor response from a UK Netgate partner, I've lost interest in dealing with them for home and for work potential.
@mikescott4008 Жыл бұрын
Miss that unit, mmm might look at options again... :)
@lukey3030 Жыл бұрын
Why would you run pfsense on fortigate/checkpoint hardware when their own OS blows pfsense out the water?
@JimtheITguy Жыл бұрын
@@lukey3030 shhh, your not allowed to talk down about pfsense 😜
@mrsalamander9246 Жыл бұрын
It was because of you that I purchased netgate 6100 for home use!
@vincei4252 Жыл бұрын
I work from home 100% of the time. If I'm disconnected from the office for even 30 minutes that's a problem. Despite the price I would pick something that is known to be reliable.
@tupui Жыл бұрын
An an FOSS developer, I also wanted to buy Netgate. But in EU it's as you said either very hard or very expensive... Same with Qotom, hard to find. I had little choice to go to a Protectli box. So far so good, but I don't like that and wished Netgate had a better story for EU. (It's a similar story for Supermicro btw)
@a.g8517 Жыл бұрын
QOTOM on aliexpress for $152
@marcogenovesi8570 Жыл бұрын
EU is OPNSense's area
@mal798 Жыл бұрын
As a home user running pfsense, I'm finding it really hard to see a reason to move away from a VM on an old SFF PC stuffed in the top of a cupboard. It runs cool and reliable, it's cheap, I can adjust the resources for optimal performance, and it's easily backed up. The only reason I would move to a dedicated hardware would be if it was smaller, ran cool, and was reliable. It sounds like the official lower end netgate boxes run hot, and the aliexpess black boxes don't last.
@GrandpasPlace 4 ай бұрын
On the chinese boxes, have you ever put a sim card in one and configured the 4G/5G connection as a backup to the primary internet connection?
@ravenseyeimages Жыл бұрын
Informative video, I switched last year from wireless ISP to gigabit fibre and am considering putting a pfsense appliance in place of the ISP supplied router so I can move my IOT devices etc. onto VLAN, implement a good firewall etc. With my wireless ISP I always used a dd-wrt router, with a couple of my older dd-wrt routers set up as access points and wireless bridge access points. I did not get as far as setting up vlans or subnets for guest networks, IOT devices etc. I'm a database guy though, not a network guy, so my knowledge of all things network is rudimentary. Is pfsense worth my while or can I accomplish the same thing with dd-wrt equipped routers?
@Xxmeca421xX 8 ай бұрын
This will be great for my home security which has been penetrated by virus called back orifice. I suspect it was from my neighbor who is a retired network engineer so I still need a way to protect Bluetooth devices since he lives in range
@JasonsLabVideos Жыл бұрын
I love running pfsense on the R85s box with the 3 x 2.5gbe nics..
@JPEaglesandKatz Жыл бұрын
I have one of these Chinese boxes.. Cooling is a big problem.. If CPU goes over 20%, temperature goes over 70% and it will get higher up till 90... Blowing a simple fan over it will solve the problem but they definitely need some cooling attention...
@Kehf27 2 ай бұрын
Quick question: Would you recommend running OPNSENSE on a Netgate 8300?
@zack.123. 2 ай бұрын
Awesome video. I need a hardware recommendations for a first time simple home setup in 2024 please. My main use case is to replace my ISP router+ home lab. I want to get in to pfsense but not 100% sure yet. I have a stressful IT job and sometimes by the time I get home I just want to relax. I would like something that can be setup in a set and forget manner but at the same time I can tinker around with it when I have time. Is pfsense the right product here? What would you recommend for a first timer please?
@LAWRENCESYSTEMS 2 ай бұрын
I prefer pfsense and if you get it on Netgate hardware you know it will work right form the start vs you may run into troubleshooting issues if you built it yourself.
@christopherjackson2157 Жыл бұрын
A good nic matters so much more than the CPU or memory or any other hw component. A good intel nic will do most of the processing directly on the network chip
@a9503128 Жыл бұрын
Tried but there was no stock of Netgear in my country but Amazon had a Protectli on next day. Route at Gigabit shouldn’t be confused with firewall’ing and features at Gigabit.
@ctid107 Жыл бұрын
Ex corporate Dell or HP SFF pc's are really inexpensive on Ebay and offer PCIe slots. My Dell 3050 ticks along at 14W consumption with an Intel quad gigabit card.
@EmilePolka Жыл бұрын
repurposing those supposedly free hardware from Sophos is also a good option. we actually received those hardware for free several times already hoping the company use them but we just didnt bother and one day we actually just used it as a spare hardware just in case shit happens so I plop out the SATA DOM and inside the unit and install a serial console install of pfsense, and whoala works great.
@mikoal Жыл бұрын
If I decide to install pfsense on type 2 vm like virtual box on my pc (with single Ethernet port) instead of protectli. Can I still achieve the same results? Or what would be the differences from a dedicated hardware VS a vm on a px
@mikoal Жыл бұрын
*pc
@ninjarider443 Жыл бұрын
For those who find pfsense a bit complicated, ipfire is a great choice. I been running ipfire for many years and switched to running it on a protecli device a year ago. The bad thing about protecli though is many of their lower end devices (2 ports and 4 ports) have many hardware vulnerabilities due to the old intel chips being used. I have the 2 port version and it is plagued with hardware vulnerabilties. Ipfire has a built in checker to check for hardware vulnerabilities unlike pfsense, which is an awesome feature to inspect the hardware to ensure it is not vulnerable. I am working to look at different hardware since my current protecli i bought a year ago has to many hardware vulnerabilities on it now. If you get protecli, get coreboot bios, since all their stuff is made/flashed in china, but at least with coreboot you get opensource firmware vs who knows what extra stuff is included in the china flashed firmware.
@heykenthay Жыл бұрын
So many sites argue which network card is the one to get, with your experience which Intel network card would you recommend for a 2.5 g x 2 and a 1g x 2 card? Siding for the more budge conscience.
@ajaaoka6364 11 ай бұрын
This was great for keeping clients off of cheap garbage. I do have to voice that all of Negates hardware has an astonishing lack of ports and expandability that often turns me off of them for anything except straight office networks and home networks. Anything with high level of redundancy needs I have to use custom servers and that makes me sad when they could produce one top of the line ststem with 5-6 expansion slots and really open up some high end market space.
@KennethPadgett Жыл бұрын
Did you try new CMOS battery on those failed boards? 4-5 years is right about when we see those cr2032 batteries fail and have had devices stop booting because of bad batteries.
@H-RutherfordHill Жыл бұрын
For some reason, a Netgate I have deployed, loses it's WAN connection when the ISP changes the IP address. The WAN port won't grab the new IP. So you have to manually renew the IP. Very frustrating.
@erickalcala7649 Жыл бұрын
Hi Tom, Great Video! can you do a video like this one but for BitWarden Hardware? I guess not all of us have a server to virtualize. Or maybe a video of Cheaper hardware to have home for using BitWarden and Pfsense
@gordonfreeman4477 Жыл бұрын
I use pfSense on a single Realtek NIC on Hyper-V which seems like a bad combo. I had few issues but overall it's nice and smooth.
@baconsledge 9 ай бұрын
Does it make any sense to use pfSense at home when the hardware costs mount so quickly compared to off the shelf routers? Still trying to get a handle on this.
@wildfrogconsulting5204 Жыл бұрын
Tom> You mentioned that you keep spare Netgate boxes on-hand as a just-in-case. Is Lawrence Systems a Netgate partner? Because last I knew, Netgate’s warranty applied only to the original purchaser. How are you handling this?
@LAWRENCESYSTEMS Жыл бұрын
The spares we have are for our clients that we have installed them for and that we have as part of our managed contract.
@davidbailey3289 3 ай бұрын
Love the videos. Newbie sounding question. How do you connect the netgate hardware to get wifi in the house. Networking hasnt been my strong suite.
@LAWRENCESYSTEMS 3 ай бұрын
I use UniFi for the Wifi
@davidbailey3289 3 ай бұрын
@@LAWRENCESYSTEMS i am trying to setup something simple yet strong enough i can be secure. Basically i got 400mbs fiber with the isp modem and was thinking of putting a negate box after the modem and possibly a switch before adding something as for wireless net with the ability to separate my private network from my IoT stuff in my Home. I have always had a modem wireless router combo and haven't really dealt with anything like unifi. I tried watching one of your more recent videos in regards to unifi and pfsense but halfway through my head was swimming. I also use quad 9 for my dns resolver so whatever I end up with has to play nice with that fact. If this is asking to much let me know.
@gerhardpet1 Жыл бұрын
Does Netgate have built-in wifi so that the appliance can to be a WiFi AP? Or what is a good option to make the Netgate an WiFi AP?
@mikescott4008 Жыл бұрын
What's Broadcom support, is that "meh" too? I've got Intel on my Pondesk unit and Broadcom on my R220. I'd be interested in Negate hardware if the UK partner responded, so given up there tbh. I'm on my second Pondesk unit within 3 years. First network card port died, they replaced it, but still a failure. What about Dell PowerEdge or HPE ProLiant hardware for bigger installs? Look forward to the additional content as ever.
@subynut Жыл бұрын
That would explain why my pfSense experience has been hit and miss. Running it on hardware I had laying around. Sometimes they work great, other times… not so much. Thanks for sharing your thoughts on pfSense on other systems. I think I’m gonna put a Netgate powered pfSense box in the budget and get a unit designed for pfSense and just have something that just works right out of the box. Should get rid of some of my home networking quirks and issues.😂
@afrosheenix 11 ай бұрын
Protectli has been a rock solid low cost option for me, but the two port model is too weak to support gigabit WAN. If you're going that route, plan ahead and get something with more horsepower.
@afrosheenix 11 ай бұрын
Lol I jinxed myself. The msata drive died last night and I woke up to chaos.
@subynut 11 ай бұрын
@@afrosheenix oh no!!
@baricdondarion6228 Жыл бұрын
The major problem with a lot of this Chinese router boxes are their thermals or lack of it. This machines are designed to run fanless which is often not a good idea for an x86 machine. The machine has no active cooling and thus no way to regulate it's self.. the end result is an accelerated end of life. Many of them can be retrofited with a fan and even have fan pin outs. It is best to fit in a fan to allow for some active cooling and that should prolong the life.
@captainfartolini4335 Жыл бұрын
what about the failure modes of the infamous and ovepriced sg4860 from your friends at netgate?
@edwinrosales6322 Жыл бұрын
Thanks Tom, great video!
@davideyt1242 8 ай бұрын
a business setting will not use any of those (including the Netgate units), real business settings require enterprise grade firewall units e.g. Cisco, Fortinet, Checkpoint etc., unless by "business" you refer to a small office, where in most cases even standard router with basic firewall capabilities will be more than enough.
@LAWRENCESYSTEMS 8 ай бұрын
Yes, there are large, 1,000+ employees companies using pfsense.
@davideyt1242 8 ай бұрын
@@LAWRENCESYSTEMS interesting... a corporation with a 1000+ employees on the payroll normally have the means and resources to run a "real" enterprise firewall which is normally fully managed via an expensive subscription and also provisioned by the full-time IT expert from the IT dept. if so, impressive!
@alanb76 Жыл бұрын
I'd like to get started with pfSense and was wondering what reasonably priced dedicated (Netgate?) hardware would be a good match for a cable modem system at home with a few users and a small business. Current cable modems have 2.5 Gbit Ethernet interfaces and the download speeds are approaching or slightly exceeding 1 Gigabit at this time. Or there is AT&T fiber at 1 Gbit nearby as well. It would seem that the lower end boxes might bog down the network, but what is the practical balance here? Network speeds creep up so over the life of the box it might see more bandwidth, or become a bigger bottleneck if not appropriately chosen. Thanks in advance for any comments or suggestions.
@LAWRENCESYSTEMS Жыл бұрын
The 6100 would be great
@tylerstolsmark9662 Жыл бұрын
Oh man I was looking for this exact video last week. My protectli comes tomorrow 😢
@bmbiz Жыл бұрын
Don't read too much into it. It's all anecdotal data. Read all the comments here about people having good experiences with their Protectli's and you'll feel better. (I have one but haven't been running it long enough to comment on long term reliability.)
@rpsmith Жыл бұрын
I would be willing to bet if you have any problems with your new Protectli hardware, a simple phone call to their U.S. support folks will take care of it! I've only had one intermittent one and they happily replaced it out of warranty!
@NonyaDamnbusiness Жыл бұрын
Weird. My Protectli Vault 4-port w/8GB RAM and 256GB mSATA (both of which I installed) has been running fine since March 2019. You bought yours in 2018 so maybe there was a batch of defective/badly-engineered boards that Protectli was using back then but isn't any longer? I ran pfSense on it at first but now it's been running Untangle/Arista for the last 3 years just fine...well, when Arista isn't pushing out updates that wind up routing all traffic over your VPN tunnels instead of out the regular WAN interface that is. Yeah, that was a fun few days...not. They did quickly release a patch update to fix it though.
@ejayosboldstone940 Жыл бұрын
Hey tom try and clean the thermal paste off those mobo's one of the CPUs looked like the die was cracked
@Thetruth-Punjabi Жыл бұрын
I got Topon N100 2.5G box for Pfsense 2.7
@pitz10 5 ай бұрын
please help. i dont understand this firewall well. my question is what if I have my existing network and want to integrate this firewall in my own system because I like the feature of my system. If use this firewall will all the features of my current router will gone because the firewall own features?
@LAWRENCESYSTEMS 5 ай бұрын
I don't understand the question
@kristian4805 Жыл бұрын
I just got one of those cheap appliances, instead of a bigger desktop PC, and for sure its not nice not having bios and all. And heads up to anyone buying a box with intel i226 2.5Gbit cards, it's not supported in 2.6.0. You need Plus version or delevopment. Tried upgrading from 2.6.0 with the use of some USB network adapters.. oh hell, nope, something just screws up.. or from dev to Plus.. nope, atleast with dev version i tried. But it will be supported in 2.7 i hear.
@Домашнійадмін Жыл бұрын
By the way Protectli is Yanling actually. If you google internals for both you will see no difference
@rpsmith Жыл бұрын
I'm not sure about that claim but I bet Yanling doesn't have free U.S. based telephone tech support!
@klauslee7704 Жыл бұрын
@@rpsmith It's eays for them to find a group in US
@SR-pr2xz Жыл бұрын
Qotom are great and have good service, with bios updates that you can download. Yanling service is no existant, definitely don't recommend. I have one J1900 with a bad flash and couldn't get a bios to eprom flash from them. Also had a E3845 which was unstable as hell. With Qotom, I had to re-apply thermal paste, but they are great.
@vlcekmlcek3393 Жыл бұрын
I use lots of Aliexpress x86 boxes and 1U Supermicro in bigger companies.
@cheako91155 Жыл бұрын
Is there something wrong with the Espressobin?
@DeriuzM Жыл бұрын
Hi Lawrenece, your Qotom box, is it only pfSense running in that box or? what's the specs of your qotom box?
@LAWRENCESYSTEMS Жыл бұрын
Qotom Router Q750G5 amzn.to/3ElAAqE
@ipcamtalk4314 Жыл бұрын
Love the shoutout to Louis Rossman....
@LAWRENCESYSTEMS Жыл бұрын
Louis does some great board level work.
@EranFX 10 ай бұрын
Hi Lawrence , I have the Qotom router , should I install pfsense directly on the hardware or first put proxmox on it and than install pfsense as VM on it ?
@LAWRENCESYSTEMS 10 ай бұрын
kzbin.info/www/bejne/l3yuZaKgmdCeaa8
@maxpuissant2 Жыл бұрын
Looking to install this in a industrial panel with only 24V alimentation, any idea if there is compatible devices?
@viaujoc Жыл бұрын
Most of small form factor firewall appliances, including Netgate 1100 to 6100 are using 12V DC input. If you can install a 24V to 12V DC transformer in your industrial panel, you will be able to power them. The Netgate appliances are using a threaded connector which is hard to find, you may need to cut the cable with the threaded connector from the original AC/DC power brick and connect is to the 12V output of your transformer. Maybe you can also find who is selling a non working Netgate power supply for cheap and salvage the DC cable with the threaded connector. I am not sure about this one... I bet a standard barrel connector like 5.5mm OD/2.5mm ID (which is much easier to find) may also work to power a Netgate 2100 to 6100. You would just loose the additional safety provided by the threaded connector. If your industrial panel is locked an not subject to a lot of vibration, it should not be a big problem. The Netgate 1100 is using a standard barrel 2.1mm x 5.5mm which can also be powered by a PoE+ splitter if you have that kind of network infrastructure... I have used that method to power a PBX and a building automation controller, it works perfectly.
@tvpi-z1v 10 ай бұрын
A bit of a list of actual hardware would be nice that you recommend
@LAWRENCESYSTEMS 10 ай бұрын
The Netgate hardware
@propeto13 Жыл бұрын
favorite box for pfsense = Dell R210 II E3-1240 v2.... I have spoken.
@ClassicCarOverhaul Жыл бұрын
Same here, been using one for 4 years without any issues but looking for something that draws less power.
@goliathfox 6 ай бұрын
NSFW_LAN looks interesting....
@johnnylockwood Жыл бұрын
I have a Dell 486. Will it run on it?
@LondonBeatrice 12 күн бұрын
412 Schamberger Grove
@SpaceSquid420 Жыл бұрын
Kinda sounds like those boxes died to that intel c2000 bug. I had a device die to that.
@syruce76 Жыл бұрын
for me .... after a 4 x 2.5Gb wtih celeron.. i take the R86S ... 2x10Gb !!! with the same cpu yeaaaa baby
@syruce76 Жыл бұрын
but for the futur i don't know if it maintain updates, like bios update or some think like that
@aasilmahesh Жыл бұрын
I can see the power cycle on x86 pc curropts the os. Is that not the case with netgate x86. How they are being mitigated?
@LAWRENCESYSTEMS Жыл бұрын
Power cycling generally does not corrupt the OS on the drive. If you're using ZFS, this is pretty much a non-issue.
@aasilmahesh Жыл бұрын
I faced issues on zfs as well. Power fluctuation made my pfsense corrupts and I had to reinstall from the scratch
@georgeargy3184 Жыл бұрын
is the virtualization of router (with pfsense) good thing? so i can run 1 or 2 vms more on this kind of hardware? or like the re_computer odyssey blue?
@LAWRENCESYSTEMS Жыл бұрын
It works fine as long as you understand it.
@RewindFPV 10 ай бұрын
I just had a Netgate 7100 die on me after not even a year......the Problem was the powersupply. And my biggest issue with this is that i had to send the whole device back from europe to the US, get all the customs stuff going and even pay a 100 bucks shipping on my own. Even though i asked them if they could just send me a new power supply 🫣 Therefore I'm currently thinking of just buying a supermicro box an dropping pfsense on it...... .......as much as i've researched it seems supermicro also got eu warehouses and also i can easily get a new powersupply there 🙄
@leonardocernaianu9455 Жыл бұрын
Can you please suggest me a device for PfSense that support 10G (both on WAN and on LAN)? I have 10G connection to ISP and 10G network in house (Unifi switches). Thank you!
@LAWRENCESYSTEMS Жыл бұрын
NETGATE 1541
@leonardocernaianu9455 Жыл бұрын
Thank you@@LAWRENCESYSTEMS
@valentinzeller8439 Жыл бұрын
Love it.
Dave's Garage
Рет қаралды 702 М.
Level1Techs
Рет қаралды 113 М.