Hi fellow gurus.Life kept me busy from visiting the forums, but i found some time and i have some questions. I decided to go overkill and build my own router, to learn about pfSense and to brush off my rusty network skills. The build: Motherboard : Asrock J3355B-ITX (it supports AES-NI for future pfSense builds) 2x2 GB of DDRAM3 So-DIMMS PSU: 200w picoPSU Storage: for now i still have to decide between cheap, small SSD or a spare 120 GB hard drive Case: M350 ITX Network card: will buy a used Intel dual or quad server grade NIC I bought at a good discount the motherboard.The rest is about to be purchased. A couple of questions: Is there anything i can improve in the build above? Anyone here dabbled with pfsense?
The question is what do you expect out of pfsense? Things like unifi USG have CPUs than have hardware offload which is generally faster and less latency than 'built' routers. Are you just setting this up to play with it? Do you have an understanding of how to setup basic functions like route tables etc?
I am setting this up to learn and move forward from DD-WRT which i have on my TP Link N3600 router.Yes, i have a basic grasp of the iptables/route tables, but i want to re-take the networking classes and learn more and touch more advanced stuff.I do this for me and for my the tech curiosity.
smalll update... just returned the Asrock motherboard. This just went under my radar. https://fit-iot.com/web/products/fitlet2/ It mught be a very serious little computer made just for that...running pfSense . If somehow, the mil will turn sour from pfSense part in not supporting it, well Sophos XG Firewall might be a delightfull alternative.
id think the newer 64bit rasp pi's are cheap enough with enough throughput combined with a switch to fullfill the needs without a pc or the fit iot,
Only thing I really have to comment on the build is that disk-space and disk-type only matters if you intend to use "Squid", or to store long term session logs (go with an HDD if that's the goal, SSD if a transparent proxy is). --SSD is quite worth it for Squid caching since most of the hits will be small files. (primarily random access) HDD vs SSD for operation of the OS itself won't matter, as all files will be permanently cached in memory (unless using Squid).
If you need any help with those (either pfSense or Sophos), let me know. I have got the Sophos UTM as a small SG hardware version (only license differs a bit) and I set up some pfSense some years ago (not to its fullest extend, but some VLANs, DHCP, DNS, routes and stuff). Sophos I know mostly by heart.