0-20k Pfsense System
- Thread starter Viz
- Start date
- Status
cyberwarfare
Galvanizer
Yes, @vivek.krishnan and me both run pfSense systems at home, and he also runs some at work.
I see your budget is approx 20k.
What is your end use for the system and what all do you need to buy, or do you have any parts/ components that you will reuse from an older build?
I see your budget is approx 20k.
What is your end use for the system and what all do you need to buy, or do you have any parts/ components that you will reuse from an older build?
I have a small office with 10 systems and looking for a router that gives me more control on what my team can access over the web and better bandwidth distribution, Ideally I would like to keep the budget between 10 to 12K, I have 3x2 GB ECC RAM's with me, apart from that no hardware, I have an old Dell T3500, that I wanted to convert into our server, but that will be a power house to run PFSense I guess. Please let me know. Thank you!
cyberwarfare
Galvanizer
10-12k may be too little for a proper pfSense box, given that a 4 port intel nic is about 8k on ebay and a 2 port nic is about 4k on ebay.
You must pick a cpu/ board combo that supports AES-NI since pfsense 2.5 will REQUIRE AES-NI.
My setup is an asrock am1 board with an amd 5350 cpu and 4gb of ram. For the boot device i use an old ssd (you could use an USB) and i also have a 4 port intel i340 based network card. With the above config, PSU and case, you will be around the 17-18k mark, depending on the case and psu you select.
As far as power consumption goes, my box sits at about 25-40 w depending on the load at the time.
You must pick a cpu/ board combo that supports AES-NI since pfsense 2.5 will REQUIRE AES-NI.
My setup is an asrock am1 board with an amd 5350 cpu and 4gb of ram. For the boot device i use an old ssd (you could use an USB) and i also have a 4 port intel i340 based network card. With the above config, PSU and case, you will be around the 17-18k mark, depending on the case and psu you select.
As far as power consumption goes, my box sits at about 25-40 w depending on the load at the time.
Hi,
Thanks for th response, I can stretch the budget if required to 20K, I have my network on a 10/100 24 port switch, so a 2 port Nic is enough? can you please let me know the component so that I can source and build one. Ideally with low power consumption as one Kw costs about 11/- for us here on commercial electricity.
Thanks for all your valuable time.
-Srinivas.
Thanks for th response, I can stretch the budget if required to 20K, I have my network on a 10/100 24 port switch, so a 2 port Nic is enough? can you please let me know the component so that I can source and build one. Ideally with low power consumption as one Kw costs about 11/- for us here on commercial electricity.
Thanks for all your valuable time.
-Srinivas.
Hi,
We have pfsense deployed both as physical and virtual machines. The experience is great, we use a dedicated server for the virtual instance.
Depending on the number of internet lines and LAN segments/subnets, you need a NIC for each.
If you are looking to do this on lowest power consumption, its best to pickup a box from Aliexpress.
We have pfsense deployed both as physical and virtual machines. The experience is great, we use a dedicated server for the virtual instance.
Depending on the number of internet lines and LAN segments/subnets, you need a NIC for each.
If you are looking to do this on lowest power consumption, its best to pickup a box from Aliexpress.
This box from aliexpress costs about $220, so I was hoping to get built something with in that price range
Pfsense on Aliexpress
Pfsense on Aliexpress
I have the same box, however, I would not recommend it for future due to the lack of performance - i found it a bit laggy sometimes, plus it lacks AES NI.
After talking to you, I would recommend purchasing a entry level Kaby Lake board with Kaby Lake Pentium GPU or opt for an AM1 board like @cyberwarfare has.
I will send a dual port NIC which you can use and either return/purchase/upgrade to a quad NIC.
Ensure you get a good PSU.
Keep your existing machine for Windows Server that you plan to get in the future, else look at Dell T20/T30 entry level servers (290W)- they are selling the Haswell variant for roughly 35K and the Skylake variant for 42K, taxes excluded
Coming to Windows Server licenses, you should opt for Windows Server essentials as this will ensure you can bypass the CAL requirement for Standard editions, plus its cheaper at roughly 30-35K.
If you can virtualise the infrastructure, do it. You can run ESXi or HyperV on your Dell.
I was looking to downsize my home lab (Cisco/Vmware/IoT/Virtual WLC/Windows AD) w.r.t power and heat as well as to replace my ageing Juniper SSG5 Internet firewall. So ended up placing an order for QOTOM Q355G4 i5-5250U 8G RAM 64G SSD for about $360 three days ago. Selected this mainly for it's size. Hope it escapes custom charges! Fingers crossed!
Looking to run fully loaded pfSense + three other light weight VMs on top of ESXi or Proxmox. I'll feedback once I've got my hands on the above.
Another ESXi/Proxmox node build is sitting in cart. Based around Intel G4560 (or something better but not expensive) + ASRock B250M Pro4 Mobo + 16G DDR4 RAM + Quad Intel NICs + Cooler Master Elite cabby + Seasonic 80+ PSU
Looking to run fully loaded pfSense + three other light weight VMs on top of ESXi or Proxmox. I'll feedback once I've got my hands on the above.
Another ESXi/Proxmox node build is sitting in cart. Based around Intel G4560 (or something better but not expensive) + ASRock B250M Pro4 Mobo + 16G DDR4 RAM + Quad Intel NICs + Cooler Master Elite cabby + Seasonic 80+ PSU
technavneet
Contributor
Hey, guys, I am being off topic but have you guys tried Pi-Hole? & As for pfsense do you guys run it in a VM/containers or a separate rig specifically designed for it?
The Pi Hole is not a firewall, but a DNS sinkhole.
I run pfsense in a VM, on a retired x3100M4.
technavneet
Contributor
I know it's not a firewall (Did I mention that it is a firewall) & Great! (Can I know the specification?
The discussion was about firewalls, hence my point
The x3100 M4 is an IBM 2nd gen Xeon server with passthrough support.
technavneet
Contributor
- Status