USB NIC for pfSense

E

enthusiast29

Level I
Anyone's aware of any USB NIC adaptors which work with pfSense?

I'm planning to explore pfSense on a mini PC I have which sadly has only 1 GbE port and pfSense needs two of these to work.
The mini PC has no expansion capability using PCIe. It does have a mini PCIe slot for wifi card (half-mini height) though.

Other than that it has USB 3.0 ports which I'm thinking to use for a USB 3.0 to Ethernet adaptor to add another GbE NIC.
Any known good compatible one?

I know TP-link has a couple of them but I'm not very confident with those as there's not much info on them and a few posts I see from 2017-19 with people having issues to get it recognized.

Thanks!
 
@ibose yeah I hear you. I also saw people saying to avoid Realtek and unfortunately the onboard NIC is Realtek. Seems like this is going to cost a lot if I go the ideal route.
Those convertor/adaptors are just to hard to find in India and looks like this particular one needs power using SATA cable and the zotac mini PC I have uses power brick of course.

Eh... Looks like I'll be better off using some old desktop system but the power consumption would be a lot more in comparison.
 
enthusiast29 said:
@ibose yeah I hear you. I also saw people saying to avoid Realtek and unfortunately the onboard NIC is Realtek. Seems like this is going to cost a lot if I go the ideal route.
Those convertor/adaptors are just to hard to find in India and looks like this particular one needs power using SATA cable and the zotac mini PC I have uses power brick of course.
Click to expand...
Maybe you might get lucky

deviwiki.com

Main Page

deviwiki.com deviwiki.com

Try what you find here against that site
 
I am using VLANs with Opnsense and it works well. I tried USB ethernet with ASIX chip and Realtek chip with Opnsense and it did not detect properly that time. The Internet bandwidth is less than 100 Mbps so using the single gigabit ethernet works well for me
 
Crazy_Eddy said:
Will a switch + VLAN work?
Click to expand...
Might try this way... I have 200Mbps bandwidth so I think should be an issue if I get some cheap gigabit switch.
bobbyprajan said:
I am using VLANs with Opnsense and it works well. I tried USB ethernet with ASIX chip and Realtek chip with Opnsense and it did not detect properly that time. The Internet bandwidth is less than 100 Mbps so using the single gigabit ethernet works well for me
Click to expand...
Are you using a switch or just directly wired it to the LAN interface of the wifi router AP?
 
enthusiast29 said:
Are you using a switch or just directly wired it to the LAN interface of the wifi router AP?
Click to expand...
Opnsense is installed in an HP thin client (T620). The only gigabit ethernet is connected to a VLAN aware switch which has multiple VLANs for internet connections and internal networks. The WiFi access point also connects to the same switch
 

Attachments

  • Screenshot_2022-10-13_12-06-58.png
    Screenshot_2022-10-13_12-06-58.png
    39 KB · Views: 328
@Crazy_Eddy @bobbyprajan Thanks for the idea and advice you guys gave. I went ahead and bought myself a cheap managed switch (TP-Link TL-SG105E) and setup VLANs on it.
Hooked it up to my modem (in bridge mode), my zotac mini PC running pfSense (only one Gb Realtek NIC) and connected my Router in dumb AP mode to the switch.

It all works after the little tedious setup.

1667748222698.png

Oh and for anyone who wants to use Realtek NICs with pfSense, yes they can work. The default driver from FreeBSD isn't that good and may give "watchdog timeout" errors when NIC is nearly fully loaded.
To fix it, I googled a bit and here's the solution: https://forum.netgate.com/post/962889
A simple driver package update from the official repos in v2.5.x.

For v2.6.0, https://forum.netgate.com/post/1069278
 
enthusiast29 said:
Hooked it up to my modem (in bridge mode), my zotac mini PC running pfSense (only one Gb Realtek NIC) and connected my Router in dumb AP mode to the switch.
Click to expand...
This is very interesting. Could you share a simple network diagram of how the units are connected? And also some details about how you setup VLANs.
 
if you planning to use Pfblockerng then 1GB RAM might not be sufficient. I am running some packages like Pgblockerng, Snort and most of the time the RAM utilization is around 25-40%
1669092310005.png
 
Crazy_Eddy said:
Do the newer models still have these security issues? (old review from 2018) :-
goughlui.com

Not So Smart: TP-Link TL-SG105E V3.0 5-Port Gigabit Easy Smart Switch

I’ve made a few mentions about VLANs in the recent past as it’s something that I find quite useful along with virtual APs with managing an ever-increasingly-complex home network. But as…
goughlui.com goughlui.com
Click to expand...
It might be because it was still a bug with v3.0:

Anyways it's still not recommended to use these cheap switches in office/work environment at all. Buy better hardware. For homes, where you have the control and you know no one's gonna snoop around, this is just fine.

PS: I haven't tried to replicate the issue with my v5 hardware but I don't believe much in TP-Link to fix it.
maddy_in65 said:
if you planning to use Pfblockerng then 1GB RAM might not be sufficient. I am running some packages like Pgblockerng, Snort and most of the time the RAM utilization is around 25-40%
Click to expand...
Yes, I'm aware. Using those would need more RAM. I did try it with 8GB. Although I moved to OpenWRT x86 as it has better Smart Queue management algorithm (CAKE) which works excellent to reduce bufferbloat while maintaining higher speeds and fair bandwidth across devices. Also has firewall/adblock/IP block etc . and a good software repo.
 
Back
Top