Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Off-topic
  3. Anyone using Pfsense on a sff mini PC?

Anyone using Pfsense on a sff mini PC?

Scheduled Pinned Locked Moved Off-topic
8 Posts 4 Posters 2.2k Views 5 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • humptydumptyH Offline
      humptydumptyH Offline
      humptydumpty
      wrote on last edited by
      #1

      I’m looking to replace my router and always wanted to go the pfsense route for the increased security/control you get over commercial routers. Does anyone have any experience with pfsense and can recommend some hardware and guides to get up and running?

      luckowL 1 Reply Last reply
      0
      • humptydumptyH humptydumpty

        I’m looking to replace my router and always wanted to go the pfsense route for the increased security/control you get over commercial routers. Does anyone have any experience with pfsense and can recommend some hardware and guides to get up and running?

        luckowL Offline
        luckowL Offline
        luckow
        translator
        wrote on last edited by
        #2

        @humptydumpty something like https://www.amazon.de/Firewall-Appliance-Mikrotik-OPNsense-HUNSN-Schwarz/dp/B0B154S98L/ Use opnsense instead of pfsense 🙂
        https://opnsense.org/

        Pronouns: he/him | Primary language: German

        humptydumptyH 1 Reply Last reply
        3
        • luckowL luckow

          @humptydumpty something like https://www.amazon.de/Firewall-Appliance-Mikrotik-OPNsense-HUNSN-Schwarz/dp/B0B154S98L/ Use opnsense instead of pfsense 🙂
          https://opnsense.org/

          humptydumptyH Offline
          humptydumptyH Offline
          humptydumpty
          wrote on last edited by
          #3

          @luckow did some reading on pfsense vs opnsense. I’m sold on opnsense but that leaves the hardware. The box you linked doesn’t have wifi. I’m guessing I can use my existing commercial router for wifi or is there a more secure/better method out there?

          luckowL 1 Reply Last reply
          0
          • humptydumptyH humptydumpty

            @luckow did some reading on pfsense vs opnsense. I’m sold on opnsense but that leaves the hardware. The box you linked doesn’t have wifi. I’m guessing I can use my existing commercial router for wifi or is there a more secure/better method out there?

            luckowL Offline
            luckowL Offline
            luckow
            translator
            wrote on last edited by luckow
            #4

            @humptydumpty It really depends on your needs. In our office we have a 4 port appliance like the one in the link above (not sure if it's the same model), but we only use 3 of the 4 ports. More network segments means more ports. If you just want a dedicated firewall in front of your router, maybe 2 ports is enough?
            One of my last Kickstarter products was https://www.zimaboard.com/. At first, I thought, hey, I'll use it for Opnsense at home. But then a local Cloudron instance was more important to me 🙂

            And in addition to the firewall, we use dedicated Wi-Fi access points with VLAN capability to separate the different use cases on the WLAN. In combination with opnsense it is possible to meet specific security requirements (if you trust VLANs).

            Pronouns: he/him | Primary language: German

            1 Reply Last reply
            2
            • P Offline
              P Offline
              privsec
              wrote on last edited by
              #5

              An t620+ with an intel 4 port nic is what I use with opnsense.

              I upgraded the ram and the ssd

              You could also go the protectli route, or an alibaba comparable

              Protectli is nice due to the built in 4g backup SIM card option.

              humptydumptyH 1 Reply Last reply
              1
              • marcusquinnM Offline
                marcusquinnM Offline
                marcusquinn
                wrote on last edited by marcusquinn
                #6

                I like the look of Protectli

                • https://protectli.com
                • https://protectli.com/integrations/
                • https://protectli.com/kb/coreboot-build-guide/

                And been quite happy with Bee-Link as a mini Proxmox server:

                • https://www.bee-link.com/

                And this looks like a good read:

                • https://homenetworkguy.com/review/opnsense-hardware-recommendations/#500-usd

                Web Design https://www.evergreen.je
                Development https://brandlight.org
                Life https://marcusquinn.com

                1 Reply Last reply
                2
                • P privsec

                  An t620+ with an intel 4 port nic is what I use with opnsense.

                  I upgraded the ram and the ssd

                  You could also go the protectli route, or an alibaba comparable

                  Protectli is nice due to the built in 4g backup SIM card option.

                  humptydumptyH Offline
                  humptydumptyH Offline
                  humptydumpty
                  wrote on last edited by
                  #7

                  @privsec I’m leaning heavily towards the t620+. I found one on eBay with 4 ports ready to ship. It seems 8GB RAM is the standard for opnsense but should I upgrade it to 16GB? Also, what’s the reason for upgrading the SSD? How much space would opnsense need in a home router setting? I read the t620+ has mobo rev A and B. The A has an additional m.2 port or something like that. Does it matter which rev board I get?

                  @luckow @marcusquinn the zimaboard looks nice but it seems upgradeability is impossible. I have a bunch of rpi’s laying around but I’m finding them useless in any use case that requires reliability. The only ok use is as an Omv5 nas box. Protectli seems nice but is UK/EU oriented and I’m not sure what adapters I would need for the US. The HP t620 plus might be the ideal hardware for me. I wish I could use one of the SFF I already have (elitedesk 800, lenovo m700, etc.) but I’m not sure how to add a second nic card to them. Thanks for the recommendations!

                  P 1 Reply Last reply
                  1
                  • humptydumptyH humptydumpty

                    @privsec I’m leaning heavily towards the t620+. I found one on eBay with 4 ports ready to ship. It seems 8GB RAM is the standard for opnsense but should I upgrade it to 16GB? Also, what’s the reason for upgrading the SSD? How much space would opnsense need in a home router setting? I read the t620+ has mobo rev A and B. The A has an additional m.2 port or something like that. Does it matter which rev board I get?

                    @luckow @marcusquinn the zimaboard looks nice but it seems upgradeability is impossible. I have a bunch of rpi’s laying around but I’m finding them useless in any use case that requires reliability. The only ok use is as an Omv5 nas box. Protectli seems nice but is UK/EU oriented and I’m not sure what adapters I would need for the US. The HP t620 plus might be the ideal hardware for me. I wish I could use one of the SFF I already have (elitedesk 800, lenovo m700, etc.) but I’m not sure how to add a second nic card to them. Thanks for the recommendations!

                    P Offline
                    P Offline
                    privsec
                    wrote on last edited by
                    #8

                    @humptydumpty it does matter, I remember finding which version was best on servethehome I think.
                    One of the models if I recall wasn’t suggested

                    1 Reply Last reply
                    0
                    Reply
                    • Reply as topic
                    Log in to reply
                    • Oldest to Newest
                    • Newest to Oldest
                    • Most Votes


                      • Login

                      • Don't have an account? Register

                      • Login or register to search.
                      • First post
                        Last post
                      0
                      • Categories
                      • Recent
                      • Tags
                      • Popular
                      • Bookmarks
                      • Search