1
Upgrading PFSense Hardware February, 2022
Posted by
pete_c
,
25 February 2022
·
575 views
Recently here have upgraded main house from DIY'd 6 port BCM Haswell i3 mITX computer to:
1 - Qotom q330g4 i3-4010u (4 port - 8Gb - 32Gb mSATA) IE: Wan and back up wan and 2 LAN to managed switches
Back up (really not needed as the Qotom boxes are well built). The Jetway box is better built than the Qotom.
2 - Jetway JBC390F541XA-1900-B (6 port - 8Gb - 32Gb mSATA)
Both are mounted on the Telco wall now rather than on the computer rack.
I have a Qotom Q190P S08 on telco wall in house #2. (same set up with UPS and GPS/PPS)
The DIN mounted Jetway is larger than the Qotom boxes.
Easy peasey...for both
1 - backed up current configuration on BCM firewall
2 - wrote PFSense new on both new devices
3 - connected WAN link to current network and LAN link to my laptop.
4 - logged in to administrative GUI on new Firewall
5 - imported configuration.
6 - rebooted and all plugins were reinstalled automagically.
7 - mounted the two firewalls on telco wall.
8 - connected LAN AND WAN cables, UPS, GPS (with PPS) and turned on back up PFSense box first. Ran it for a week.
9 - backed up back up box and configured production box and then connected all cables to main production box.
10 - cleared ARP and NDP tables on both as I used them.
I am still using an Arris SB6190 at both locations. Tested the Arris SB 8200 for a bit and was not happy with it. May purchase the Motorola Docis 3.1 modem.
BTW here now using IPSec, OpenVPN and Wireguard servers running on PFSense.
Have no ports open on the PFSense box (years now)
OpenVPN is much easier to set up than IPSec. Wireguard is faster than IPSec and OpenVPN.
Run OpenVPN clients these days on Android, WIndows 11 tablet to call home for CCTV, OmniPanel, Homeseer and HA.
1 - Qotom q330g4 i3-4010u (4 port - 8Gb - 32Gb mSATA) IE: Wan and back up wan and 2 LAN to managed switches
Back up (really not needed as the Qotom boxes are well built). The Jetway box is better built than the Qotom.
2 - Jetway JBC390F541XA-1900-B (6 port - 8Gb - 32Gb mSATA)
Both are mounted on the Telco wall now rather than on the computer rack.
I have a Qotom Q190P S08 on telco wall in house #2. (same set up with UPS and GPS/PPS)
The DIN mounted Jetway is larger than the Qotom boxes.
Easy peasey...for both
1 - backed up current configuration on BCM firewall
2 - wrote PFSense new on both new devices
3 - connected WAN link to current network and LAN link to my laptop.
4 - logged in to administrative GUI on new Firewall
5 - imported configuration.
6 - rebooted and all plugins were reinstalled automagically.
7 - mounted the two firewalls on telco wall.
8 - connected LAN AND WAN cables, UPS, GPS (with PPS) and turned on back up PFSense box first. Ran it for a week.
9 - backed up back up box and configured production box and then connected all cables to main production box.
10 - cleared ARP and NDP tables on both as I used them.
I am still using an Arris SB6190 at both locations. Tested the Arris SB 8200 for a bit and was not happy with it. May purchase the Motorola Docis 3.1 modem.
BTW here now using IPSec, OpenVPN and Wireguard servers running on PFSense.
Have no ports open on the PFSense box (years now)
OpenVPN is much easier to set up than IPSec. Wireguard is faster than IPSec and OpenVPN.
Run OpenVPN clients these days on Android, WIndows 11 tablet to call home for CCTV, OmniPanel, Homeseer and HA.
Hi Pete, I just switched (mid February) from pfsense to Opnsense on my Supermicro X10SLH-LN6TF (6x10Gbe). Lost IPv6 (grrr) but gained access to NBaseT RT8125b interface (2.5Gbe) card with FreeBSD 13.0. I have the Arris DOCSIS 3.1 (telephone). The migration from pfsense to Opnsense was far from painless but when IPv6 gets fixed I think it should be worth it as I don't see pfsense supporting the RT8125b car any time soon.
BTW, I like the pfsense GUI better. Things are in odd places in the Opnsense GUI. Still have a lot of learning about the internals of FreeBSD. Been using Unix since '85 and Linux (my main OS) since early 90's (110 5 1/4" 1.2M floppies). I hope to learn the proper CLI commands and I'm hoping for a proper REST API.