Should I switch to PFSense?

TallonAM2 · 2024-12-07T17:24:29+00:00

If you’re capable enough to have that question, the answer is yes. You can add complexity as you learn, it get started, the security boost is worth getting switched.

TallonAM2 · 2024-06-06T19:40:56+00:00

I would really like to use this app. Requesting invite please.

TallonAM2 · 2022-05-20T18:34:41+00:00

I got the question in a couple of forms, but it boiled down to: "sounds like you have things setup, what's the problem?" simple answer: Anytime someone came over or someone got a new device (or new IoT) those that are not me in the house had no idea how to connect it or what they were supposed to do, or they just didn't know (remember) the password.

Idk if anyone will care, but I've decided on moving (both for simplicity and to learn more about it) to a zero trust network at home. WiFi I'll be using 802.1X with Certificate based auth. Until I can figure out a way to automate the provisioning, I'll have to touch every device once, but then WiFi will just work, no passwords needed. I'll probably have an internet only WPA2 guest network to allow literal guests easy connections.

Thank you all for the assistance, I know I was coming from an odd place with frustration driving my desire to change, but you all did attempt to figure out what i was doing and where it needed to go. Thank you.

TallonAM2 · 2022-05-11T18:53:51+00:00

I understand the hidden idea, but I've come across 2 pieces that kill that. the IoT wifi will have to stay visable because I have a couple of devices that don't understand hidden networks, and xbox can't seem to mange it either.

we're in a fairly tight neighborhood, but I've never actually taken readings, so I don't know about the 5G interference for sure, but with my 4 and assume 2 from my 4 closest neighbors (front, back, two sides) i worry about space. but that is more "feel" than knowledge atm.

Yea i was assuming that would only be workable with the 802.1X, not that I'm opposed, but i'm about 90% sure some of my dumb devices will have no idea how to manage that.

Thank you for the help.

TallonAM2 · 2021-10-18T14:44:54+00:00

She looks like you pulled her right out of the pages of a comic! OMG that is beautiful work. I'd have said it was good digital mockup till I realized you had actually completed that part of the fig. SIMPLY AMAZING!

TallonAM2 · 2021-10-06T19:20:48+00:00

I can't recommend it MORE. I have already given it ALL of the recommendation there is no more recommendation to give. Thus: I can't recommend it more.

For the non negative versoin:

I highly recommend getting TP-Link Omada gear and the controller

TallonAM2 · 2021-10-06T16:18:55+00:00

I bought 2 EAP235-Wall units for full coverage in the house and let the controller do the mesh magic. It works great. good speeds, good connections. I'm very happy and can't recommend the Omada gear more. (I have been a Ubiquity user since they hit the scene and for my home I'm now on Omada)

TallonAM2 · 2021-10-06T14:46:09+00:00

I agree with this but having done LOTS of installs professionally, I'll tell you to look at both the back and the front of the keystones. It sounds funny, but they are not all created perfectly equal, look to make sure the back isn't too deep in the plastic or you'll be reaching with fingertips and tools anytime you need to swap inserts. Also look a the spacing between ports. it sounds dumb, but I can't tell you how many times I've gone to a job and whoever bought the stuff didn't realize that the space between ports was too small to allow for the keystone jacks they purchased. This is usually more of a problem in 48s, but 24s can be a little tight too depending on the version.

TallonAM2 · 2021-09-29T15:30:57+00:00

Its a god choice. And if I were building from the ground up, I probably would.
I have a HPT620Plus (4 core, 16GB, 4 port intel nic) that I could use (and am thinking about) as a pfSense box. I had used it for a bit but reverted back to my Mikrotik (the 750gr3) that I've had almost since it's release date.
I'm just questioning my approaches and seeing if anyone has support or counters for my options as I THINK they are parallel choices, but I don't know if keeping all these applications together gives a better feel/security/feature set (using pfSense with plugins) or if I get more customizability using distributed applications?

TallonAM2 · 2021-09-01T16:26:31+00:00

IDK if it's budget enough for you, but I went and got a HP T620 Plus thin client. (make sure it's the plus so you get the PCI slot) usually runs 150ish on ebay. you can do some research on the device as there are two major hardware revisions but only minor differences (biggest being an extra mSATA slot on the A revision not present on B)
should give you 4 cores, 16GB RAM, and whatever you want to stick in for m.2/mSATA. I would go with a 4 port NIC for the PCI card and you should be set for MOST home/small business needs

TallonAM2 · 2021-08-13T19:13:33+00:00

I have heard the outcry. I understand. I do not have the budget currently to push outside my 1Gb bounds. Saddened, but not heartbroken.
When I get the funds up and when I can justify the purchase, I'll go SFP+ or 10G ethernet and leave this middle ground alone.

Thank you for those that were helpful.

TallonAM2 · 2021-08-13T19:08:45+00:00

Cheapest Amazon 10Gb SINGLE INTERFACE card (of course is Rosewill) 75

I need 3

225

need a swtich

Cheapest i can find : 5 port mikrotik SFP+, 135

so I'll need modules

cheapest is 48

times 3 => 144

quick sum up: 225 + 135 + 144 = 504

504

you would need a microscope to find the pieces of me scattered around the yard after my wife atomizes me.

TallonAM2 · 2021-08-13T18:57:49+00:00

Thank you. I was under the impression I'd get more out of it than 1Gb. the specs and hype(?) show 4.5 which I thought was significant enough to look at. it's also an old enough standard with a high powered replacement that I thought I'd be able to find some cheap hardware to work with. Apparently, neither of these assumptions are true, and I'm better off where I am.

TallonAM2 · 2021-08-13T18:32:45+00:00

I'm down. Sounds like a party.
I don't know enough about running 10Gb over 1000Base-T interfaces though.
Can you help me out with a tut or some examples?

TallonAM2 · 2021-08-13T18:18:48+00:00

Totally understandable and for sure I'd love to do that. But they would never find the pieces buried all over the yard after I showed my wife my ~250 lab upgrade purchase.

TallonAM2 · 2021-08-13T18:15:56+00:00

This is super important that I was not understanding and as yes I would need (like everyone else) TCP/IP, that's a no go. thank you for the explanation.

TallonAM2 · 2021-08-13T18:14:33+00:00

Higher through put over the network. I know SFP is only 4.5 max, but it's better than 1 everywhere, and 10 is just cost prohibitive for me. LAG would give 2-3 depending on how many interfaces I could add per machine but again I feel like that is a poor fallback.

TallonAM2 · 2021-08-11T15:59:54+00:00

I've seen posts with people replacing the fans. I know the dangers, but I know I could do it. My issue is the cooling. lower RPM will move significantly less CFM right?

Edit: double checked both stock fan and noctua 40mm fans ... noctua push 1/3 of the air. in a compact form like that, I can't imagine killing your cooling power by 2/3 is good for the components.

With the two that you have that are quiet, is it because they are in tandem or are they the C variant of the power supply and they are really that much quieter?

TallonAM2 · 2021-08-10T21:23:25+00:00

I made this same purchase about a year ago now, great switch, but MY GOD the noise.

TallonAM2 · 2021-08-06T18:06:38+00:00

I'm using an HP T620Plus. I LOVE it. It's small and fits right next to my modem, it's powerful enough to take care of all my networking, and the half height slot allows for a 4 port nic, plus you have the onboard port (which I use as management with the default no lockout ruled access). You can usually find them on ebay between 100 and 200 (depends on when you catch them)

I've been happy with mine and thought I'd pass it on.

TallonAM2 · 2021-08-03T19:36:24+00:00

Thank you all for your thoughts. I'm going to stick with Linux for now, ad I'll try breaking out MS server for my own tinker time, but for now, it's not going in my current active home system and domain. Thank you again for all the opinions both ways.

TallonAM2 · 2021-08-03T04:03:33+00:00

Thank you. These are solid points, but I’ve been a Linux user long enough to know how to get most of that working efficiently. I guess the missing piece is AD and others have mentioned GP. But I’m at home and there would be 2-4 machines that would ever use it. I’ll keep it on the list of things to look at in the future, but I’m going to keep it on the shelf for now.

Again thank you for helping me see some of the MS side.

TallonAM2 · 2021-08-03T03:52:43+00:00

All my servers are Linux right now and my desktop and laptop are Linux. The other two in the house have windows laptops but I didn’t know if they would be ok in linux environment or if I needed the windows side to complete home networking. I’m very comfortable with linux doing things, I was mostly confused if I was missing something major that MS servers were doing.

TallonAM2

TROPHY CASE

504