Firewalls recommendations for fast Inet connections

Networking and broadband talkabout. Need help with that new router or setting up a network?
User avatar
FlyingPenguin
Flightless Bird
Posts: 28657
Joined: Wed Nov 22, 2000 11:13 am
Location: Lady Lake, Florida
Contact:

Re: Firewalls recommendations for fast Inet connections

Postby FlyingPenguin » Sat Jun 08, 2019 8:34 am

Well I've joined the pfSense universe. I love that little Ubiquiti EdgeRouter X, but I want to start implementing some additional features that it doesn't have the horsepower for. I'd like to setup my own OpenVPN for one thing, and and do some more advanced logging and some intrusion detection/prevention. Also, we're supposed to have 1Gbit available from Comcast around here soon, and that EdgeRouter X maxes out at around 500Mbit - even less with QoS enabled. QoS is actually choking it a bit right now at my 200Mbit bandwidth.

It's a bit overkill but after a lot of soul searching I decided to go with the monster SG-5100. I was thinking of getting the SG-3100 to save money, but reading up on it, it sounds like it would be a little underpowered for everything I want to do AND a 1Gbit connection. Plus I like the idea of having the extra 3 ports to play with. I could see the utility of setting up a 3rd LAN segment for the Nanobeam connection to the old house, to isolate it from the trusted and guest LANs at the main house.

Pricey, but it was on sale for $100 off, and I had a credit with them for another $100 which helped.

Was up late last night configuring it. Took me a while to figure out how to setup one of the extra ports as a Guest network with a separate LAN segment, but I figured it out (one nice thing about the Ubiquiti, it has a wizard built in for two networks).

I must say, I like the elegant way the firewall rules work in pfSense. Now I need to play with traffic shaping.

The old Ubiquiti will stay on the shelf as a spare in case something nukes the new router.

https://www.netgate.com/solutions/pfsense/sg-5100.html

Image
- "I belong to no organized party. I am a Democrat." - Will Rogers

Image

User avatar
Losbot
Almighty Member
Posts: 3111
Joined: Sun Jul 13, 2014 8:59 am
Location: South Florida

Re: Firewalls recommendations for fast Inet connections

Postby Losbot » Sat Jun 08, 2019 2:17 pm

I love having extra ports. I ended up with the SonicWall TZ500W in the end. I don't use the WiFi on it but I will eventually turn it on.
I was able to save my old SW config and load it into this new one. Too easy.

Image

User avatar
FlyingPenguin
Flightless Bird
Posts: 28657
Joined: Wed Nov 22, 2000 11:13 am
Location: Lady Lake, Florida
Contact:

Re: Firewalls recommendations for fast Inet connections

Postby FlyingPenguin » Tue Jun 11, 2019 10:59 pm

I'm really liking this box. I've been studying how to configure the Traffic Shaper for the LAN and bandwidth limiter for the Guest network. Once I get that setup I'm going to play with setting up OpenVPN.

The box has a 4 core Atom processor, but it's fanless. The entire top cover is a heatsink.

It's a lot bigger that the old EdgeRouter-X but it just barely fit without moving anything else. In the photo below it's in the upper left corner to the left of the white Wifi access point.

I also took the opportunity to do a bit of wire management. The original patch cords I ordered for connecting the switch to the patch panel were 3 feet long and had a lot of slack. I replaced them with 1 foot patch cords which neatened things up a lot.

Image
- "I belong to no organized party. I am a Democrat." - Will Rogers

Image


Return to “Broadband & Networking”

Who is online

Users browsing this forum: No registered users and 1 guest