pfSense English Support > Hardware

Zotac ZBOX CI323 nano

(1/29) > >>

OK:
Hi all,

being new to pfSense and BSD (but not to firewalling and computers in general), I thought this little box might be a good idea. Well, not so much at the moment.

With the Celeron N3150 being quite new, there is a serious lack of support for the hardware, leading to a situation where most OS did not install correctly. Adding a BIOS that only has a broken "Legacy Boot" option (blank screen and nothing happens), this leaves me with the following results:

- Windows 10 works flawlessly, but who wants that
- MINT Linux installed, but X does not work. Didnīt fiddle around with the settings, but I assume the internal display is not yet supported. Same for CentOS.
- FreeBSD installed only when using the "FreeBSD-10.2-RELEASE-amd64-uefi-memstick.img" All ISO were said to be unbootable (Rufus)

With no Legacy Boot and no UEFI image for pfSense Iīm kind of stuck at the moment. The hardware itself seems to be very capable of running FreeBSD, so I assume itīs worth still chasing that.

Unless Zotac release a BIOS update that permits Legacy Boot, I wonder what is needed to create a UEFI image for pfSense. It worked for FreeBSD, so in theory itīs possible for pfSense as well (correct me if Iīm wrong).

If you have any other ideas, please let me know. I strictly refuse to install Win 10 with Virtualbox :D (but tested that and it worked, although the windows driver for the realteks seems to strip away the VLAN tags).

Cheers !


EDIT:

Maybe the BSD gurus can help here. When I boot into the EFI shell, I can navigate to "fs0:" then "cd boot" and "ls" gives me two executables, "boot1.efi" and "loader.efi". When starting "loader.efi", I get this (see attachment).

Can someone explain what the issue is ?

OK:
Never underestimate the danger of assumptions....

When I said that Legacy Boot is broken, this is true as long as there is a HD TFT display attached, at least the one I used via Displayport. Instant blank screen. BUT:

Using a good old analog VGA Monitor, everything worked like a charm. Using the memstick to run live or install to SSD.

The baby is now up and running, interfaces assigned, the VLANs work great (not like under the windows I had running, where the realtek driver looked like a pre-alpha PITA).

So happy !

The base config with 4 VLANs, manual outbound natting, proxyarp was setup in no time, I really start enjoying this.

CI321 compared to CI323:
2013 vs 2015
2 cores vs 4
11W vs 6W
16GB vs 8GB (only drawback)
no fans :)


Cheers !

almost the same price, currently

tazmo:
Hi-

I too am looking at purchasing this box for my first pfsense router... 2 NICs, 4 cores, AES-NI support for OpenVPN, and inexpensive, make it very attractive (at least to me).

What about Wifi?

Have you tested OpenVPN throughput?

Anything more you could provide on the Zotac ZBOX CI323 would be greatly appreciated.

Thanks,
Bob

OK:
I bought the box with something different in mind, so I havenīt built and measured VPNs yet. So sorry, no direct answer :)

Wireless does not seem to be supported at the moment, but I honestly didnīt try very much and will pull the wireless cards out anyway - in my case I use it cable based only.

What I did though is run a hypervisor on it and then have pfsense in a vm. Reason for this is twofold: First, instant firewall recovery by using a cloned VM, second: Utilizing the hardware (8GB, 4 cores) to run a second or third VM as syslog server or a dedicated separate security box. Just in case something is not available as a package yet or for trying stuff out, like the Sophos UTM for example, while keeping the main firewall running and untouched.

ESXi is a nightmare and soooo picky about hardware, it didntīt install and  I spent quite some time. That does not say much, but I gave up after trying most tips I found online.

Xen seems to work so far, 2 days uptime with no issues. However, I am unable to pass VLANs into pfsense, as the NICs are seen as xn0 instead em0. Not a big issue as long as weīre talking 7 VLANs or less, as one creates one xn interface per vlan on the hypervisor, so the pfsense box sees just native, untagged frames.

So yes, running pfsense on this box is very well possible minus the wifi, but thatīs from someone who has no interest in fixing the wireless part, there may be ways to get there.

















tazmo:
Thanks for the response... very interesting. One more question:

I can't seem to find what chipset the Gigabit ethernet cards use. I've looked a lot of places. It *seems* to be a Realtek card but I can't find a model number. I see you mention xn0 but that's a FreeBSD Xen NIC driver if I'm not mistaken...

Do you know what model it is?

Regardless, I just ordered one and of course, it's on backorder  >:(

Regardless, thanks for the response and I hope you Xen install continues to be a solid one...

Bob

Navigation

[0] Message Index

[#] Next page

Go to full version