Netgate SG-1000 microFirewall

Author Topic: Hardware recommendations ATT 1gig up and down  (Read 1381 times)

0 Members and 1 Guest are viewing this topic.

Offline psycaz

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #15 on: March 27, 2018, 04:15:05 pm »
Iíve got a fx8320e. It should be enough. I just think the app isnít that great for the pc nor android. I mean, it works, but the speed hits I take are horrible. Now it could be ATT not liking the vpn, but on my iPad, I max the WiFi at 350-400 with PIA turned off, always over 200 when itís turned on. So that version works fine.
I run my VPN client in pfSense as well and route everything except my work laptop through it. I know you said it works fine on your iPad, but have you tried a different server for PIA?

I had issues with 3 servers with my VPN provider before I settled on the 4th one. And the weird thing is that the 3 that were flaky were in the same city that I am in and the one that I am now using and has been stable ever since is 800 miles away.

Iíve tried multiple servers. I switch if Iím not seeing good speeds, hoping to find one. I find the Midwest to be the best for me most of the time. Every once in awhile Iíll need to move to the New York server.
One thing with using VPN in pfSense instead of using a client on the PC itself is that it's not as easy to quickly change servers. You also cannot change servers for just one device/PC, unless you have already created multiple VPN interfaces in pfSense and route every device through a different interface.

So, if you are using VPN only to hide data from your ISP, it shouldn't be a problem. But if you are using it to avoid geo-location then it might be a pain to constantly switch VPN servers. Also, as you may have noticed many websites/apps don't work behind a VPN.

I recently noticed that TurboTax and TaxAct don't work if I am routing my desktop through the VPN interface. I have to go directly through my ISP. Same with Amazon app on the phone. The Amazon website works, but the phone app only shows me pictures of dogs and tells me "something went wrong"

I am starting to think getting VPN is now more of a hassle especially when my wife starts complaining about not being able to shop on Amazon app while on wifi.

See, my wife is why Iím only going to do wired connections to the box. The WiFi stuff can go on as they have been. I wonít have to hear about things not loading or working.

If I need my pc to use a non-vpn connection, Iíll just switch cables to the ATT gateway.

Offline Inxsible

  • Jr. Member
  • **
  • Posts: 99
  • Karma: +1/-1
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #16 on: March 27, 2018, 04:56:29 pm »
See, my wife is why Iím only going to do wired connections to the box. The WiFi stuff can go on as they have been. I wonít have to hear about things not loading or working.

If I need my pc to use a non-vpn connection, Iíll just switch cables to the ATT gateway.
That's smart. You could also create an alias and add or remove your PC from that alias depending on whether that alias is being routed via the VPN gateway or the ISP gateway.

For eg. I have an alias for my work laptop so that it goes out the ISP. When I needed to do my taxes, I just put my desktop in the same alias until I was done with the taxes and then removed it from the alias again.

Offline psycaz

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #17 on: March 29, 2018, 07:41:40 am »
Well the pc I was looking at acquiring is not available to me any longer. Iíll keep an eye out for something cheap but functional thatíll support AES-NI.

I have an old Compaq with a Core 2 Duo E8600 in it Iím going to start with once the NIC gets here. Itíll give me a chance to play with and learn Pfsense while hunting a pc or parts.

Itíll have 8gb ram and Iíll use that 16gb ssd as the hd. It should be enough for me to familiarize myself a bit with Pfsense.

Offline Inxsible

  • Jr. Member
  • **
  • Posts: 99
  • Karma: +1/-1
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #18 on: March 29, 2018, 03:09:01 pm »
Well the pc I was looking at acquiring is not available to me any longer. Iíll keep an eye out for something cheap but functional thatíll support AES-NI.

I have an old Compaq with a Core 2 Duo E8600 in it Iím going to start with once the NIC gets here. Itíll give me a chance to play with and learn Pfsense while hunting a pc or parts.

Itíll have 8gb ram and Iíll use that 16gb ssd as the hd. It should be enough for me to familiarize myself a bit with Pfsense.
Keep us posted.

I got myself a i340-T4 as well for the same price as that of T2 (at least when I was looking). Now I have my RAM and motherboard (AsRock J3355B) on order.

Offline psycaz

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #19 on: March 30, 2018, 09:32:53 am »
Well the pc I was looking at acquiring is not available to me any longer. Iíll keep an eye out for something cheap but functional thatíll support AES-NI.

I have an old Compaq with a Core 2 Duo E8600 in it Iím going to start with once the NIC gets here. Itíll give me a chance to play with and learn Pfsense while hunting a pc or parts.

Itíll have 8gb ram and Iíll use that 16gb ssd as the hd. It should be enough for me to familiarize myself a bit with Pfsense.
Keep us posted.

I got myself a i340-T4 as well for the same price as that of T2 (at least when I was looking). Now I have my RAM and motherboard (AsRock J3355B) on order.

Glad you found a t4 for the same price. Makes it easy on which to buy. My nic should be here Saturday so I hope to start this weekend.

Offline psycaz

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #20 on: April 02, 2018, 02:43:28 pm »
This is not going as Iíd hoped.

The old pic I was going to use to toy with doesnít have a slot to accommodate the i390-t4. So I decided to use my main pc (amd fx8320e) and just disconnect all the hard drives and use an usb drive to just try out pfsense.

Install went fine. But I can not connect to the web GUI no matter what. Tried from two other computers. Tried reinstalling pfsense from scratch - twice. Tried with leaving the wan cable unplugged when installing. No luck. I canít even ping the pfsense machine.

Iím lost and confused. Time for a break and see if I can find where I making a mistake.

Good luck inxisble. I hope your build goes well.

Offline Inxsible

  • Jr. Member
  • **
  • Posts: 99
  • Karma: +1/-1
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #21 on: April 09, 2018, 09:36:39 am »
This is not going as Iíd hoped.

The old pic I was going to use to toy with doesnít have a slot to accommodate the i390-t4. So I decided to use my main pc (amd fx8320e) and just disconnect all the hard drives and use an usb drive to just try out pfsense.

Install went fine. But I can not connect to the web GUI no matter what. Tried from two other computers. Tried reinstalling pfsense from scratch - twice. Tried with leaving the wan cable unplugged when installing. No luck. I canít even ping the pfsense machine.

Iím lost and confused. Time for a break and see if I can find where I making a mistake.

Good luck inxisble. I hope your build goes well.
Not great luck here either.

Got the J3355B board and RAM... tested well. No errors in memtest+. But once I connect the NIC and restart, I get the AsRock splash screen and then the motherboard shuts down. I might have to RMA the NIC back to Ebay :(

Offline psycaz

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #22 on: April 09, 2018, 09:47:59 pm »
Update

Found an old hard drive and used that, coupled with a single port intel nic I got off eBay. Finally got it up and running to play with. The computer has an e7600 core2duo in it.

I did manage to snag a Compaq 6200 pro mt w i5-2400 in it relatively waiting for it to come in.

Next problem is when using the old pc, my speed when connected to Pia are way lower than expected.

Laptop through pfsense gets 400/400 off my gigabit line. Once I turn on PIA, it drops to 50-90/90, down/up.

Changing the port to dmz+ on the 5268ac did nothing to change the speeds. I made sure to reboot the router and pfsense computer.

Hoping itís an issue with the e7600 not using aes-ni. The onboard nic in the pc is supposed to be intel. New pc is supposed to come in tomorrow. Should have it up and running in an hour if it does.

Hereís hoping for better luck.

Better luck to you to Inxsible

Offline stephenw10

  • Administrator
  • Hero Member
  • *****
  • Posts: 12275
  • Karma: +494/-15
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #23 on: April 11, 2018, 06:02:53 pm »
What throughput are you expecting to see over OpenVPN?

400Mbps is fast for OpenVPN using a single connection. Also many providers will not reach that speed, though I believe I've seen reports PIA will.

Steve

Offline psycaz

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #24 on: April 11, 2018, 08:37:36 pm »
The 400 was with openvpn not setup yet. I was just testing connectivity.

New pc came in yesterday. I canít get the i340-t4 to work. But I got it all running with the single port nic I picked up.

900+ up and down just testing connectivity. Once OpenVpn was setup for PIA, I got 300-400 down, 250-300 up. Thatís with pfsense not set on my 5268ac to DMZ+ To completely bypass the gateway.

Thatís faster than Iíve ever been able to get at night with any device in my house for PIA. Iím quite happy with that. I realize I could probably get faster using the DMZ+ function to completely remove my 5268ac gateway from the equation, but I want to make sure I donít leave the other things using the gateway exposed to the web.

Next, I wouldnít mind figuring out how to add wireless internet access through pfsense now. The pc doesnít have any wireless adapter that I setup pfsense on. Reading up on if itís possible and what would be required to make it work.

Offline stephenw10

  • Administrator
  • Hero Member
  • *****
  • Posts: 12275
  • Karma: +494/-15
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #25 on: April 15, 2018, 04:59:15 pm »
It's almost always better to use an external access point of some sort. You can usually position it better and you can get whatever the latest greatest wifi technology is. With a wifi device in pfSense you can only use 802.11N.

Steve

Offline psycaz

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #26 on: April 15, 2018, 11:28:40 pm »
Thanks Steve.

Is there one thatís recommended?

I have a Netgear R7000 I could try to use if that would work. Never could get it setup the way I wanted. Thatís running did-wrt. I can put the firmware to stock too.

Offline SammyWoo

  • Full Member
  • ***
  • Posts: 189
  • Karma: +8/-2
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #27 on: April 16, 2018, 01:42:43 am »
I have a Netgear R7000 I could try to use if that would work.

Why wouldn't it work? what's wrong with it?

Quote
Never could get it setup the way I wanted.

Which is?


If this R7000 has a WAN port, the easiest way to set it up is in bridge mode (no NAT) and simplest to integrated into a LAN with a dedicated FW.

Buy I agree with him, have your WIFI in a separate box because your FW will tend to be in a corner closet, while the WIFI antenna most likely needs to be centrally located, in between other advantages as already mentioned.

Offline stephenw10

  • Administrator
  • Hero Member
  • *****
  • Posts: 12275
  • Karma: +494/-15
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #28 on: April 16, 2018, 06:23:19 am »
Yup, should work fine. I imagine DD-WRT gives you some more options over the default firmware including 'access point only mode' or something similar.

Even if it doesn't you can just disable DHCP on it and connect to it's LAN ports.

https://doc.pfsense.org/index.php/Use_an_existing_wireless_router_with_pfSense

Steve

Offline messerchmidt

  • Sr. Member
  • ****
  • Posts: 309
  • Karma: +11/-4
    • View Profile
Re: Hardware recommendations ATT 1gig up and down
« Reply #29 on: April 16, 2018, 01:31:57 pm »
run ddwrt on the r7000, add a laptop cooler to power off the usb port, as use it as a AP

let the pc do pfsense