pfSense Support Subscription

Author Topic: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN  (Read 2170 times)

0 Members and 1 Guest are viewing this topic.

Offline jaime10

  • Newbie
  • *
  • Posts: 17
    • View Profile
Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« on: April 25, 2012, 07:36:20 am »
Hi,

I've been looking for a lot of specifications in the forum but I haven't find anything for my home lab.

I would like a little passive server for my home lab just 2 or 3 users, with pfsense + snort + squiz + openvpn (to test things in my lab when I'm at the office for example), I just need 2 NICs because I have a Cisco Switch so I will use VLAN.

I've been having a look over the Intel D2500CC but it seems to have problems with 64 bit so are there any other similar to it? You think that this cpu will be able to handle everything?

For RAM I'm thinking in 4GB and a SATA 2,5 or 3,5 drive. Are drives like SSD16Gb better for my purpose?

Thank you in advance,

Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8082
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #1 on: April 25, 2012, 08:11:22 am »
It really depends on what bandwidth you are hoping to acheive.
The Atom D2500 will likely be capable of >700Mbps of firewall/NAT. That will be reduced by adding packages or running VPNs etc.

Steve

Offline jaime10

  • Newbie
  • *
  • Posts: 17
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #2 on: April 25, 2012, 09:16:46 am »
Hi Steve,

I have a DSL with 20/1 mb, so I think that bandwidth won't be a problem.

Do you know any other MB supporting the 64 bits version.

Offline dreamslacker

  • Hero Member
  • *****
  • Posts: 808
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #3 on: April 25, 2012, 10:40:06 am »
If you have a VLAN capable gigabit switch, you only need 1 NIC for your needs.  There are several choices including the AMD Fusion APU based boards that you can consider.

Offline jaime10

  • Newbie
  • *
  • Posts: 17
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #4 on: April 25, 2012, 11:16:09 am »
I have a Fastethernet (Cisco 3550) so I need two NICs.

I'll have a look on these AMD!

Can you tell me any example of AMD? I'm looking in the vendors site like Asus, Asrock and Gigabyte but I just find mini-ITX with Atom!
« Last Edit: April 25, 2012, 11:26:37 am by jaime10 »

Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8082
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #5 on: April 25, 2012, 11:31:34 am »
Could you reference where people are having a problem with this board?

If it can't run 64bit with 2.0.1 it may well be able to under 2.1 (FreeBSD 8.3). Additionally why do you want to run 64bit? It provides almost no advantage in this situation. Indeed because there are many more people running 32bit it is the better tested of the two versions.

Steve

Offline jaime10

  • Newbie
  • *
  • Posts: 17
    • View Profile

Offline jaime10

  • Newbie
  • *
  • Posts: 17
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #7 on: April 26, 2012, 04:15:37 am »
I've been looking for a lot of MB mini-itx both with AMD and Intel but I just find the D2500CC with 2 x NICs and a low price so I think that I'll get this board finally. I would like to use the 64 bit version to use the 4GB RAM. Maybe 2Gb are enough for my requirements?

I'm a little bit confuse with the hardware to use for my purpose...

Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8082
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #8 on: April 26, 2012, 06:15:25 am »
I would expect 2GB is plenty for home use. You can probably get 3.5 or something similar anyway. 4GB is the theoretical limit with a 32bit OS but some overheads reduce this.
Running snort you can never have too much ram though. There are plenty of people running pfSense on the Alix box and that has 256MB, though I suspect not many of them running snort!  ;)

Steve
« Last Edit: April 26, 2012, 06:24:14 am by stephenw10 »

Offline jaime10

  • Newbie
  • *
  • Posts: 17
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #9 on: April 26, 2012, 07:41:40 am »
Sure, Snort is really hungry like the pig of the logo hehe.

Maybe I'm going to buy the D2700MUD it has a better CPU, just one NIC but I have some NICs at home to put in the PCI and is little bit cheaper!

Offline jaime10

  • Newbie
  • *
  • Posts: 17
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #10 on: April 29, 2012, 10:58:52 am »
Finally, I'm going to purchase a solution "out of the box" from ebay a with a better price than if I get everything by my myself.

MB - Asrock AD2700
CPU - Intel Atom 2700
RAM - 4GB
SSD 16GB

It will be fanless, 16GB for the storage will be enough for my purpose?

Maybe it's an overkill configuration for my homelab but, I haven't find anything with a lower price (200) and this type of power comsuption.

I don't know if I can paste the link here so if someone is interested just send me a PM.


Offline jaime10

  • Newbie
  • *
  • Posts: 17
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #11 on: May 01, 2012, 10:40:36 am »
I'm waiting for my little new machine.

Based on your experience, what is better to use the full install or the nanoBSD with my 16GB SSD Kingston?

THanks!

Offline stephenw10

  • Hero Member
  • *****
  • Posts: 8082
    • View Profile
Re: Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN
« Reply #12 on: May 01, 2012, 12:10:49 pm »
You should be able to use either though some of those Kingston drives have a nasty reputation, looks like the 8GB version though.

Personally I would use the NanoBSD install and see how it goes. If you find it too restrictive you can always switch to a full install later.

Steve