Pfsense Setup

C

csc003

Well-Known Member
Joined
Oct 14, 2015
Messages
129
Reaction score
10
Location
Kempton Park
Hi @All

Just curious who uses Pfsense for their home network and what have you configured on Pfsense in terms of hardware / packages / security etc etc

Charl
 
Last edited:
like @Mzezman :p:popcorn: i am here for the ride...interested in the same topic. have a mikrotik rb4011 but its just a mission for me to figure out how to run and config. wondering if pfsense setup will be better fit for me..
 
nad_isa said:
like @Mzezman :p:popcorn: i am here for the ride...interested in the same topic. have a mikrotik rb4011 but its just a mission for me to figure out how to run and config. wondering if pfsense setup will be better fit for me..
Click to expand...
Interesting that you would mention that. Have a friend that used pfsense for years and then picked up a mikrotik router from a friend (proper enterprise class one not sure of the model number) and he pointed out its next level to configure and possibilities are endless and is definitely not lacking any features. I use pfsense as its firstly free and has too all the features you would find in your enterprise paid firewalls.

Also the pfsense community is vast so how to's and configuring the pfsence firewall information is endless
 
Used it once to see if I could reduce bufferbloat.

Then had fibre installed at my home and installed OpenWRT on the same machine while I waited for a router from the ISP.

Have not tinkered too much with either.
 
csc003 said:
Interesting that you would mention that. Have a friend that used pfsense for years and then picked up a mikrotik router from a friend (proper enterprise class one not sure of the model number) and he pointed out its next level to configure and possibilities are endless and is definitely not lacking any features. I use pfsense as its firstly free and has too all the features you would find in your enterprise paid firewalls.

Also the pfsense community is vast so how to's and configuring the pfsence firewall information is endless
Click to expand...

I have an rb4011, im no expert but likely a prosumer grade device. but the software is pretty much the same across the consumer line. its definitely a learning curve if you used to GUI's and the 'makro shelf' routers like asus etc.

im a newbie and took hours of videos and read ups to get up to speed.

Features Im using at the moment software-related:
- two subnets (one for main house, one for tenant)
- Some generic firewall parameters
- QOS on a subnet (bandwidth limiting all traffic on the second subnet)

Features im planning on using:
- VPN via wireguard
- vlan setup
- more advanced QOS (by subnet, device/ip, type of traffic)

Now im hoping pfsense can do the above alot more intuitively than the mikrotik.

from a Hardware perspective though key features im using is the below which might not be available by pfsense setup:

- POE in (currently powering the mikrotik via POE with a mini UPS)
- POE out (im powering a unifi AP via POE out meaning im powering the router, ap and ONT via one ups). It only last around 2 hours but im planning on getting a second unit to ease the load and power a second AP.
 
netstrider said:
Used it once to see if I could reduce bufferbloat.

Then had fibre installed at my home and installed OpenWRT on the same machine while I waited for a router from the ISP.

Have not tinkered too much with either.
Click to expand...
pardon my ignorance - what is bufferbloat?
 
nad_isa said:
pardon my ignorance - what is bufferbloat?
Click to expand...
It is the increase in latency while downloading or uploading.

You may have a ping of 10ms but it may spike to 70 while uploading for example.

You can test it at dslreports.

Ideally, for gaming and so, you want the fluctuation to be minimal.
 
For the record, I found OpenWRT to be marginally better due to the support for CAKE in reducing bufferbloat.
 
Easy way to see it for yourself is ping mybroadband continuously and then start doing a speedtest.
 
netstrider said:
For the record, I found OpenWRT to be marginally better due to the support for CAKE in reducing bufferbloat.
Click to expand...
Im using pfsense with my ONT plugged directly into my pfsense. With Cool Ideas ISP and have never seen more than 1ms latency with constant 980 mbps download and 200 mbps upload.

Am i understanding incorrectly??
 
csc003 said:
Im using pfsense with my ONT plugged directly into my pfsense. With Cool Ideas ISP and have never seen more than 1ms latency with constant 980 mbps download and 200 mbps upload.

Am i understanding incorrectly??
Click to expand...
See my last post.

Look at the ping in your cmd/terminal before the speedtest and when download and upload starts.

For pfSense you need to enable fqcodel and adjust according to your line to see improvements. There are docs online.
 
nad_isa said:
I have an rb4011, im no expert but likely a prosumer grade device. but the software is pretty much the same across the consumer line. its definitely a learning curve if you used to GUI's and the 'makro shelf' routers like asus etc.

im a newbie and took hours of videos and read ups to get up to speed.

Features Im using at the moment software-related:
- two subnets (one for main house, one for tenant)
- Some generic firewall parameters
- QOS on a subnet (bandwidth limiting all traffic on the second subnet)

Features im planning on using:
- VPN via wireguard
- vlan setup
- more advanced QOS (by subnet, device/ip, type of traffic)

Now im hoping pfsense can do the above alot more intuitively than the mikrotik.

from a Hardware perspective though key features im using is the below which might not be available by pfsense setup:

- POE in (currently powering the mikrotik via POE with a mini UPS)
- POE out (im powering a unifi AP via POE out meaning im powering the router, ap and ONT via one ups). It only last around 2 hours but im planning on getting a second unit to ease the load and power a second AP.
Click to expand...
You can install pfSense, OpenSense, OpenWRT, IPFire etc on pretty much any hardware.

Takealot even has some of them listed, for example, https://www.takealot.com/ionn-fanle...ded-pc-l-4-lan-l-network-applian/PLID65537697
 
nad_isa said:
like @Mzezman :p:popcorn: i am here for the ride...interested in the same topic. have a mikrotik rb4011 but its just a mission for me to figure out how to run and config. wondering if pfsense setup will be better fit for me..
Click to expand...
Hi so my friend has the smaller mikrotik at this stage the rb2 series he asked if you consider to go full blown pfsense and want to sell the rb4011 i must let him know as he will be interested to buy it if the price is right
 
Busy with the setup now, wanted to go with opnsense but pfsense Dashboard looks much better.
They Both almost have identical features and plugins.

Now to decide what I'm going for.
 
Awesome!!

Do let me know which route you go.

Ive read about opnsense but never actually got around to loading or playing around with it. My Pfsense just works so happy with pfsense at this point....does what it needs / what i want it to do :-)
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X