• zhill29@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    7 days ago

    I’ve been using an R210ii with PFSense for like 8 years now. It’s been rock solid and only sips like 20 watts.

  • Ferrous@lemmy.ml
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    12 days ago

    If you’re considering building your own firewall, you’ve started down a long path of homelabbing. I’d encourage you to start with a proper setup and allow yourself plenty of room to grow. You want your setup to be extensible, and the firewall is just the beginning.

    I’d grab at least a 15U rack and a Dell poweredge R210. Throw in a gigabit nic and install OPNsense. You’ll have room for your switches, NAS, UPS, etc… later.

    • interloper@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      12 days ago

      I basically did the same, picked up a 12U rack and a Dell R220 as my PfSense box.

      Been so stable and can handle anything.

    • Lemongrab@lemmy.one
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      11 days ago

      In that case OPNsense does the exact same thing but with a more intuative GUI. It originally was a fork of pfSense.

      • zhill29@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 days ago

        I’d agree the OPNsense UI is probably more intuitive if you’ve never touched PFSense but I found the OPNsense UI difficult coming from many years of PF.

      • some_guy@lemmy.sdf.org
        link
        fedilink
        arrow-up
        1
        ·
        11 days ago

        Which is why I said that I’m a purist. But whatever works, they’re both worth exploring. I got dug-in on my solution a decade ago and haven’t really had a reason to change once I learned it.

        • Lemongrab@lemmy.one
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 days ago

          Cus there isnt a reason to change if you are already super familiar with pfSense. They basically do the same stuff.

  • philpo@feddit.org
    link
    fedilink
    arrow-up
    11
    ·
    12 days ago

    OPNsense on any small scale dual LAN box, either a used mini PC or a purpose made one.

  • deadbeef79000@lemmy.nz
    link
    fedilink
    English
    arrow-up
    11
    ·
    edit-2
    12 days ago

    I bought a refurbished SFF PC and put a PCIe NIC in it. Installed opnSense.

    Cheap as chips. Supremely powerful.

  • poVoq@slrpnk.net
    link
    fedilink
    English
    arrow-up
    5
    ·
    12 days ago

    Any pc with two network ports and Ipfire will do. Easy to set up and configure.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      12 days ago

      Not necessarily the most performant setup depending on hardware. You want something that has a enough bandwidth.

    • PhilipTheBucket@ponder.cat
      link
      fedilink
      English
      arrow-up
      1
      ·
      12 days ago

      Go on ebay and look for refurbished PCs, it’ll probably be cheaper than buying a wireless router. It’ll take some setup but you will get the configurability you need, in spades.

  • TrippyHippyDan@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    12 days ago

    I don’t know what kind of specs you’re looking for for your system, but I’ve been very happy with my netgate.

    Though it’s still close to $200 for the lowest model, but comes with support if your not really sure what your doing.

    Netgate 1100 $189

    No link posted because I didn’t look at the rules for this community.

  • nul9o9@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    12 days ago

    I bought this Protectli Vault FW2B , and installed OPNSense strictly for firewall since I don’t control the router in my town home.

    I used this guide to set up a transparent bridge so I can filter out traffic before it gets to the subnet my property manager assigned to me.

    Setting it up was a great learning experience. One thing that was odd for me though, was that I had to change the label of the interfaces in the ui to match the label on the hardware.

    • Lem453@lemmy.ca
      link
      fedilink
      English
      arrow-up
      3
      ·
      12 days ago

      This. N100 box with Opnsense will serve you well for a decade+ until you want to upgrade to 10gbps.

      • fuckwit_mcbumcrumble@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 days ago

        I have an N100 box for my router and it’s great for singe gigabit or less. But > 1gbit and you really quickly need some serious hardware.

        At work I was using a VM with 2 cores from a xeon 4215 and it struggled to get anything more than 2 gbit. As soon as I bumped it up to 4 cores I was able to get the full 4gbit speeds. If I wanted to do any traffic shaping or packet inspection speeds would tank. Also my OpenVPN speeds kinda suck on this N100 device. They’re never great, but I can definitely tell I’m getting CPU bound vs when I ran it on my server. So if you plan on running extra services don’t expect the greatest performance.

        A lot of networking traffic is single core dependent so I’ve been trying to find one of those weird 5 core machines with 1 P core and 4 E cores which I think would be the perfect fit.

    • lungdart@lemmy.ca
      link
      fedilink
      English
      arrow-up
      2
      ·
      12 days ago

      Pfsense is built on this, but it has some free software issues.

      OpnSense was a pfsense fork from some of them original creators, that is free software.

      Both are fantastic.