Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: [1] 2

Author Topic: Yet Another pfSense Build!  (Read 2466 times)

displaced

  • Reg Member
  • ***
  • Posts: 119
Yet Another pfSense Build!
« on: February 05, 2017, 10:12:41 PM »

Must be something in the tap-water here, but I've been inspired to do a pfSense build too.

I've gone for one of these Qotom boxes, adding my own 4GB RAM and a 64GB mSATA board.

I currently have my Apple AirPort 802.11ac router performing gateway and PPPoE duties, with a home server (an HP MicroServer N40L) running DHCP and DNS (as well as a ton of other stuff).

I'm planning to shift all my 'infrastructure' services onto the pfSense box.  I'll also be able to simplify my cabling somewhat.  At the very least, with the pfSense taking over from the AirPort, I'll be able to do the fancy routing needed to get stats and WAN access from the HG612 over a single Ethernet cable instead of the two needed now.

My MicroServer's been running FreeBSD for years, and I've hand-configured isc-dhcpd, powerdns and all that gubbins on it.  But it seems much tidier and dare I say secure to have specific hardware for these sorts of things.  Doesn't sit quite right having my DHCP server on the same machine as my Minecraft server ;)

I'm playing with pfSense in a VM on my Mac until the hardware arrives.  I'm very, very impressed.  It's rare to find a GUI that logically presents even the most advanced options for configuration.  Plus, I'm a big fan of FreeBSD, so it's nice that it uses all the software I know well under the hood.

So, if anyone's interested, I'll keep updating this thread as and when stuff arrives and gets built.  Currently pondering the mission required to clean out and organise the cupboard under the stairs.  And picturing the pfSense box and the gigabit switch being mounted to the underside of one of the stair risers.  Nifty.

(small things, small minds, etc... ;))

Chris
Logged
Vodafone Landline+FTTC: Huawei HG612 modem, pfSense router, AirPort access points. Huawei DSLAM. GigE home LAN with Netgear ProSafe switches. Mac, FreeBSD and Win10.

displaced

  • Reg Member
  • ***
  • Posts: 119
Re: Yet Another pfSense Build!
« Reply #1 on: February 05, 2017, 10:18:06 PM »

Oh, a quick thought:  Can anyone remember if changing port settings/network configuration on an HG612 causes a reboot/resync?  I'm currently enjoying a stable line about 8Mbit faster than my alleged attainable rate due to a quick sync after a local power cut.  I'd like to keep that if possible, naturally :)
Logged
Vodafone Landline+FTTC: Huawei HG612 modem, pfSense router, AirPort access points. Huawei DSLAM. GigE home LAN with Netgear ProSafe switches. Mac, FreeBSD and Win10.

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 38807
  • Penguins CAN fly
    • DSLstats
Re: Yet Another pfSense Build!
« Reply #2 on: February 05, 2017, 10:51:29 PM »

Changing the port settings doesn't trigger a reboot (as far as I can remember), but beware of making a change to the port you're using to access the GUI, because that may lock you out. If that happens you'll have to do a factory reset of the modem.
Logged
  Eric

displaced

  • Reg Member
  • ***
  • Posts: 119
Re: Yet Another pfSense Build!
« Reply #3 on: February 05, 2017, 10:52:15 PM »

Got it -- thanks roseway.  Measure twice, cut once :)
Logged
Vodafone Landline+FTTC: Huawei HG612 modem, pfSense router, AirPort access points. Huawei DSLAM. GigE home LAN with Netgear ProSafe switches. Mac, FreeBSD and Win10.

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 20344
  • Over the Rainbow
    • The ELRepo Project
Re: Yet Another pfSense Build!
« Reply #4 on: February 05, 2017, 11:54:34 PM »

I know it's not something you would really like to read but I always advise caution when changing the configuration of any of the Huawei EchoLife HG6xx family (HG610, HG612 & HG622) via the GUI. Hence I recommend that the HG612 is disconnected from the xDSL circuit (and any other LAN doings) before it is reconfigured.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

displaced

  • Reg Member
  • ***
  • Posts: 119
Re: Yet Another pfSense Build!
« Reply #5 on: February 06, 2017, 04:14:25 PM »

Thanks, burakkucat!

Without wishing to sound more foolish than usual, what's the worst that can happen? :)

I'm naively thinking that if I mess something up I'll just do a factory reset (or even a reflash if needed) and carry on.  If I end up dropping the VDSL link then so be it, I suppose -- I'll need to make sure it doesn't happen too often and that there's 30 mins between drops.

It'd be nice to keep the extra Mbits from my fortunate sync, but nothing lasts forever :)
Logged
Vodafone Landline+FTTC: Huawei HG612 modem, pfSense router, AirPort access points. Huawei DSLAM. GigE home LAN with Netgear ProSafe switches. Mac, FreeBSD and Win10.

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 20344
  • Over the Rainbow
    • The ELRepo Project
Re: Yet Another pfSense Build!
« Reply #6 on: February 06, 2017, 04:37:49 PM »

Without wishing to sound more foolish than usual, what's the worst that can happen? :)

Either you are totally locked out, as Roseway has mentioned, above, or the connection is subjected to multiple "bounces", to which the DLM process takes exception and so it then attempts to "stabilise" the circuit.

I have always made a point of configuring/re-configuring a modem (or a modem/router) with it disconnected from the xDSL circuit.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

displaced

  • Reg Member
  • ***
  • Posts: 119
Re: Yet Another pfSense Build!
« Reply #7 on: February 06, 2017, 05:00:17 PM »

Makes perfect sense! 

I'll take the hit on losing my ill-gotten extra megabits and do it the proper way as you suggest! 

The 64GB mSATA storage arrived today.  I hadn't expected it to be quite so small!  RAM's arriving Wednesday and the Qotom PC will get here when it gets here. 
Logged
Vodafone Landline+FTTC: Huawei HG612 modem, pfSense router, AirPort access points. Huawei DSLAM. GigE home LAN with Netgear ProSafe switches. Mac, FreeBSD and Win10.

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 20344
  • Over the Rainbow
    • The ELRepo Project
Re: Yet Another pfSense Build!
« Reply #8 on: February 06, 2017, 05:02:45 PM »

. . . and the Qotom PC will get here when it gets here.

Shipped directly from China, I believe.  :-\
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Chunkers

  • Reg Member
  • ***
  • Posts: 327
  • Brick Wall head-banger
Re: Yet Another pfSense Build!
« Reply #9 on: February 06, 2017, 07:00:48 PM »

Must be something in the tap-water here, but I've been inspired to do a pfSense build too.

I've gone for one of these Qotom boxes, adding my own 4GB RAM and a 64GB mSATA board.


Great choice! I hope you didn't have to pay 36.51 shipping thought, seems a bit steep.
Look forward to hearing how it goes, I finished mine not too long ago and love pfSense

Chunks
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 2351
Re: Yet Another pfSense Build!
« Reply #10 on: February 06, 2017, 08:22:59 PM »

If it's coming from China you'd better watch out you don't get charged import duty  :fingers:

I ordered mine from a different seller on Amazon and it shipped from the Netherlands so no import duty. If using this seller you need to mention whether you want the SATA or mSATA version.
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 5031
Re: Yet Another pfSense Build!
« Reply #11 on: February 06, 2017, 08:23:36 PM »

I didnt pay import duty on my delivery from china.
Logged
Sky Fiber Pro - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 2351
Re: Yet Another pfSense Build!
« Reply #12 on: February 06, 2017, 08:28:43 PM »

Shhhh, don't tell customs and excise. It really depends what the seller puts on the goods (description/value), and whether it gets picked up, they can't physically check every single parcel.
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 5031
Re: Yet Another pfSense Build!
« Reply #13 on: February 06, 2017, 08:45:40 PM »

yeah I figured I got lucky :)
Logged
Sky Fiber Pro - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab

displaced

  • Reg Member
  • ***
  • Posts: 119
Re: Yet Another pfSense Build!
« Reply #14 on: February 07, 2017, 11:35:54 AM »

Hehe -- yeah, the delivery cost's gone up a bit since I ordered.  They were quoting the quickest delivery date on Amazon at the time.  Hope I have a bit of luck with customs!

Apparently Apple are getting out of the router business, which is a shame since I've found them to perform well and be really reliable.  Sure, there's no fancy feature set, but it does the job.  Plus, they've historically been rather secure. 

But I don't fancy having a network edge device which isn't actively supported.  And there's been so many router hacks recently that I thought I'd go for pfSense.

Mostly, I'm interested to get a look at what UPNP and NAT-PMP forwards are being established by my home devices.  We've got a couple of 'black-box' gadgets on our LAN now which need legitimate port forwards, but I'd like to see what they're up to and have the option of blocking them if necessary.

Logged
Vodafone Landline+FTTC: Huawei HG612 modem, pfSense router, AirPort access points. Huawei DSLAM. GigE home LAN with Netgear ProSafe switches. Mac, FreeBSD and Win10.
Pages: [1] 2