joelones Posted February 8, 2018 Share Posted February 8, 2018 (edited) 12 hours ago, Loch said: Just went through the router/firewall upgrade. It sounds like pfSense is going to start limiting its usability on older systems by only functioning on processors supporting AES-NI. That gives a few years of processors to work with but my old C2D would be left out in the cold with the upgrade. If you are trying to recycle some older hardware, you might want to look at OPNSense. It's rather similar (FreeBSD and fork from MoNoWall just as pfSense - infact it's actually recommended by the MoNoWall people) but it has had a lot more rapid development recently. There are some developmental/philosophical differences but I find the GUI more appealing. There is smaller but seemingly friendly community as well (some complain about the pfSense forums). I used a 4 port Intel NIC and it works like a champ. Geez, just noticed the AES-NI requirement now, I thought it was a "nice-to-have" feature not future requirement. Probably no better time to move pfSense off of my old Xeon ESXi box. Looking for an old i5 now.. Edited February 8, 2018 by joelones Quote Link to comment
mrow Posted February 10, 2018 Share Posted February 10, 2018 On 2/8/2018 at 10:46 AM, joelones said: Geez, just noticed the AES-NI requirement now, I thought it was a "nice-to-have" feature not future requirement. Probably no better time to move pfSense off of my old Xeon ESXi box. Looking for an old i5 now.. AES-NI is required for version 2.4 and any future versions. They plan to maintain version 2.3 for a while to hold peopl over until they can upgrade their hardware. You could always use the hardware you have no and upgrade when you get some equipment. Quote Link to comment
Loch Posted February 10, 2018 Share Posted February 10, 2018 2 hours ago, mrow said: AES-NI is required for version 2.4 and any future versions. They plan to maintain version 2.3 for a while to hold peopl over until they can upgrade their hardware. You could always use the hardware you have no and upgrade when you get some equipment. Well that is good information, but since I was just starting out, seemed silly to spend $$$ on new hardware or get stuck on an EOL course. OPNSense is very similar to pfSense and I can run it on almost any old hardware I have lying around. Hey, my router was a P3 until about a month ago! Quote Link to comment
wayner Posted February 14, 2018 Share Posted February 14, 2018 Another vote for Unifi USG here. I have five APs in and around my house plus the USG and I will likely be adding Unifi switches in the future. I run the Unifi controller in a Docker container on my unRAID server. Quote Link to comment
spazmc Posted February 22, 2018 Share Posted February 22, 2018 (edited) I too am looking for router options. Ipfire and Opensense seam to have a steep learning curve, that I do not have time to invest.(but will if i must) Is the Unifi USG a simpler solution? Looking for something with simple upnp support so I don't have to become a full time network admin. Family will hang me if Skyp, xbox etc. don't work. With out me spending lots if time to setup. If it is not to bad to setup the USG for my present needs I can mess with advanced feature latter. Edited February 22, 2018 by spazmc oups Quote Link to comment
tdallen Posted February 22, 2018 Share Posted February 22, 2018 My experience so far with the USG is that it is an out of the box solution that will pretty much "just work" with minimal setup. It's not cheap, though, and really only makes sense if you plan to run several pieces of Unifi equipment. I'd go with their EdgeRouter if you just want a router, but I'm very happy so far with my USG/Switch-16/3-AP setup. Quote Link to comment
Hoopster Posted February 23, 2018 Share Posted February 23, 2018 12 hours ago, spazmc said: Is the Unifi USG a simpler solution? Looking for something with simple upnp support so I don't have to become a full time network admin. The USG is pretty simple to get going initially. Be advised that UPnP is not enabled by default, but, it is very simple to enable in the Settings>Services>UPNP page. The EdgeRouter is very similar and would also be a fine choice. Quote Link to comment
spazmc Posted February 23, 2018 Share Posted February 23, 2018 (edited) That is good to know. I may go with the USG it sound like decent hardware. And only $120 on Amazon. I've bin think of going with one their AP's for the 2nd floor. Edited March 2, 2018 by spazmc spazmc Quote Link to comment
Hoopster Posted February 23, 2018 Share Posted February 23, 2018 (edited) 1 hour ago, spazmc said: That is go to know. I may go with the USG it sound like decent hardware. And only $120 on Amazon. I've bin think of going with one their AP's for the 2nd floor. Do a little looking around. The least expensive in stock USG I have seen recently is $113 (FS and no tax outside NY) at B&H photo. However, I got mine in the Fall at Newegg for $95 on sale. Newegg had at least 2-3 !0% off sales on Ubiquiti gear late last year. They have another one going on now, but, unfortunately, it is for more obscure Ubiquiti products. Unless they have all raised prices this year, the USG "normal" price at most resellers last year was $109.99 and both Newegg and Amazon briefly had it at $95. If you do go with the UniFi USG/APs, manage it with the Ubiquiti UniFi Controller docker for unRAID. You certainly don't need to set up a Windows machine with java as many do (those unfortunate enough to not have an unRAID server) to manage the USG/switches/APs. Edited February 23, 2018 by Hoopster Quote Link to comment
rorton Posted February 23, 2018 Share Posted February 23, 2018 Edgerouter here too - i do have a few Unifi AP's and the unifi controller running in a docker, and am toying with a USG, but i have some config for DNS and other bits of VPNS that people say there may be issue translating over as with how you have to build a file (json is it?) so will stick with the Edgerouter for now. Quote Link to comment
Frank1940 Posted February 26, 2018 Share Posted February 26, 2018 (edited) By the way, I found an easy way to config my Ubiquiti EdgeRouter (ER-X) for allow the use of dns passthrough for provisioning using the GUI. Your Ubiquiti has to have a version of EdgeOS that has the 'Config Tree' tab in the router's GUI. Normally, to do this you would use the Command Line Interface (CLI) and type this instruction (plus a lot of others to complete the housekeeping): set service dns forwarding options rebind-domain-ok=/unraid.net/ Using the GUI with the Config Tree tab, open the Tab up and click service in the tree in the left pane (configuration). continuing on the same manner, click on dns then on forwarding Now in the right pane, you will see several choices of parameters that can be set. You want to add a option, so click on the + Add button to the right of options and a window will open up. Enter the following (copy-and-paste would be my choice) into that window: rebind-domain-ok=/unraid.net/ At the Bottom of the Right pane, you will see a Preview button, click on that. A window will show the command line that will be added to the configuration file. It should be what you would have had to enter if you were using the CLI. Click on Apply and you are done. EDIT: A bit of research indicates that the Ubiquiti Edgerouter X and Ubiquiti Edgepoint product lines have the GUI interface with the Config Tree tab. If you have an older router, you might have to upgrade the OS on the router to the 1.9.0 version or later. (That is probably a good idea anyway.!) Edited February 27, 2018 by Frank1940 1 Quote Link to comment
hernandito Posted March 13, 2018 Share Posted March 13, 2018 (edited) For 2 days I tried the Edgerouter X and I could not get it to do basic routing in my network. Even using the common wizard setup. My pc’s would not get internet connection. My ultimate goal is to use Pihole in a VM, I am not a router pro, but not a newbie either. I ended switching to an ASUS AC66U, and it was painless. Pihole works like a charm. I disabled the WiFi Radios as I have a Unifi AP. In retrospect, I could have gone w the USG, but got nervous. Edited March 13, 2018 by hernandito Quote Link to comment
hernandito Posted March 13, 2018 Share Posted March 13, 2018 My wife and kid are going on a long trip soon. Maybe I will give it a try then, without anyone screaming at me that the internet is not working. incredible to think some people have never lived in a world without the internet. Quote Link to comment
Frank1940 Posted March 13, 2018 Share Posted March 13, 2018 Be sure to 4 minutes ago, hernandito said: Maybe I will give it a try then, without anyone screaming at me that the internet is not working. Be sure to try the 'Reset' button on the back after reading the "Quick Start Guide". Don't forget, you could have gotten a DOA unit. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.