gacpac Posted May 26, 2019 Share Posted May 26, 2019 I was going to buy a USG or an ASUS RT-AC66. But I decided to try pfsense first. I like and everything, it's somewhat complicated, but nothing you can fix with youtube. What I still don't find is how to use deep package inspection, monitor my internet speed and what every user downloads. Which is really easy with the alternatives I mentioned. I really like the port forward and the nat translation in the firewall rules, I must say. But I feel like I'm missing something. I know pfsense is enterprise grade so to speak. Have you guys felt the same way with this? Sent from my Pixel 2 XL using Tapatalk Quote Link to comment
1812 Posted May 26, 2019 Share Posted May 26, 2019 I used pfsense for years but recently switched over to Sophos UTM. It's... different, but as you mentioned, youtube for setting things up works fine. It seems to be developed more towards protection than pfsense, which functions more as a configurable firewall. Why did I switch? to better monitor and limit access to certain sites for specific users that should not have access to them. I also used opnsense in the past, a spinoff of pfsense. But it's essentially the same thing and updated more frequently (and with a nicer web gui.) Quote Link to comment
gacpac Posted May 26, 2019 Author Share Posted May 26, 2019 I switched because my router died yesterday. And it made perfect sense to try it, since everyone I know and forums tell that is way better.But to me it's not better. It's different, I can compare Pfsense to fortinet in that sense.I'm looking for the same as you, in that case, control sites, get to know which device is using more bandwidth. Like unifi or even ddwrt does. Sent from my Pixel 2 XL using Tapatalk Quote Link to comment
Lev Posted June 3, 2019 Share Posted June 3, 2019 On 5/26/2019 at 5:53 AM, gacpac said: USG or an ASUS RT-AC66 Between those two, definitely USG. I don't believe the ASUS RT-AC66 gets merlin builds anymore either. It's rather old. On 5/26/2019 at 5:53 AM, gacpac said: I know pfsense is enterprise grade so to speak. Have you guys felt the same way with this? Yes brother, you're not alone in feeling that way. 1 Quote Link to comment
gacpac Posted June 3, 2019 Author Share Posted June 3, 2019 I'll keep this until ubiquiti comes with something updated. Sent from my Pixel 2 XL using Tapatalk Quote Link to comment
perhansen Posted June 3, 2019 Share Posted June 3, 2019 I have been running untangle, with home licens, in a VM the last couple of years. I have had a little switch to pfsense and opnsense, but went right back to untangle. Yes it cost money, but you get way more stuff ready to use and then there is a lot of graphs and data to inspect, if you got the time for it. Sent from my iPhone using Tapatalk 1 Quote Link to comment
Lev Posted June 3, 2019 Share Posted June 3, 2019 3 hours ago, perhansen said: Yes it cost money, but you get way more stuff ready to use and then there is a lot of graphs and data to inspect, if you got the time for it. Thanks for this. Good things cost money, just like Unraid. I'm going to give untangle a try. 1 Quote Link to comment
jeff.lebowski Posted June 5, 2019 Share Posted June 5, 2019 Just like with unRAID, I'm a very basic user. pfsense saved me when I upgraded my internet to 400/25. I was shocked my RT-AC66U with merlin couldn't handle those speeds. I don't use any dockers; I only have the most basic settings enabled in pfsense. But both options do exactly what I need. Quote Link to comment
ijuarez Posted June 5, 2019 Share Posted June 5, 2019 On 5/26/2019 at 7:53 AM, gacpac said: I was going to buy a USG or an ASUS RT-AC66. But I decided to try pfsense first. I like and everything, it's somewhat complicated, but nothing you can fix with youtube. What I still don't find is how to use deep package inspection, monitor my internet speed and what every user downloads. Which is really easy with the alternatives I mentioned. I really like the port forward and the nat translation in the firewall rules, I must say. But I feel like I'm missing something. I know pfsense is enterprise grade so to speak. Have you guys felt the same way with this? Sent from my Pixel 2 XL using Tapatalk i believe you want to look at suricata for pfsense, all tools you mention a available just have to google and put a little effort into it. Quote Link to comment
mgworek Posted June 5, 2019 Share Posted June 5, 2019 I was looking at OPNsense which is a fork of pfense. Looks like it has a better GUI and might be easier to configure. 1 Quote Link to comment
gacpac Posted June 5, 2019 Author Share Posted June 5, 2019 I know suricata. I don't need exactly IDS. And to see everything I have to check a log. Right now ntopng is doing the job for me with the details I need for the workstations.Suricata is awesome but set this up properly I would need to add an external software to read a logs and getter a richer understanding of what's going on.Sent from my Pixel 2 XL using Tapatalk Quote Link to comment
gacpac Posted June 5, 2019 Author Share Posted June 5, 2019 I was looking at OPNsense which is a fork of pfense. Looks like it has a better GUI and might be easier to configure.I might try it out. Honestly I just love the GUI for unifi. But I don't feel like expending money for a rack mount USG. I'm waiting for a refresh in the current USG lineup Sent from my Pixel 2 XL using Tapatalk Quote Link to comment
Lev Posted June 5, 2019 Share Posted June 5, 2019 On 6/3/2019 at 1:35 PM, Lev said: I'm going to give untangle a try. I have used untangle for the last few days. Some thoughts... - Lots of charts and reports. Even a daily email with reports. Most if not all these reports the Unifi USG will also give, pfSense does not, or at least not without some work to setup initially. - Emails from the untangle sales team chat-bot. Even though I marked myself as a 'home' user, the automated bots are hot to sell me a license. - Very easy to setup and get running. Very easy user interface. I think this is it's main advantage over pfSense. After two days I completed what I wanted to find out about untangle and turned it off the server it was installed on. I'm happy I did it, I now know more than I did before and what works best for my use cases. I think my recommendation for @gacpac is to get started with Unifi USG as it'll cover 99% most use cases and it's integration with other Unifi products makes it so easy to manage a home or business network. Quote Link to comment
mgworek Posted June 5, 2019 Share Posted June 5, 2019 (edited) 36 minutes ago, gacpac said: I might try it out. Honestly I just love the GUI for unifi. But I don't feel like expending money for a rack mount USG. I'm waiting for a refresh in the current USG lineup Sent from my Pixel 2 XL using Tapatalk Yea, I love the interface as well but tired of waiting for them to refresh the lineup. It's temping to get a Dream Machine if I could ever catch it while it's in stock but it's not really what I want. I do understand the delay. They are writing a new OS for it and the DM is the guinea pig for it. Edited June 5, 2019 by mgworek Quote Link to comment
gacpac Posted June 5, 2019 Author Share Posted June 5, 2019 I have used untangle for the last few days. Some thoughts... - Lots of charts and reports. Even a daily email with reports. Most if not all these reports the Unifi USG will also give, pfSense does not, or at least not without some work to setup initially. - Emails from the untangle sales team chat-bot. Even though I marked myself as a 'home' user, the automated bots are hot to sell me a license. - Very easy to setup and get running. Very easy user interface. I think this is it's main advantage over pfSense. After two days I completed what I wanted to find out about untangle and turned it off the server it was installed on. I'm happy I did it, I now know more than I did before and what works best for my use cases. I think my recommendation for [mention=83915]gacpac[/mention] is to get started with Unifi USG as it'll cover 99% most use cases and it's integration with other Unifi products makes it so easy to manage a home or business network. I might as well do that. Honestly I'm a home user tired of shitty routers. That's all it isSent from my Pixel 2 XL using Tapatalk Quote Link to comment
Lev Posted June 5, 2019 Share Posted June 5, 2019 48 minutes ago, gacpac said: I'm waiting for a refresh in the current USG lineup We all are brother. I love my USG but how much I wish for something better beyond there current offerings. That said, it's still the best for my use case compared to the competition. 1 Quote Link to comment
JasonJoel Posted June 6, 2019 Share Posted June 6, 2019 I used to have a USG. Hated it, literally threw it in the trash. This was in the early days of the USG when it could do very little, and half of what it did do it did wrong. I acquiesce that it is MUCH better now. I've been using Untangle for years, and wouldn't switch back now. Fast, granular control, decent reporting, and most importantly has been working 24/7/365 for years with little interaction (other than self induced things like new rules, etc). 1 Quote Link to comment
gacpac Posted June 6, 2019 Author Share Posted June 6, 2019 I used to have a USG. Hated it, literally threw it in the trash. This was in the early days of the USG when it could do very little, and half of what it did do it did wrong. I acquiesce that it is MUCH better now. I've been using Untangle for years, and wouldn't switch back now. Fast, granular control, decent reporting, and most importantly has been working 24/7/365 for years with little interaction (other than self induced things like new rules, etc).That's why I still think before getting my hands in one. I might test untangle in a VM or something like that. Sent from my Pixel 2 XL using Tapatalk Quote Link to comment
ezhik Posted June 7, 2019 Share Posted June 7, 2019 I've been using OPNSense and SophosUTM (Home Edition) for years. Been a pretty solid setup. Quote Link to comment
JasonJoel Posted June 7, 2019 Share Posted June 7, 2019 (edited) I like Sophos... When big new releases come out I still tinker with it in my lab. I used to use it but had to move away from it when it had a 50 device limit for home use (I have >90 devices on my network, most of which need to connect outbound at some point)... Edited June 7, 2019 by JasonJoel Quote Link to comment
ezhik Posted June 9, 2019 Share Posted June 9, 2019 On 6/7/2019 at 7:01 PM, JasonJoel said: I like Sophos... When big new releases come out I still tinker with it in my lab. I used to use it but had to move away from it when it had a 50 device limit for home use (I have >90 devices on my network, most of which need to connect outbound at some point)... You can segregate those and put them behind another NAT Quote Link to comment
mgworek Posted June 12, 2019 Share Posted June 12, 2019 A new usg has been spotted!!!!! Guess they are staying with he Dream Machine name. UDMPro. Hopefully it hits early access soon. Top device with the just announced non pro switches that aren't for sale yet. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.