pfSense firewalls for sale

  • 1
  • Idea
  • Updated 5 months ago
If anybody is interested in a pfSense firewall, I have plans to build half a dozen or so based on a stock of multi-port Gigabit Ethernet cards I have on hand.

I finished the first one today and I've listed it on eBay. I would sell at a lower price privately due to the fees. If you are interested please contact me for the friends and (Flex) family discount and other details. My email is good on qrz.com.

I built an identical one for myself and they are really great firewalls, and future proof considering the AMD CPU has AES-NI, so it will be compatible with the next major release of pfSense.

Danny
K5CG
Photo of Danny K5CG

Danny K5CG

  • 334 Posts
  • 52 Reply Likes

Posted 5 months ago

  • 1
Photo of Danny K5CG

Danny K5CG

  • 334 Posts
  • 52 Reply Likes
This unit was purchased by a Flex Community Ham and it's no longer available on eBay. I'll post some pictures of the next unit when it is ready to go.

Thanks

Photo of K6OZY

K6OZY, Elmer

  • 541 Posts
  • 211 Reply Likes
Can it sustain 1Gbps ~ (950Mbps realistically) both directions?   I'd like to see some iperf reports if so.
Photo of Danny K5CG

Danny K5CG

  • 334 Posts
  • 52 Reply Likes
I'll get some iperf results from another machine through one of these to the iperf server running on my "production" pfSense over GigE Ethernet.

If I were to put a 10GbE card in it and run an iperf test to another 10GbE connected machine, would that be useful to know?
Photo of K6OZY

K6OZY, Elmer

  • 541 Posts
  • 211 Reply Likes
Yes that would be great.  That would remove the 1Gbs bounce off 950mbps limit.   I've been looking for the lowest cost pfSense build that can sustain gigabit.

This unit surprisingly can handle gigabit:  https://store.netgate.com/MBT-4220-system.aspx I tested this with iperf.
(Edited)
Photo of Danny K5CG

Danny K5CG

  • 334 Posts
  • 52 Reply Likes
I ran an iperf test from my current pfSense FW as the client to a freenas server as the server over CAT5. The CPU in the T620 hit 41% during the test.
Client connecting to 192.168.1.12, TCP port 5001
TCP window size: 64.2 KByte (default)
------------------------------------------------------------
[  3] local 192.168.1.1 port 30289 connected with 192.168.1.12 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   958 MBytes   804 Mbits/sec

Photo of K6OZY

K6OZY, Elmer

  • 541 Posts
  • 211 Reply Likes
Hmm. That’s not quite gigabit saturation. With TCP overhead, you should be able to run the test for as long as you want and have it be close to 940-950Mbps sustained.
Photo of Danny K5CG

Danny K5CG

  • 334 Posts
  • 52 Reply Likes
Well, this is my "production" firewall which has a bunch of services running too. pfBlocker, ntopng, OpenVPN server. I'll be able to do a cleaner test once I build the next one. Due to arrive on the 24th. I can also do the 10GbE test on that one. More to follow...