AliExpress HW for pfSense - cause for concern?

I bought a J4125 4-prot firewall box (Hunsen) on AliExpress. I think that it is actually manufactured by Yanling (J4125 Pfsense Firewall 4x 2.5G Lan) who also seems to be a supplier to Protectli.

The box works well and have operated 24x7 without any issues what so ever. However, I have become a bit worried about the security of these Chinese boxes and more specifically about the BIOS (UEFI Malware and such). There seems to be no BIOS updates available.

I know that the safe choice is just to purchase a Netgate 4100 but this device is very expensive in Europe. Its a bit much for a home office solution.

What is the oppinion on this forum. Would you guys worry?

Chinese boxes… No go for me personally.

1 Like

Never mind the lack of driver or bios updates. I was worried by more than that. When I was deciding on hardware, I was also worried about even things like the power supply with some of those AliExpress boxes. If I have something running 24/7 in my house when I’m not home, some how I just get a little more peace of mind, that the knowing power supply didn’t come from AliExpress.

A number of folks on STH forums bought some 2.5G boxes direct and have had nothing but problems, especially thermal related. Seems like OEMs stuff higher TDP CPUs in an existing fan-less enclosure with no regard to how they will perform under load. Folks end up tearing them apart, adding additional copper blocks, more thermal paste/pads, adding fans, etc. Just doesn’t seem to be worth the trouble. Protectli at least weeds out the poor designs, performs stress testing, and provides support. It’s your time and $.

I bought an old HP T620+ to avoid this problem, been fine for my home use. I’m told some of the newer HP thin clients also have a PCI slot (T730?) which would be the next step up to newer stuff. I guess it depends on what you are doing with it and how much you are willing to spend.

Used Supermicro servers (even the Hyve branded stuff) might be an option too.

Last year i had a HP T730 with 16gb ram fast ssd in it and everything.
It has 1 onboard broadcom nic and i added a broadcom quad nic card into it.
Nothing but trouble with pfSense and de broadcom nics.

Then i bought this HunSN RS34g micro system and it runs 24/7 since juli 2022.
Very satisfied with the HunSN micro system.


1 Like

If you read the whole thread, you’ll find that the vast majority of us have not had any problems at all. People complain about 40c at idle for a passive device, then find out that, hey, that’s pretty much what you can expect with no fan. There were some early boxes with quality issues where the standoffs were 0.4mm too tall and this opened a gap between silicon and copper, but a 10 minute rework fixed that easily.

Actual problems include kernel oops when running proxmox with pre-6.2 kernel, some mobos only supplying one clock line for two M.2 slots so you couldn’t run two SSDs that each required the clock, stuff like that.

The most recent posts talk about testing with different BIOS versions, so I’m not sure where the “there are no BIOS updates” comes from. I’ve got three different versions for my N5105 box that’s been running without any issues for 4 months now.

Good luck with Intel i225/i226 chipsets

This thread is great. I’m convinced, just haven’t pulled the trigger on one of these models yet.