Hi,
I’m looking to build a new pfSense box for a small office.
I’m looking for something that has:
I found several Mini PCs with similar specs, but without the dual disk option.
Anyone knows any…?
Thanks in advance,
M.
Do you have a budget?
I could justify something around $300-$400
You’d almost have to piece together something like that. Nothing out there will have your requirements for less and $700 ready to go. You might get lucky with searching eBay.
You any examples?
Curios about the spec…
Anyone knows any…?
That is a hard ask. It has to do with the number of PCI lanes the CPU has (which is only 9 in total, and they are PCI 3.0 not 4.0). Each SFP+ port requires 4 lanes to operate at full speed. So either 8 lanes in total to the two SFP+ NICs OR the NICs won’t operate at full speed. A SATA controller will need 1-2 lanes depending on how many ports. Each NVME drive will need between 1 and 4 lanes. If you have a wireless card, that is another PCI lane. There’s just no reasonable way to configure an N100 with everything you want. You really need something with a U300 CPU or even a pentium 8505 CPU, which would give you 20 PCI lanes.
Alternatively there are embedded Ryzen chips that have lower TDPs, (V2000/V3000) that have plenty of PCI lanes as well.
thanks!
Have any example of those?
I built a 10gbe router using an Asrock Industrial IMB-V2000M board that I picked up on Ebay for $150. I stuck an Intel X520 dual SFP+ nic into it plus it has two realtek NICs built into the board. But it runs a little hot for a 1U case I think. I have it in a HTPC case that is somewhere between 1U and 2U.
Sounds nice, but this is going into a rack, where there is only 1u available for it.
I am sure you could work it out, but it won’t be quiet
it wouldn’t be the noisiest in the rack either 
can’t seem to find many of those (<$200) plus, I’m in EU so shipping would be another 100 or so…
specifying a rack mount device is probably limiting your options.
Why not get a small nuc pc and put on a shelf
There is nothing rack mounted that I can suggest that doesn’t cost over $1000usd.
What I will suggest is that maybe something like an HP T740 with an Intel x520 card would work, if possible I’d go with an x710 card which is a better match. You can get 4xSFP+ in an x710 card if you want to spend the money. But, unless you buy all of this used, you are going to be over $1000usd.
Here is 1 premade firewall that will fit on a 1u shelf and have SFP+ ports:
You could then (probably) install your OS of choice. The 2752 and 2770 would be better for installing in a rack, but more money. I’m sure Netgate has similar products in similar price ranges.
You can also look around for a Supermicro 1u server and add an x710 dual or quad port card, but I bet you are again over $1000usd. Anything in the x11 or newer generation will work, just a little Xeon E3 with 4c/8t should do what you need. I’m currently running an X11 based Supermicro with a low power Xeon E3-12xx and a quad i350 card for my firewall, plenty for what I need right now. Dual boot drives in a mirror and 16GB of ECC RAM (because the board requires ECC RAM).
thanks @Greg_E !
mmm, the SM option is interesting, just that it might not have the ports in the front, right?
Any change you could share a link to some Supermicro 1u (or just board) options?
Do you actually need dual hard drives - most of the PFSense units only have one drive.
Restoring PFSense does not take that long if you have the config file - you can config pfsense to backup the config to PFSense cloud backup.
It’s not a hard requirement, it’s just a remote location (for me to get to that office) in case of a failed drive, which might “shutdown” operation.
But no, it’s not worth the extra $500 on top of the budget.
Have you looked into HA PFsense over two devices - then you are covered for all hardware failures not just hard dries
not sure there’ll be extra room in the rack for another device, but I can definitely VM it (might just require more configuration effort).
oh… wait… the internet connection would still be bounded to a single device…
