I really want to build a PFsense router in a small case (Mini-ITX I guess). But I don't want to spend a ton of money on it. I don't really need anything too special. I want to run packet prioritization (QoS or whatever it is called). A caching proxy. It should be able to handle Gigabit speeds. It needs to have decent WiFi built in (no external AP). And it needs to be quiet (no fans if possible).
My main problems are: I have no idea how strong the CPU needs to be and what brand/socket I should get. And thus I also don't know what motherboard I should go for. I suppose I need a motherboard with 2 Ethernet ports so that I can connect the Internet to the one port and the LAN switch to the other port because there wouldn't be enough space for a PCI card in a slim Mini-ITX case, right? (I mean I do have a 15cm PCIe riser cable, but how would I mount the card to my case and access the Ethernet ports in the end...)
I'm from Germany btw, so US deals aren't of much use to me.
It seems I was wrong then...that never happened before.
Thanks for link. Now I'm interested if this will run on a raspberry pi^^ (I'm not planning to actually use it, but for some reason if love to run "stuff" on these things :D )
I got the UP-Squared on order, but it has Realtek network cards... which is less than ideal.
These PC Engines boards are probably the best bet. You can get a 3 Intel Nic system, with case, and power supply for under $200. You probably don't need much more than APU2C2 https://pcengines.ch/apu2.htm
When I built my pfSense box I had the option of either a J1800 SoC or an Athlon 5350 as those were the systems I already owned and part of the reason I picked the Athlon was because it supports AES-NI but the OP did mention that fanless was an ideal situation and as you said losing AES-IN may not be a big issue in this case.
I was going to mention the PC Engines but I forgot the name of it.
Well, pfSense-compatible WiFi is a must for me. There has to be something that works, right? And I don't really need more than 2 Ethernet ports. One port will be attached to an 8-Port switch anyways.
I'd really prefer an x86 CPU, mainly because of virtualization support. But if I'd save significant amounts of money by going with these SoCs, I'll go with them.
Is there any particular reason beyond aesthetics or "I just don't want to" why you can't have a small wireless router slapped on the side/top and configured as a WAP? because it really is the most hassle-free way unless you have some serious space restrictions. Internal Wifi on PFSense is a pain.
I've done this method. You can do that if you want. Make sure you disable the DHCP, and connect to your LAN ports (not wan port). Also, make sure your admin address isn't the same as your other network gear. I changed mine to something like 192.168.1.254 so I could still manage it on the same network.
This is what I did with my PFSense setup as well. Works like a champ. The router I used is way better suited to being an AP than it was to being a router. PFSense masterrace.
Pretty much, all consumer grade wireless router work perfectly as access points and don't suffered from many of the same issues when its used as an all-in-one unit.
@MichaelLindman Thanks for the link. Well virtualization support would be nice in case I decide to run something else on the router, something that would only run on Linux. @NetBandit First of all, too expensive. Secondly, very bad experience with cheap APs. And third, I want all the stuff to be in one place. I mean other people have managed to get it to work, so I will definitely do it too.
@KemoKa73 Space, aesthetics, everything is one place -> easier to manage, easier to access stuff programmatically from pfSense, good APs are expensive, had lots of bad experience using cheap APs/Wifi routers/repeaters etc and the list goes on... As I said if other people have got it to work on pfSense there is nothing that can keep me from going that route.
As @NetBandit said, we are just trying to save you the headache of doing it all in one box, it really is a pain to get working correctly. Manufactures of WiFi cards often change the hardware inside but keep the same model numbers, so one card may work in pfSense but others may not, even if it is the same model number. If you really want to do this you'll have to do a lot of research into wireless cards to find one that is compatible.
Plus, putting the radio in the router is not that good of an idea. If all your devices were close to the router, you'd just use a cable.
With a Ubuquiti AP, you can inject the power, and just drag a cable to where you need it. They look nice on the ceiling - nicer than a smoke detector. I have them at work and home and they look great.
