Network Upgrade (Part 1)

Posted on April 21, 2019 by Mike Pelley

As I keep saying, I am not a blogger and I do not post very often or with any regularity. Sometimes I use this blog for posting items that I would like to remember later and had a hard time finding. And, I always try to give credit where credit is due (likely my university science degree background…).

Anyway, about a year ago my SonicWall TZ205W went out of support. It was getting old anyway and many features I would like were not available. Bell Fibe (what used to be Bell Aliant FibreOp – I think FibreOp sounds cooler than Fibe, but anyway…) upgraded me to 500 Mbit/s. The TZ205W could barely push 100 Mbit/s. The neat Sonicwall “published apps,” if you will, either needed ActiveX (what?!?!?!) or Java. Java has security issues (especially outbound) and I don’t need to say anything about ActiveX.

I really like SonicOS – I know that this is a polarising statement – but it worked just fine for me. I liked the SonicWall appliances from the old, used, SoHo 3 I picked up from a local newsgroup to the TZ170 Enhanced to the current TZ205W. I started looking at a new SonicWall but that was pushing the budget limit with the annual maintenance. Plus, adding IDPS, etc. could really slow the system down. I also did not need a wireless version as I had Asus and Netgear access points. Now, I do not need 500+ Mbit/s but is do want it!

One of my staff – who is very open source – mentioned pfSense. It seemed interesting but I would have to procure my own hardware. I like having separate network infrastructure even though I’m a big VMware ESXi fan. I then spent a few months thinking about it…

I then happened on a video on YouTube by Tom Lawrence of Lawrence Technology Services. I like Tom’s videos; they can be a little technical which is great and his howto guides are great. Anyway, after watching a couple of his videos on pfSense I started looking at the Netgate SG-3100. Hmm… It is an appliance – like my old SonicWalls – so I would not have to buy additional hardware and ran pfSense. Looking good. I then went to buy it and… It was out of stock on Amazon (Canada). Dunh!

More thought…

I started researching what others were using for hosting pfSense and noted a few products. I eventually landed on a rack mountable chassis with 6  Intel 82583V GigE interfaces, an Intel I5-2540M with AES-NI support (was going to be required for pfSense 2.5 but no longer; that being said, it does help with OpenVPN offloading), 2 GB RAM and a 32 GB SSD on Amazon (Canada) for about $400 (similar to this one). Now, it did come with pfSense, from China, so that had to go. (Do not use it, do not upgrade it; reinstall from an official download. See this video.)

Off with a fresh, clean, checksummed ISO from pfsense.org I installed pfSense 2.4.4. I configured everything basically the same way that I had the old TZ300W (stay tuned for part 2 on what come out of that) and this was the result of my first speed test:

About Mike Pelley

Let’s see… A little about me… I’ve been around information technology since 1983 with computers such as DEC Rainbows (weird machine – the standard DOS couldn’t format its own floppy disks – remember them? – and I had to format them on a friend’s IBM PC) to Radio Shack TRS-80 to Apple ][e and Apple //c in the beginning. I have programmed in 8-bit assembly language on 6502, FORTRAN and COBOL on IBM System/370 (and I still hate JCL), VAX BASIC and COBOL (and a weird and massive WordPerfect 4.0 macro) on DEC VMS (Alpha), C/C++ on Digital Unix (ALPHA), and C/C++, Perl (it may be powerful but I still hate it), PHP on Linux (Red Hat, Centos, Ubuntu, etc.). I have work with databases such as Digital RDB (later to become Oracle RDB), Oracle DBMS, Microsoft SQL Server, MySQL and PostgreSQL on VAX, Alpha, Sun and Intel. Check out my professional profile and connect with me on LinkedIn. See http://lnkd.in/nhTRZe I still think that Digital created some of the best ideas in the world: VAX clustering, DSSI disks (forerunner to SCSI) and the Alpha processor (first commercial 64-bit processor – Red Hat screamed on an Alpha!). DEC just could not seem to be able to give air conditioners away to someone lost in the Sahara Desert! VMware is one of the best ways to get the most out of an x64 server. And I have tried Oracle VM, Virtual Box and Microsoft Virtual Server. Outside of that I am a huge military history buff starting in the early 20th century. I love Ford Mustangs (my ’87 Mustang GT was awesome) and if I had the money I would have a Porsche 928S4. If I had a lot of money I would have a Porsche 911 Turbo. I also play too much AmrA 3 Exile mod. Over 5,000+ hours... I have a wonderful son, Cameron. I have a long suffering (Do you really need all that computer junk?) wife, Paula. I live in Paradise, Newfoundland and Labrador.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.