Which Hardware to Choose For pfsense? Netgate VS Protectli, Qotom, Yanling, etc...

I've had good luck running my own hardware. I started out with a HP thin client T-620, moved to a T-630, and currently on a Lenovo M720q tiny, 1L PC with an I3-8300T and 8gb of memory along with a 4 port Intel i-350 NIC. All have been rock solid, and pretty low power consuming devices.

I dont trust those chinese undocumented machines, they are great on paper but I rather pay extra for a product I can trust

For those who find pfsense a bit complicated, ipfire is a great choice. I been running ipfire for many years and switched to running it on a protecli device a year ago. The bad thing about protecli though is many of their lower end devices (2 ports and 4 ports) have many hardware vulnerabilities due to the old intel chips being used. I have the 2 port version and it is plagued with hardware vulnerabilties. Ipfire has a built in checker to check for hardware vulnerabilities unlike pfsense, which is an awesome feature to inspect the hardware to ensure it is not vulnerable. I am working to look at different hardware since my current protecli i bought a year ago has to many hardware vulnerabilities on it now. If you get protecli, get coreboot bios, since all their stuff is made/flashed in china, but at least with coreboot you get opensource firmware vs who knows what extra stuff is included in the china flashed firmware.

For some reason, a Netgate I have deployed, loses it's WAN connection when the ISP changes the IP address. The WAN port won't grab the new IP. So you have to manually renew the IP. Very frustrating.

what about the failure modes of the infamous and ovepriced sg4860 from your friends at netgate?

I have a Dell 486. Will it run on it?

will pfsense hardware work with opnsense instead?

Off topic I think but,,,,,, you mention you have manyPfSense boxes deployed…. How are theyall managed? Is there a cloud based central site? Do you remote into each individually if needed? Most of mine have dynamic public IP’s so I rely on a pc in the local net to access which is really not good. Can you talk about remote mgt?

Built-In 5yr Obsolescence TechTrashin Up our soil, oceans, and Space😞

>intel nic
>cheap
that single nic cost more than everything else combined

Can you please suggest me a device for PfSense that support 10G (both on WAN and on LAN)? I have 10G connection to ISP and 10G network in house (Unifi switches). Thank you!

I got Topon N100 2.5G box for Pfsense 2.7

This was great for keeping clients off of cheap garbage. I do have to voice that all of Negates hardware has an astonishing lack of ports and expandability that often turns me off of them for anything except straight office networks and home networks. Anything with high level of redundancy needs I have to use custom servers and that makes me sad when they could produce one top of the line ststem with 5-6 expansion slots and really open up some high end market space.

Send the cards to rossman or another tuber

Thanks!

A bit of a list of actual hardware would be nice that you recommend

My Netgate 6100 is very awesome , I highly recommended it if it fits your budget and needs. No affiliation

Protectli whole or product line is made up of 5+ year old hardware

Hi Lawrence , I have the Qotom router , should I install pfsense directly on the hardware or first put proxmox on it and than install pfsense as VM on it ?

Sorry I didn't understand what these failed devices are? Are you referring Protectli or Quotom?

I just had a Netgate 7100 die on me after not even a year......the Problem was the powersupply.

And my biggest issue with this is that i had to send the whole device back from europe to the US, get all the customs stuff going and even pay a 100 bucks shipping on my own.

Even though i asked them if they could just send me a new power supply 🫣

Therefore I'm currently thinking of just buying a supermicro box an dropping pfsense on it......

.......as much as i've researched it seems supermicro also got eu warehouses and also i can easily get a new powersupply there 🙄

I will never buy a Netgate product until they start increasing thei memory on their devices. I would love to buy the Negate 6100 but 8Gb of memory. That's ridiculous. Especially when the competitors are offering 32GB or more.... for le$$

Does it make any sense to use pfSense at home when the hardware costs mount so quickly compared to off the shelf routers? Still trying to get a handle on this.

According to some of my quick research, Netgate has been up to some horribly unethical things recently.

This will be great for my home security which has been penetrated by virus called back orifice. I suspect it was from my neighbor who is a retired network engineer so I still need a way to protect Bluetooth devices since he lives in range

a business setting will not use any of those (including the Netgate units), real business settings require enterprise grade firewall units e.g. Cisco, Fortinet, Checkpoint etc., unless by "business" you refer to a small office, where in most cases even standard router with basic firewall capabilities will be more than enough.

Pfsense needs to get it together and get Realtek drivers working

NSFW_LAN looks interesting....

After 3 months usage, my R86S stopped working just like that. The CHINESE seller doesn't even give a warranty, so i needed to build a custom mini pc for pfsense. I should have build it from beginning. Never buy such components from Ali‐E...it is almost impossible to repair them without a laboratory, you cannot just change the embedded cpu or RAM like in custom PCs

please help. i dont understand this firewall well. my question is what if I have my existing network and want to integrate this firewall in my own system because I like the feature of my system. If use this firewall will all the features of my current router will gone because the firewall own features?

Thx

On the chinese boxes, have you ever put a sim card in one and configured the 4G/5G connection as a backup to the primary internet connection?

Love the videos. Newbie sounding question. How do you connect the netgate hardware to get wifi in the house. Networking hasnt been my strong suite.

My pfsense router for the past buncha years is an APU2 from pc.engines... sadly they are eol with no replacement.

Awesome video. I need a hardware recommendations for a first time simple home setup in 2024 please. My main use case is to replace my ISP router+ home lab.
I want to get in to pfsense but not 100% sure yet. I have a stressful IT job and sometimes by the time I get home I just want to relax. I would like something that can be setup in a set and forget manner but at the same time I can tinker around with it when I have time.

Is pfsense the right product here? What would you recommend for a first timer please?

Quick question:
Would you recommend running OPNSENSE on a Netgate 8300?

Small problem with your video... Protecli is manufactured by Yanling, Qotom is also manufactured by ... wait for it... Yanling! The NetGate stuff... wait for it again... DING DING DING! Yanling! It doesn't matter which one you buy because they are ALL made by Yanling.

Clark John White Thomas Wilson William

Wilson Michael Davis George Moore George

Williams Elizabeth Anderson Susan Rodriguez David

I bought a Netgate 6100 for my home router because of this video. I now regret that decision. I bought a Qotom Q20332G9 3 months ago just to play with it and it's now my router and I love it.

After doing some performance testing, the Qotom is MUCH faster for HALF the price. I have Google Fiber and with the Qotom I can get close to 5Gbps Internet speeds from my machines with 10Gbe NICs. The Netgate maxed out at a little over 2Gbps. (And yes, for both setups I'm using the 10Gbe SFP+ ports.)

I can't ever go back to PFSense now. The OPNsense UI is so much cleaner. The dashboards and reports in OPNsense alone are reason enough to switch. It's 2024 and PFSense STILL doesn't have an API. OPNsense does and this has opened the door to a lot of nice automations. I'm a developer so having an API is important to me (and it's easy for me to use) but for others, I can see how this wouldn't be important. I also use Home Assistant and having access to OPNsense from Home Assistant has been awesome. (There's no PFSense integration in Home Assistant because, again, PFSense doesn't have an API.)

There's nothing about PFsense that I miss and everytime I go back to the PFsense UI, I wonder why anyone is still using it.

I'm going to put OPNsense on my Netgate 6100 and use that at another location.

412 Schamberger Grove

Taylor Steven Clark Margaret Rodriguez Brenda

I use Sophos hardware for my PF boxes and it works great. I wish netgate had a donate button so I could contribute like I do for Ubuntu

The absolute most important factor when choosing hardware for pfsense is to ONLY use hardware with INTEL NICs!!!!!

Cheap hardware often uses RealTek (software driven NICs). Intel NICs always use real ASICs. No software NIC BS. The same advise is universally true. Never buy hardware that doesn't have an Intel NIC.

Will this help prevent wifi jamming? We have someone using an app or device to shut our WiFi off and on. Will the Netgate device prevent that by chance?

Another great video. I understand the rationale behind supporting Netgate and potential hardware QC issues, however as a security professional, are you not concerned with running pfSense (or any firewall) on hardware with outdated firmware. Are CVE Vulnerabilities not a significant concern? I've been running pfSense on a Qotom hardware without issues for a while now and not paranoid but starting to question that decision.

It's funny that you recommend Netgate for its reliability, especially since I'm watching this, currently dealing with a bricked Netgate 6100 after a firmware update, and there's no warranty at all, their support just said "buy another one because we can't help you" ...

I had the 3100 just completely die on me this week. Don't know what happened. The fact I can't repair it, kind of freaked me out, so I'm sticking to classic x86 computers now. The unfortunate truth is it's just the most cost-effective option.

sounds like a netgate commercial