Menu
What's new
By:
Filters Better Search

Netgate (or similar) SG-3100 overkill when I have ASUS RT-AC5300?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

T

Ted Danson

Regular Contributor
I'm thinking of building a pfsense box or buying a Netgate SG-3100 to put behind my ASUS RT-AC5300 router. This is for two reasons.

First, I'm reading a lot about the built in AI Protection and user data being sent to Trend (opt-in if you enable the feature). I don't want my data processed this way.
Second, I would like a device that gives me at the very least, 400 to 500mbps+ throughput for IDS/IPS, OpenVPN and general WAN connectivity purposes.

I know the RT-AC5300 is very powerful and I don't want to lose the device in my chain if it can be helped.

Is an SG-3100 overkill? How can I successfully implement it in the chain and keep some functionality, e.g. WiFi etc.

Does anyone have any tips or a buildlist for something that would suit my needs while keeping costs and power consumption down? I don't want a great big desktop. I want something with as small a footprint as possible. The SG-1000 is ideal but not powerful enough under the hood.

Thanks!
 
Ted Danson said:
I know the RT-AC5300 is very powerful and I don't want to lose the device in my chain if it can be helped.

Is an SG-3100 overkill? How can I successfully implement it in the chain and keep some functionality, e.g. WiFi etc.
Click to expand...
The Pfsense Netgaste SG-3100 devices is an "under-kill" as it has only: :rolleyes:
CPU: ARM v7 Cortex-A9 @ 1.6 GHz with NEON SIMD and FPU
CPU: Cores 2
Memory Options: 2GB DDR4L Non ECC

If you want decent performance in Internet filtering and VPN you need to go for an Intel CPU based device! :cool:
 
Now THAT looks juicy. I'm interested. Seeing as the thread is from 2016 some of those parts could be a good bit cheaper too.
 
The SG3100 will be fine on the front end as the primary router - then you can use the RT-AC5300 as an AP...

@joegreat - you make a point, but consider that the Armada 38x is far more powerful than the equivalent Broadcom chips, and the ARM based pfSense is designed specifically for that board.
 
You might want to consider running Untangle as a transparent bridge behind your RT-5300 router. I would think using an PC would be a lot faster. The problem with web filtering is it adds lag. The faster the processor the less lag. Clock speed is key not cores.

There are 2 ways to setup Untangle. One way is as a router and the other as a transparent bridge behind a router.
 
coxhaus said:
You might want to consider running Untangle as a transparent bridge behind your RT-5300 router. I would think using an PC would be a lot faster. The problem with web filtering is it adds lag. The faster the processor the less lag. Clock speed is key not cores.

There are 2 ways to setup Untangle. One way is as a router and the other as a transparent bridge behind a router.
Click to expand...

Thanks for this. It looks OK, though I think I'd prefer to have a pfsense box running due to the masses of support available etc. I'd like to do a few things with regards smart dns and openvpn/l2tp/pptp etc and pfsense ticks all the boxes for me in that respect. As well as IDS/IPS as best as the hardware will allow while all of these things will see a throughput of at least 400mbps so I don't bottleneck my WAN throughput.

EDIT: I should add I want to keep the footprint as small as possible as I can't hide this box away anywhere so don't want some desktop sat there etc.

Do you think something like this would be enough?

https://www.aliexpress.com/item/Qot...phics-HD-Video-VGA-Pocket-PC/32799580496.html (Q355G4 No RAM/SSD)

https://www.aliexpress.com/item/Kin...k-Mini-SATA-mSATA-8-16-32-60/32832979160.html (120GB SSD)

https://www.aliexpress.com/item/Sal...066mhz-SODIMM-DDR3L-DDR3-4GB/32864111819.html (8GB RAM)
 
Last edited:
I had a 2.4 Xeon processor which I ran both Untangle and pfsense with snort on. I thought Untangle ran best and was the easiest to setup. I am not sure I ever got the protection part completely setup in pfsense. It was a lot of work. I gave it up by reformatting and only ran pfsense naked because it was a lot faster. But I run a router now as I liked the older pfsense versions.

Over all I do not like the lag induced by that level of scan. So any small PC device would not make me happy.
 
You must log in or register to reply here.

Similar threads

A
AC5300 with Merlin can I use RT AC66u_B1 as a mesh node with either stock Asus FW or the AC66U merlin FW?
Replies
11
Views
1K
aross1976
A
HashMaster9K
Longtime ASUS user looking for relief from RT-AXE7800
Replies
17
Views
1K
tiddlywink
T
W
ASUS RT-AC5300 help in diagnosis
Replies
0
Views
3K
wrymer
W
Galaxysurfer
DNScrypt Using DNSrypt with Nordvpn on RT-ac68u or other DNS security tools
Replies
1
Views
2K
Patrick Walden
P
E
ASUS RT-AX88U vs Dedicated Firewall (pfSense, OPNsense)
2
Replies
22
Views
18K
Tech9
Tech9

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 752 (members: 18, guests: 734)
Top