What's new

pfSense/ OPNsense help

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Also, don't buy routers to be APs it's a waste of money and hardware. Buy a decent AP or two and hardwire them back to the new router you make yourself.

I have had the router for 2-3 years and I am currently using it as my router until my Hunsn and new cable modem arrive. I am planning on using it as an AP to save money since I already have it.
 
@Thomas01


Ok, so, it's a micro PC and will run whatever you decide to put on it. Forget about the wrts and senses for what you want to do. They're fine for run of the mill dumb router on various hardware.

Buy an actual AP that will take advantage of the port speed instead of repurposing the router. Once everything is setup then sell the router to make up for the cost of the new devices.

I use Ubuntu for my os. It's easy to work with and compatible with tons of hardware. For a simple router it doesn't need a ton of resources. I run 16gb of ram just for redundancy with two sticks but only need 4gb most of the time.

For some of the more intensive packet sniffing it might use more. The more rules in the fw filter the slower things can get. Having tried all of the suggestions out there for misc hardening it's best to keep it simple unless you need to dive into something suspicious. A good high level app is ntop. Shows you where packets are coming and going to. Spikes are easy to spot and investigate.

For day to day stuff if you want a gui use webmin. It's lightweight but gives you deep control without the bulk of the GUI. Most everything to configure things is cli anyway. A trick to make things like filtering easy is edit on notepad or some text editor and then refresh the rules when done.

For WiFi using a legit AP opens up vlans for segregating traffic like iot or guests. Decent APs have 8 vlans / ssids available if you bond them to both bands or 16 if you make them different. A decent AP can handle more clients than you will ever have at home. With a wired backhaul and a 2.5gbps port you can get single clients up to 1.5gbps when configured correctly.
 
I just setup pfsense in my home network with my VLANs, wireless APs, and my L3 switch. It took less than an hour to setup to get it all running probably about 45 minutes. I had to wait until the next day to upgrade to 23.01 version. As it would not work until something behind the scenes at pfsense had to happen.
It can be a pretty fast test to see if you want to run it.
 
Buy an actual AP

Do I have to mount or install an AP to the wall or ceiling or can I just put it on a table or something? Looking at Ubiquiti U6 Enterprise. Also is there a way to power it with ac power because I don't have poe. Can I use the poe adapter for this?
 
I use mine sitting on a bookshelf and it works just fine. I use a Zyxel nwa210ax and they're relatively cheap at this point around $150. Comes with an ac adapter or you can use poe either injector or switch. I picked up a 10ge injector for ~$60 since it has a 2.5ge port on the AP.
 
To me they are a lot easier to wire when they are attached to the ceiling. I use Cisco CBW150AX wireless APs. They cost $103 each.
 
I have 2 wallmounted and 2 just lying flat, the in the living room even behind a door to be out of sight. Works perfect
 
I think I'm going to go with OPNsense because it gets more frequent updates unless you think there are reasons I shouldn't?
I don't have an answer as I have only run the new pfsense for about 3 days. In terms of pfsense I think the closed pfsense 23.01 version is better than the older open pfsense code 2.6 version.
 
How much distance does it cover? It it ok for me to use the ac adapter or will I lose performance or something?
For me it's covering 1300sq ft corner to corner..

AC adapter is just power like any other piece of electronics. POE just allows you to streamline cabling into a single Ethernet cable for data and power in a single cable.


cloud management and or mobile app free or do I have to pay to use it?
There's a local web interface you just go to by IP in a browser. The cloud thing just does the same thing but allows for easier management when you have multiple setup.

Most brands push cloud but have local options.
 
@Tech Junky Am I going to need to buy a switch or can I just connect everything with what I have? Currently I have ordered:

Netgear Cm2050v cable modem

Mini PC/firewall

2X Zyxel NWA210AX
 
Don't need a switch if most things are WIFI. If you do need to hardwire more devices a cheap 1GE switch would suffice as your other wired devices probably aren't 2.5GE ports.

To get the most out of the AP's use the ports on the MPC.
 
How much distance does it cover?

For me, two 210ax's nicely cover a 3000-sq-ft 3-story house. They are both in second floor, one near north side the other near south side. WiFi coverage inside a building is usually less about linear distance and more about what sort of walls/floors the signal has to punch through. My place is WWI vintage, thick oak floors, plaster-on-wood-lath interior walls, not too WiFi friendly compared to modern construction. And I'm almost never using WiFi in the same rooms the APs are in, so my experience is almost always with a floor or a wall in the way ... and it's fine.

It it ok for me to use the ac adapter or will I lose performance or something?

Sure, use the AC adaptor if you want. PoE is for when you want to put the AP someplace where there's not power at hand. There's probably not ethernet at hand either, but at least you only need to run one cable not two.
 
I don't want to state this categorically, because I don't have a ton of experience to back it up ... but I think the nwa210ax's have some bugs in WDS mode (a/k/a mesh). It works mostly, but I was observing node crashes-and-restarts perhaps once a month or so while using that. I rearranged things to give the remote node a wired link and not use WDS several weeks ago, and it's not rebooted since then. That's absolutely not enough time to be sure that it's more stable, but it wouldn't surprise me that these units are mostly tested in wired backhaul mode. If you can run a wire to the remote AP, you'll be happier as to performance certainly, and reliability probably.
 
If you can run a wire to the remote AP, you'll be happier as to performance certainly, and reliability probably.

Hopefully there is/will be newer firmware available by the time all my hardware arrives from Amazon. It is going to be a pain to wire it because I need to order a super long ethernet cable and also a switch I think.
 
Hopefully there is/will be newer firmware available by the time all my hardware arrives from Amazon. It is going to be a pain to wire it because I need to order a super long ethernet cable and also a switch I think.

"Super long ethernet cables" are not that expensive --- I've got a 100' cable laying around the premises. It's more about whether you can route the cable unobtrusively.

Having said that, Zyxel's WDS mode works as long as your definition of "works" doesn't involve five-nines uptime. So you could probably live with it for awhile even if you end up upgrading to wired backhaul.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top