Getting started with pfsense

OptimusPrime

Member
Apr 21, 2020
36
5
8
Hi Gang. I have a Orbi setup, and it sucks...the WIFI mesh is great (as-in zero issues in 2.5 years), but anything else I need to manage is awful.

Can someone point me to a getting started thread or web article for getting started with pfsense? Ideally, I'd like to get by with something to accommodate:
  • being a router
  • openVPN (just needed for me and my wife, no commercial work)
  • per device bandwidth reporting
And I need to decide on a device - not sure I want to VM this...do I buy an appliance, use an RPI4, or use build a cheap/purchase a cheap system.

I already have
  • I'll use the ISP's device as the modem...they won't talk to me about my speeds unless it is connected.
  • I'll put the Orbi's back into AP mode only
  • a fiber gigabit connection (typically 650 down, 800 up)
  • Brocade ICX6450-48P with 4 activated 10Gbe RJ45 SFP adaptors
  • CAT6 throughout the house
  • A shallow rack (cannot accommodate full-length rackmount chassis...the brocade required a 1in extension bar to mount it)
I am a hobbyist trying to have a better home IT setup...Thanks ahead for your advice and feedback
 

OptimusPrime

Member
Apr 21, 2020
36
5
8
@kapone I am not sure...I set it up as a dumb switch, then activated the POE ports I needed. A web UI says Layer 2 is activated...not sure it does layer 3

@gb00s I'm asking for someone to point me towards info because I do not see a guide or Howto for beginners on this...I'm asking for a "HowTo" for hobbyist beginners.
 

kapone

Well-Known Member
May 23, 2015
796
388
63
If you don't know....the chances of it running Layer 3 are slim to none. :) You'd have had to configure it for that, so you'd know.

Are you on Fios?
 

OptimusPrime

Member
Apr 21, 2020
36
5
8
@gb00s I concur ;) very slim to none. I have not yet stepped into advanced configuration yet.

Yes. I am running on the Fios gigabit plan. One of my angsts is I've never consistently had more than 650 downloads. They will not troubleshoot me unless I put their modem in. I put it back in once for a couple of days and had the same results, but had to move on. The upload speeds have always been fantastic which really helps my VPN and Remote Desktop needs. But now I really want to push back on them about the download speeds...so I figure may as well set up a router. Plus, I'm tired of the lack of panache...
  • when you activate the built-in access control and tell it not to allow new devices onto the network, the "built-in" guest WiFi still needs to log in and allow guests on to the guest WiFi...a slow and painful process.
  • updates break the OpenVPN, please it has no security settings
  • No device bandwidth monitoring
  • Updates break the OpenVPN
Thanks for the replies...
 

kapone

Well-Known Member
May 23, 2015
796
388
63
You don't need the Actiontec from Verizon unless you have TV through Verizon as well, WITH STBs. The STBs will only talk to the Actiontec over MOCA (There ARE ways to get it to work even in that scenario, but now it's even more complicated).

Do you have Ethernet coming out of your ONT or coax?
 

kapone

Well-Known Member
May 23, 2015
796
388
63
Your download speeds should be higher. Here's mine with pfSense (Ethernet from ONT direct), with no Actiontec.



 

OptimusPrime

Member
Apr 21, 2020
36
5
8
@kapone Thanks. I converted to ONT.

You are correct. You don’t need their router (currently I am not using it). Except, if you want to call tech support and complain about speeds. The first thing they do is log into the modem. Then tell you if you are not using the modem, they cannot proceed.
 

kapone

Well-Known Member
May 23, 2015
796
388
63
There's an "old gen" and "new gen" of the ONT, but if you're on a gigabit plan, you must have the new gen (the old one couldn't support gigabit).

When you say "I converted to ONT", I'm assuming you meant "converted to Ethernet from the ONT"? :)

If that's the case, the speed problem is not really on their end. The ONTs rarely have issues and if there's no Verizon router in the mix, the problem is on your end. Connect a PC directly to the ONT using a CAT cable and run a speed test. That removes your entire networking infrastructure from the mix. See what your speeds are.
 

OptimusPrime

Member
Apr 21, 2020
36
5
8
@kapone When I say "Converted to ONT", I got rid of the Coax, installed the new outside box for the updated Gigabit, and now I'm using Ethernet instead of Coax throughout the house.

When I have have done these two items:
  • Plugged the modem back in
  • Connected a computed directly to the ONT
I came up with the same speeds as using my Orbi. So regardless, I need to leave the modem installed for a for a couple of weeks or Tech support will not speak to me. Like I said - the choke point at this time is Frontiers required process for Frontier FIOS tech support.
 

OptimusPrime

Member
Apr 21, 2020
36
5
8
Update: reinstalled the FIOS router for testing. Turns out the bottle neck is in my Orbi router.

Cam anyone point me towards a thread or two for determining my hardware needs for pfsense? I’m seeing you don’t need much hardware, but I want to ensure it build it properly to handle my gigabit connection, 3 simultaneous VPN connections, and future considerations?