Newbie here.
Has anyone tried opnsense with
https://www.aliexpress.com/store/product/QOTOM-Q355G4-2017-New-fanless-X86-4-LAN-Micro-Computer-I5-5250U-Dual-core-onboard-1080P/108231_32800711474.html
hi, I've bought it months ago and it works with pfsense and opnsense flawlessly.
Thanks a lot. :)
I started buying these and they are great, even better now that Amazon has them.
Nice box, except the embedded WiFi card which seems quite unstable even as a regular WiFi client.
Hoi,
I got mine from aliexpress and it shipped very quickly. On the description of the one I ordered, it was declared that WiFi is not supported under pfSense (which I unfortunately only discovered after I got the box here - but the proce difference is not big anyway).
https://www.aliexpress.com/item/Mini-PC-4-Ethernet-Lan-with-Core-i5-Pfsense-Firewall-Mini-Computer-Fanless-PC-Server/32817388248.html
Cheers, Remi.
Hi,
Let's be clear, for me this is the
BEST FANLESS HARDWARE FOR OPENSENSE !!!some iperf gives: Full 1Gbps bandwidth with filtering & nat with less of 20% of one core.
Some bad points:
- Wifi is not working fine with OPNSense order it wthout Wifi or ask to Qotom to build with a compatible one.
(I have changed it for an Atheros 9280) - Bios have no ouput on serial port
- Ethernet interfaces are not mapped well: 0-0 1-2 2-3 3-1 (hardware-system)
Here is the dmesg
https://pastebin.aquilenet.fr/?e6af1840b309fa8a#cRsTTwNP7QYgZ88VqE5TXl5iEtGoCZFRiUI7lVo9KJA=
@sachaz, Is the gigabit internal only or do you have a FTTH/FTTP? Do you run any VPN connections on it? How many?
I'm going to be getting a 1000/500 connection soonish and want to make sure it can actually handle it with more than just average home browsing/Netflix.
I'm going to have (at least) 2 VPN connections with (a lot) of different routes. I don't want to be bottlenecked by the edge device. :)
- Toucan
Quote from: remigius on September 08, 2017, 10:26:23 AM
Hoi,
I got mine from aliexpress and it shipped very quickly. On the description of the one I ordered, it was declared that WiFi is not supported under pfSense (which I unfortunately only discovered after I got the box here - but the proce difference is not big anyway).
https://www.aliexpress.com/item/Mini-PC-4-Ethernet-Lan-with-Core-i5-Pfsense-Firewall-Mini-Computer-Fanless-PC-Server/32817388248.html
Cheers, Remi.
Is there any difference between that one and this one?
https://www.aliexpress.com/item/QOTOM-4-LAN-Mini-PC-with-Core-i3-4005U-i5-5250U-processor-and-4-Gigabit-NIC/32812678037.html?spm=2114.search0104.3.1.836tN9&ws_ab_test=searchweb0_0,searchweb201602_3_10152_10065_10151_10130_10068_10344_5620015_10345_10547_10342_10546_10343_10340_10341_10548_10545_10541_10307_5640015_10060_10155_10154_10056_10055_10539_10538_5370015_10537_10536_10059_10534_10533_100031_10103_10102_10142_10107_10324_10325_10084_10083_10178_10312_10313_10314_10073_5630015_5720015,searchweb201603_2,ppcSwitch_5&btsid=c6109212-57ac-40af-971c-8aff3fc5e393&algo_expid=1f6400de-07b4-4a70-9095-0e4f0c341a62-0&algo_pvid=1f6400de-07b4-4a70-9095-0e4f0c341a62 (https://www.aliexpress.com/item/QOTOM-4-LAN-Mini-PC-with-Core-i3-4005U-i5-5250U-processor-and-4-Gigabit-NIC/32812678037.html?spm=2114.search0104.3.1.836tN9&ws_ab_test=searchweb0_0,searchweb201602_3_10152_10065_10151_10130_10068_10344_5620015_10345_10547_10342_10546_10343_10340_10341_10548_10545_10541_10307_5640015_10060_10155_10154_10056_10055_10539_10538_5370015_10537_10536_10059_10534_10533_100031_10103_10102_10142_10107_10324_10325_10084_10083_10178_10312_10313_10314_10073_5630015_5720015,searchweb201603_2,ppcSwitch_5&btsid=c6109212-57ac-40af-971c-8aff3fc5e393&algo_expid=1f6400de-07b4-4a70-9095-0e4f0c341a62-0&algo_pvid=1f6400de-07b4-4a70-9095-0e4f0c341a62)
Same model number, same processor and when configured with the same specs (4GB RAM, 32GB SSD), the link you posted is $5 cheaper and it's from Aliexpress as well...
Edit: And of course, there's even another page with the same exact model number, specs, etc. but a different price:
https://www.aliexpress.com/item/2017-New-4-LAN-Core-I5-5250U-Fanless-Micro-PC-home-routerSupport-pfsense-linux-firewall-etc/32798522352.html?spm=2114.search0104.3.1.iaQOEt&ws_ab_test=searchweb0_0,searchweb201602_3_10152_10065_10151_10130_10068_10344_5620015_10345_10547_10342_10546_10343_10340_10341_10548_10545_10541_10307_5640015_10060_10155_10154_10056_10055_10539_10538_5370015_10537_10536_10059_10534_10533_100031_10103_10102_10142_10107_10324_10325_10084_10083_10178_10312_10313_10314_10073_5630015_5720013,searchweb201603_2,ppcSwitch_5&btsid=493ac3ca-1225-49bc-954f-115c031fa3b9&algo_expid=1ae04118-dfee-4ea0-b573-6b4aa4f7e47e-0&algo_pvid=1ae04118-dfee-4ea0-b573-6b4aa4f7e47e (https://www.aliexpress.com/item/2017-New-4-LAN-Core-I5-5250U-Fanless-Micro-PC-home-routerSupport-pfsense-linux-firewall-etc/32798522352.html?spm=2114.search0104.3.1.iaQOEt&ws_ab_test=searchweb0_0,searchweb201602_3_10152_10065_10151_10130_10068_10344_5620015_10345_10547_10342_10546_10343_10340_10341_10548_10545_10541_10307_5640015_10060_10155_10154_10056_10055_10539_10538_5370015_10537_10536_10059_10534_10533_100031_10103_10102_10142_10107_10324_10325_10084_10083_10178_10312_10313_10314_10073_5630015_5720013,searchweb201603_2,ppcSwitch_5&btsid=493ac3ca-1225-49bc-954f-115c031fa3b9&algo_expid=1ae04118-dfee-4ea0-b573-6b4aa4f7e47e-0&algo_pvid=1ae04118-dfee-4ea0-b573-6b4aa4f7e47e)
Edit 2: I couldn't find any difference other than price and some of the configuration options are slightly different depending on which page you're looking at. I ended up order the first link I posted above (4Gb RAM/32Gb SSD) based on it having significantly more reviews.
Quote from: sachaz on September 09, 2017, 07:24:47 PM
Hi,
Let's be clear, for me this is the BEST FANLESS HARDWARE FOR OPENSENSE !!!
some iperf gives: Full 1Gbps bandwidth with filtering & nat with less of 20% of one core.
Some bad points:
- Wifi is not working fine with OPNSense order it wthout Wifi or ask to Qotom to build with a compatible one.
(I have changed it for an Atheros 9280) - Bios have no ouput on serial port
- Ethernet interfaces are not mapped well: 0-0 1-2 2-3 3-1 (hardware-system)
You mentioned the Bios has no output on the serial port. Unfortunately, I don't have any TVs with HDMI near the area I want to setup my hardware so I was planning on using the serial port. Can you still install OPNsense using a serial cable connected to a computer? If so, is there anything in the Bios that you needs to be changed or that you recommend changing? I could install OPNsense in another room with a keyboard hooked up to a TV then just move it back to my office room where my computer is to setup the interfaces via serial.
I sent the manufacturer, my patch for compatibility with the Intel IEEE 802.11ac wireless network driver.
Here is the link of my script for pfSense : https://mega.nz/#!OEdGAIYa!nh9gejIJswBjpBRRzwuX6mVZb4Zu2Wz8rRO-GX3sExs
I will send you very soon for OPNsense, because it does not work in the same way, I must add the loading modules in the folder /usr/local/etc/rc.loader.d, because I do not uses pfSense for banishment related to this script, and the closing of the Kernel source code.
I still don't understand why they would kick you for that? Odd indeed.
What are you guys using for ram? Would 4gb be sufficent or should I just get 8gb. Kingston or Hynix $20 difference between brands.
Even if Intel Core i5-5250U is a one increment newer generation one, I would go with Intel Core i7-4500U: 4 MB SmartCache for i7, 3 MB for i5 && also very important is the CPU speed difference, clearly an advantage for i7 since OpenVPN is (still) single threaded, so the speedier the CPU, and the more cache, the better, and it's all that matters for that fact (as long as they both have AES-NI instruction set available, and they both do).
Comparing the two on ark.intel.com couldn't find any supported HW implemented instruction set difference that would clearly steer the decision toward generation advantage, and from speed and cache size advantage.
What do you think? Did I miss something?
PPPoE is single threaded as well, so another reason to get a CPU with very good single-core performance :D
@hutiucip
I5 5250 supports vt-d, the other one does not. This is necessary in virtualization to allow pci passthrough. That is direct access to peripherals rather than emulation. Example, exsi does not allow tagged vlan 0 traffic through their network stack. Using pci passthrough the nic can be configured for direct access by VM allowing access to full capabilities of the nic.
Thank you very much, GPz1100! :)
Hi, resurrecting this old thread as I'm interested in buying Qotom box...
2 models I'm looking at on Aliexpress:
Qotom Q355G4 (Intel Core i5 Processor, 5200U)
Qotom Q370G4 (Intel Core i7 Processor, 4500U)
There's £10 in it - a few comments on this thread suggested the i7 was probably the preferred option.
Sound reasonable choice still ?!
Thanks :)
But to be clear on the CPU performance, it is only important if you have the WAN bandwidth or internal need for the speed.
For the most firewalls and even routes I run, Atom or embedded CPUs still good enough. Single core frequency >=2.4GHz and everything looks good for me.
Only if you're talking about VPN with more than 200MBits the CPU performance is important. I know this becomes more and more important since the available bandwidth is growing fast. For most usecases the i5 with AES-NI will fit the needs for 95%
More important are good network chips with good driver support and options to tweak.
Quote from: banym on October 03, 2019, 09:48:29 PM
But to be clear on the CPU performance, it is only important if you have the WAN bandwidth or internal need for the speed.
Thanks - makes perfect sense. Unfortunately, you are correct - I don't have the DSL speed to need i7 (or even i5 !). But I'm okay with some overkill, so I think the i5 will do!
I would go for the i5 since it is a newer generation (Broadwell vs Haswell).
You have considerations other than line speed. Do you want to run Suricata or VPN? Either will need some compute resource.
Bart...
Quote from: xinnan on November 03, 2017, 01:10:11 AM
I still don't understand why they would kick you for that? Odd indeed.
Because Netgate hate Qotom, and any mention of Qotom will probably get you an instant ban. They do not want you to buy someone else's hardware, they want you to buy their overpriced hardware. Qotom install pfsense for you if you want it, after all it's supposed to be free & open source.