OPNsense Forum

English Forums => Hardware and Performance => Topic started by: Sirius1 on December 20, 2017, 03:44:30 pm

Title: Ethernet USB NIC support - ASIX chipsets
Post by: Sirius1 on December 20, 2017, 03:44:30 pm
New OPNsense user after being stranded by coming pfSense AES-NI requirement. Over the years have tried many different firewall/router distros going all the way back to Coyote Linux/Wolverine, Smoothwall/IPCop, Endian Community, and stock Cisco/Linksys routers. I did also look at OPNsense in later 2015, but decided to run pfSense at the time. Now I see OPNsense being a much more polished and complete product.

I agree with many other comments that I found the pfSense community unhelpful and opinionated. I planned to, and did, run pfSense on a small Asus notebook for size and power considerations, so had no choice but to use a USB NIC for one side. This option was dismissed in nearly every single forum post, so it was hard to find any good information going in.

That being said, I do now have recommendations for anyone looking for solid USB NIC options: Adapters using the ASIX chipsets seem to perform very well, and are stable. I used a Gigabit StarTech USB 31000S with AX88179 chipset for 2 years as my "inside" on pfSense with 8 802.1q VLANs. Among other options I now see that Amazon appears to offer this chipset in their "Basics" USB 3.0 adapter AE3101X1.

For my OPNsense install I moved to a nearly 7-year old HP ProBook 4525s that has a Gigabit RJ45 connection, but only USB 2.0. OPNsense recognized the AX88179 StarTech adapter, but the laptop would never pass traffic with the 3.0 adapter in a 2.0 slot. I bought Amazon Basic USB2.0 item AES2233X2 which has an AX88772B chipset and is recognized by OPNsense as a ‘generic 10/100’ USB adapter. It is passing traffic on my WAN side at 100Mbit speeds.

I thought the adapter I ordered was GigE but it wasn’t, so going at this again I’d make sure to look for USB 2.0 adapters with the AX88178A Gigabit chipset. They are out there but I don’t have a need right now until my cable bandwidth goes over 100Mbit. These adpaters should pass traffic up to 480Mbit USB2.0 limit, assuming there is a driver for it, or can force OPNsense to load the AX88179 driver instead. Having USB 3.0 would've resolved this with my original Gigabit adapter.

The ProBook has Athlon II P340 CPU, 6GB RAM, OCZ Vertex2 40GB SSD, onboard wired GigE with 8 VLANs on inside, and the 10/100 USB2.0 adapter on the WAN side. As a network admin, my home setup is a little more than the usual: Cisco Catalyst 2960 with 8-port Gigabit NetGear and TPLink ‘smart’ switches that are configurable and VLAN capable. WiFi is Ubiquiti UniFi controller (VirtualBox) and both AC-Pro and Lite access points running 4 wireless SSID/VLANs. Having more RAM, SSD, and slightly more powerful CPU than my original firewall laptop, this is running very nicely and feels subjectively faster for 4 home users (2 teenagers) with nearly 2 dozen network devices.

Yes you can run OPNsense on a laptop with 2 physical Ethernet interfaces! VLANs too! Thanks to all the OPNsense developers and contributors.The growth and improvement in the interface and features over the past 2 years is remarkable. Great product!