Messages

Hi, what is the exact make and model of your CPU?  I have had no problems with running a single core on a i5-5250U mobile processor and 512MB of RAM without IDS.

If you want to use IDS then you would would at least have 2 cores on a CPU with good single thread performance.

Also what hypervisor are you using?

InstaNoodle, welcome to the forums.

Franco, thanks for your honest and transparent answer.

Are you trying to run this from a f1-micro?  I might have some time to see if I can get it going.

Hi lordwarlock,

Have you tried E1000 NICs under ESXI 6.0?  I am running E1000 NICs under ESXi 6.0 Build 5224934 with no dramas.  I was actually thinking about rebuilding OPNsense with VMXNET3 NICs, but have not got around to it.

Hi go2bar,

Have you tried to install FREEBSD 11.0 to see if you hardware is supported by FreeBSD? 

If this works then try this alternative method to install https://forum.opnsense.org/index.php?topic=4526.0

Is there a way to connect to an interactive serial console so that you can login via serial?  If you do you should be able to assign/configure the interfaces, then once you have network connectivity you can SSH in.

Well I would look at something with Intel NICs and a processor that is better than the Intel G3220 (average CPU PCMARK score of 3157) as quote from another forum

"Running Suricata on a Pentium G3220 (which is slower than a Core i3) and Suricata uses ~80% at 937Mbps (about the limits of my gigabit line)."

There are plenty of options, like just getting a Super Micro SuperServer or building a Shuttle barebones pc (eg DH110 with dual Intel NICs its 24/7 certified and can run in 0-50 degree Celsius temperatures).

Price/noise/power consumption are your three points that you need to trade off.

Hi THB,

Looking at PasssMark for the Core2Duo E2140 and reading some quick forums on the Zotac CI323 Nano I really don't think you are going to get 1000/1000 with these two options.

Also are you just looking for a standard firewall or are you looking to add IPS and/or other features such as Web Proxy and VPN?

sub $200?  Does this include RAM and M2 storage?

I feel that the E100-9AP, while great, is in a different league to the likes of a SG1000/BBB/RPI not only in size, but also power consumption.

If you are considering something that size, what about the PCEngines APU1/2?

+1 for looking for a Micro Firewall solution (like Netgate SG1000).

When looking at the SG1000 its shares a similar CPU to the BeagleBone Black (TI AM335x).

So it depends on how professional the solution would to appear.  A BeagleBone Black with USB to Ethernet adapter may do the job, put it in a nice metal (19" or desktop).  From what I remember the AM335x has separate buses for the USB and the NIC so you are not stuck with a shared USB bus like Raspberry Pi........ Raspberry PI3 with USB to Ethernet, gives you 3x more cores and 2x more RAM, though I believe you might need to wait for FreeBSD support.

For your VPN, I personally love SoftEther (not included with OPNsense, but worth mentioning) because it can do standard TLS/SSL VPN or VPN over ICMP and DNS..... Though I just read today that someone installed ZeroTier on OPNsense, which is another option.  It really depends on your desired network design (L2 vs L3) and skillset.

Hi Legremlins_keitaro,

Sophos UTM is based on CentOS AFAIK, which is obviously Linux.  OPNsense is based on FreeBSD so the errors you are seeing are probably due to the fact that FreeBSD does not support the hardware that you have.

Try running FreeBSD 11.0 to check.  If FreeBSD 11.0 runs then the OPNsense developers may be able to fix your issue.

Hi bcollins,

Have you tried OPNsense 16.7?  OPNsense 16.7 was based on FreeBSD 10.3, which is the same FreeBSD version pfSense 2.3.2 is based on. 

I would give it a shot because there could be an upstream FreeBSD issue causing the problems.  As OPNsense moved to FreeBSD 11.0 I would also test an installing using that.

FreeBSD does not yet support the WiFi chipset on RPI3 https://wiki.freebsd.org/arm64/rpi3 and as of today nobody is working on it.  Maybe when FreeBSD has full support (including SMP) it will become a reality.

Hi CincinnatiKane,

I am sorry to hear that you are having some problems.  Please provide as much information with regards of the steps taken, hardware used and anything else you feel relevant.  This will ensure that someone has all the information required to help you with your issue.

Hi CloudHoppingFlowerChild,

I may not be able to assist you directly, but I have been able to perform the update though I am using ESXi 6.0 Build 4600944.

My OPNsense VM has 348MB of RAM, 1 vCPU, 8GB HDD and 1.18MB of video memory.  Happy to run through all my settings if you think it would be useful.