SG-3100 price $349 seems quite high considering the fact that it has only ARM with no AES-NI :/ and the RAM/CPU is nothing extra. APU2D4 for fair price $278 with 4GB RAM and SATA slot for storage expansion APU2D0 for sweet $228 but "only" 2GB RAM and no internal SATA port So currently i am considering one of these In the future i might need IGMP proxy but this is optional for now
3-5 clients with low requirements from WAN perspective (I have 1Gbps L2 switch handling internal network) 3 clients with high bandwidth over WAN (up to 100Mbps but maybe more in future) Capability of handling ~100Mbps over OVPN (sha256) And there are also some other brand boxes (but better to avoid most of these i guess :D) Aside of these i found TekLager providing quite nice hardware as well. Meaning second question is " Which device for pfSense"? I've read the pfSense HW requirements and i see they have own HW (Netgate). currently i am more for the Appliance solution. More over the whole build would probably not fit into the existing cabinet sooo. " DYI or Appliance"? I don't have any spare-parts which would have necessary power with AES-NI capabilities (Not really necessary for now but still) so i would need to buy the parts which could get quite expensive. So the only way is the pfSense which seems to be the perfect match for me.//Edit: Final HW + cooling post HERE And the FW capabilities are limited as well. As i already have UniFi AP AC i was checking the USG from Ubiquiti but the HW specs are just sh!tty for my needs. That basically limits the area significantly. SOHO/plastic crap is not going to happen (overpriced devices with limited usage). And with ROSv7 not being released anytime soon i need to change the brand.
I like Mikrotik/Routerboads but the absence of OVPN is just big step-back for me. So after a decade i am looking for new solution for my home network. The CPU power w/o AES-NI is simply not enough. With no mangle and prerouting it hardly gets to 9Mbps. L2TP with IPsec catapults the CPU usage to 100% and it is not capable to handle throughput over 8Mbps. ROS ( still) does not support OVPN over UDP neither sha256 so no-go Technically the setup is not that hard but I've realized two major issues. I need to have some of my devices behind VPN and instead of handling this separately on the devices i wanted to do that on my RB450G (Mikrotik) via prerouting/mangle.
0 kommentar(er)
