Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Mastering pfSense

You're reading from   Mastering pfSense Manage, secure, and monitor your on-premise and cloud network with pfSense 2.4

Arrow left icon
Product type Paperback
Published in May 2018
Publisher
ISBN-13 9781788993173
Length 450 pages
Edition 2nd Edition
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
David Zientara David Zientara
Author Profile Icon David Zientara
David Zientara
Arrow right icon
View More author details
Toc

Table of Contents (15) Chapters Close

Preface 1. Revisiting pfSense Basics FREE CHAPTER 2. Advanced pfSense Configuration 3. VLANs 4. Using pfSense as a Firewall 5. Network Address Translation 6. Traffic Shaping 7. Virtual Private Networks 8. Redundancy and High Availability 9. Multiple WANs 10. Routing and Bridging 11. Extending pfSense with Packages 12. Diagnostics and Troubleshooting 13. Assessments 14. Another Book You May Enjoy

Hardware requirements and sizing guidelines

Once you have decided where to deploy pfSense on your network, you should have a clearer idea of what your hardware requirements are. As a minimum, you will need a CPU, motherboard, memory (RAM), some form of disk storage, and at least two network interfaces (unless you are opting for a router on a stick setup, in which case you only need one network interface). You may also need one or more optional interfaces.

Minimum hardware requirements

The starting point for our discussion on hardware requirements is the pfSense minimum specifications. As of January 2018, the minimum hardware requirements are as follows (these specifications are from the official pfSense site, https://www.pfsense.org):

  • CPU – 500 MHz (1 GHz recommended)
  • RAM – 512 MB (1 GB recommended)

pfSense requires a 64-bit Intel (x86-64) or AMD (amd64) CPU. You should also use a CPU that supports the AES-NI instruction set extensions (or another hardware crypto offload), as such a CPU will be required, starting with version 2.5. There are three separate images provided for these architectures: CD, CD on a USB memstick, and an image for ARM-based Netgate systems. The active default console for the CD and CD on USB memstick images is VGA, while the active default console for the Netgate image is serial. The NanoBSD images (for embedded systems, which enabled the serial console by default) have been deprecated with the release of version 2.4. The serial console can be enabled on images which default to VGA via the web GUI under System | Advanced.

A pfSense installation requires at least 1 GB of disk space. If you are installing on an embedded device, you can access the console either by a serial or VGA port. A step-by-step installation guide for the pfSense Live CD can be found on the official pfSense website at: https://doc.pfsense.org/index.php/Installing_pfSense.

Version 2.3 eliminated the Live CD, which allowed you to try out pfSense without installing it onto other media. If you really want to use the Live CD, however, you could use a pre-2.3 image (version 2.2.6 or earlier). You can always upgrade to the latest version of pfSense after installation.

Installation onto either a hard disk drive (HDD) or a solid-state drive (SSD) is the most common option for a full install of pfSense, whereas embedded installs typically use CF, SD, or USB media. A full install of the current version of pfSense will fit onto a 1 GB drive, but will leave little room for installation of packages or for log files. Any activity that requires caching, such as running a proxy server, will also require additional disk space.

The last installation option in the table is installation onto an embedded system using the Netgate ADI image. Netgate currently sells several ARM-based systems such as the SG-3100, which is advertised as an appliance that can be used in many deployment scenarios, including as a firewall, LAN or WAN router, VPN appliance, and DHCP or DNS server. It is targeted towards small and medium-sized businesses and may appeal to home and business users seeking a reliable firewall appliance with a low total cost of ownership. Storage (without upgrading) is limited to 8 GB of eMMC Flash, which would limit which packages could be installed. Another Netgate option is the SG-1000, which is a bare bones router with only 2 Ethernet ports, 512 MB of RAM and 4 GB of eMMC Flash.

You have been reading a chapter from
Mastering pfSense - Second Edition
Published in: May 2018
Publisher:
ISBN-13: 9781788993173
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image