Quoc Huynh
Regular Contributor
Hi all,
As ramsomware threats are emerging and I am switching to an IPv6-supporting ISP, I plan to install a pfsense box (made from my old Xeon W-2133 computer with 32GB DRAM, 512GB SSD) in my home network to act as a firewall with IDS/IPS.
Currently my network configuration is ISP optical fiber modem -> Asus RT-AX88U router -> Wired and wireless devices and IoTs (probably adding an NAS later). My Internet speed is 100/20 Mbps, but I plan to upgrade them to Gigabit in the next few years. Moreover, I am running several scripts on the router as in my signature, including Diversion, Skynet, ntpMerlin, BackupMON…
I have read pfsense/opnsense threads on the forum but still feel confusing. Therefore, may I have some questions:
1/ Is it worth adding a pfsense/opnsense box to my home network?
2/ Is my Xeon system capable of running pfsense/opnsense with IDS/IPS enabled? How much energy consumption should I expect?
3/ I know that a pfsense/opnsense box from their shops would be more energy-saving and quieter. However, the Netgear 4200, which seems more capable of handling IDS/IPS in a Gigabit network, costs me nearly a thousand dollars. Therefore, I prefer to use my existing system.
https://erp.etsau.com/shop
4/ Should I put the pfSense/opnsense box after or before the AX88U, regarding that I only want it to be a firewall?
5/ If I put the pfsense before the AX88U and set the Asus router to bridge/AP mode for wireless clients, will all of the existing scripts still be functional?
6/ I also read that pfBlockerNG works similarly to Diversion and Skynet. In case the scripts are still usable, should I leave them on to create a so-called multi-layer firewall, or delete them for more flawless system?
Thank you in advance.
				
			As ramsomware threats are emerging and I am switching to an IPv6-supporting ISP, I plan to install a pfsense box (made from my old Xeon W-2133 computer with 32GB DRAM, 512GB SSD) in my home network to act as a firewall with IDS/IPS.
Currently my network configuration is ISP optical fiber modem -> Asus RT-AX88U router -> Wired and wireless devices and IoTs (probably adding an NAS later). My Internet speed is 100/20 Mbps, but I plan to upgrade them to Gigabit in the next few years. Moreover, I am running several scripts on the router as in my signature, including Diversion, Skynet, ntpMerlin, BackupMON…
I have read pfsense/opnsense threads on the forum but still feel confusing. Therefore, may I have some questions:
1/ Is it worth adding a pfsense/opnsense box to my home network?
2/ Is my Xeon system capable of running pfsense/opnsense with IDS/IPS enabled? How much energy consumption should I expect?
3/ I know that a pfsense/opnsense box from their shops would be more energy-saving and quieter. However, the Netgear 4200, which seems more capable of handling IDS/IPS in a Gigabit network, costs me nearly a thousand dollars. Therefore, I prefer to use my existing system.
https://erp.etsau.com/shop
4/ Should I put the pfSense/opnsense box after or before the AX88U, regarding that I only want it to be a firewall?
5/ If I put the pfsense before the AX88U and set the Asus router to bridge/AP mode for wireless clients, will all of the existing scripts still be functional?
6/ I also read that pfBlockerNG works similarly to Diversion and Skynet. In case the scripts are still usable, should I leave them on to create a so-called multi-layer firewall, or delete them for more flawless system?
Thank you in advance.
 
	

 
 
		 
 
		