My Firewall Died …

🕒 7 min read (Quick)

What I thought would be a simple nighttime computer session with some studying and labbing in the mix turned into a little DR scenario at home to get the network back up. Good thing I had a backup of the configuration and some extra hardware on hand to spin up a new instance of pfSense.

I still have not confirmed the issue with the prior hardware (Qotom Fanless Mini PC). Currently it powers on, but I get no video output via the VGA port or the serial port, and no HDD activity via the activity LED, but the power light does come on. I’ll continue looking into it as I am curious to know what happened to the hardware. Hah, it is worth mentioning that this is a 7+ year-old piece of hardware that has been running 24/7 for most of its life.

Around the same time I got the previous Qotom Fanless Mini PC, I also bought another like it. I gave this other one to my daughter, and we installed Ubuntu on it a few years back. She has since bailed on this machine and primarily uses a Mac she has.🙄[we don’t discriminate on what OS we use in the house… but I must admit my daughter is a Mac user… haha] This thing came in pretty handy in this situation, as it’s now our firewall.

Getting the pfSense installer booted up for a fresh install on the “new” hardware

After installing the latest version of pfSense, I started working on restoring my existing configuration. You have to appreciate how easy it is to restore a pfSense configuration after a fresh installation.

I did run into an issue with the interfaces being restored out of order on the new hardware. This may have to do with the different names of the physical interfaces on the replacement firewall. With existing ports labeled as em0, em1, em2, & em3 and the ports on the new firewall being labeled igb0, igb1, igb2, & igb3, I’m assuming this is what caused the interfaces to be out of order in relation to the physical ports. In pfSense on the console, you can reassign the interface config, so in this scenario, I just needed to tell pfSense what physical interface should be where and what logical interfaces (VLANs) should be associated with what physical interfaces. After this was set, the new firewall began to serve traffic on my various networks, and services started to be restored, Hurrah!!

I’ve been recently considering moving over to supported pfSesne hardware, such as a Netgate 1100, and figuring out a way to mount it somewhere in my rack to save space. Either that or finding something rack-mountable, 1u to do another white box pfSense install with. The Qotom Q20331G9 1U also looks like a solid choice for my setup ATM. The reason I am looking at new hardware for my firewall is the need to give my pfSense instance more resources. I’ve been recently diving deeper into Suricata and using pfBlocker-NG more, and I’m starting to notice my current hardware struggling a bit under the load as I add more interfaces and rules to these services. Historically, Ive been able to run pfSense on pretty much anything, but when you start using some of these more advanced services, you will want to consider the resources you have available on your hardware. Any suggestion of other good options, I’m all ears!

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top