Home Router and Firewall

I’ve been sending some time (and money) over the holiday to give my home network an upgrade. I grew tired of using the rather restrictive Apple Airport Extreme for my home router, but I didn’t want to go with another “embedded” solution. I also didn’t want to repurpose an old PC due to space and power restrictions. The solution was a small “NUC” style computer with a full operating system as a home router and firewall.

Jetway HBJC311U93W-2930-B
PC A.K.A. New Router and Firewall

Purchasing

I had a few requirements during my search for a good PC to use:

1. Cheap
2. Dual gigabit NICs
3. Virtualization support

While there were many incredibly cheap computers out there, the next two restrictions pushed the price up a bit. I found that $200 was the sweet spot during my search. I purchased a barebones Intel Celeron N2930 PC along with some RAM and a mSATA SSD.

At the time of purchase the cost breakdown was:

1. PC – $209.00
2. 8GB DDR3L RAM – $36.99
3. 64GB mSATA SSD – $37.99

Hardware Installation

The initial install of the SSD and RAM couldn’t be easier. The bottom plate of the enclosure is removed with 4 screws and a little prying unseat it. The RAM module snaps in, and the SSD slots into the mSATA connector and is held in place by a screw. Upon boot the BIOS recognized both the RAM and SSD without issue.

Software Installation

Virtualization

I was hoping to use the VMware ESXi hypervisor on the computer to provide easy remote management. To boil down a few hours of trial and error, there are no compatible drivers for the SATA controller. There is also an oddity with the display that I did not resolve where ESXi wouldn’t drive the HDMI ports after booting the kernel. I did not have a VGA display to test if that port was being driven, but using the COM port worked perfectly with a modification to the boot arguments.

I eventually decided that running a virtual machine on my “router” would have been nice, but wasn’t necessary. I moved on to trying other software.

Firewall Appliance

I looked at a few firewall appliances to run. I started evaluating pfSense, found Sophos UTM 9, and eventually settled on Sophos XG Firewall.

Sophos UTM 9 was almost immediately thrown out due to the 50 IP limit. I don’t quite hit that number, but counting devices I was easily able to get up to 40. I did not attempt to install it on hardware, but did install it in a VM for testing.

pfSense installed quickly and had drivers for everything. It detected the NICs and SSD without issue. I didn’t have any real problems with pfSense, but was pushed away from it based on the UI. I will be running the router at home where other non network savvy people may need access.

I installed Sophos XG last. It installed and detected all the required hardware without issue. After running through the setup wizard I was able to set up an isolated network to test with. I was content with the functionality and ease of use, and ended up installing it as my proper router (gateway / DHCP server / firewall).

Conclusion

I have only been running the new router for a day, but so far everything has been operating smoothly with multiple people streaming video, browsing, etc. I’ll update this post when it has a little more uptime under its belt.

Interested in what I used? All the parts were available from Amazon:

Jetway Intel Celeron N2930 Quad Core Dual Intel LAN Fanless – HBJC311U93W-2930-B

Kingston Technology 8GB 1600MHz DDR3L (PC3-12800) 1.35V Non-ECC CL11 SODIMM Intel Laptop Memory KVR16LS11/8

Premier Pro SP310 SATA 6Gb/s mSATA Solid State Drive ASP310S3-64GM-C

Agilent Active Probe

IMG_1219

I recently picked up a broken Agilent 1156A 1.5GHz active oscilloscope probe on eBay for cheap. This was a great opportunity to discover what is inside one of these probes.

IMG_1199

The above picture is inside the main probe body that connects to the oscilloscope. It provides the power for the probe head and identification circuitry for when it is plugged into the scope. There is no signal conditioning done inside this case. The coax connector passes straight through and into BNC connector which normally sits in the recessed cutout on the left.

IMG_1189

This next picture is the actual probe head. The amplifier is a bare die sitting just behind where the taper stops. It is wire bonded to the surrounding circuitry and is pretty much impossible to repair.

If the probe head is damaged consider the whole probe to be dead. It might be useful for parts on another older-but-working probe, but there isn’t much to be saved. However, if the probe body is damaged there is a good chance it is repairable!

There isn’t much more to explore on these probes without having a good microscope! If I have the chance to get better pictures of the front end I will add them to a new post. To close, here is another picture of the wire bonded probe head.

IMG_1197

RF Circulator

IMG_0926

I got my hands on a bunch of RF circulators! I decided to take one of them apart…

Continue reading “RF Circulator”

Multimeter testing at higher voltages

I needed a way to test out my HP 3478A multimeter at higher voltages. I ended up driving a transformer with a signal generator, then running the output directly into a voltage doubler. IMG_0772

Unfortunately the reverse breakdown of 1N4148 diodes is only a little bit above 100V. The solution (as seen above) is to simply run a few in series. I used a ceramic capacitor on the input, and an 0.47uF X2 rated filter capacitor on the output. Not really designed for high voltage DC, but it did the job! I was able to squeeze 426Vdc out with effectively no load (10M ohms).

IMG_0774

Lowering the amplitude from the signal generator gave me the 300V max the 3478A will take:

IMG_0773

 

Conclusion: It isn’t too hard to generate high voltages with readily available parts, and my 3478A works as expected. I didn’t even electrocute myself! Seriously though.. a little caution goes a long way.