Home Router and Firewall

I’ve been sending some time (and money) over the holiday to give my home network an upgrade. I grew tired of using the rather restrictive Apple Airport Extreme for my home router, but I didn’t want to go with another “embedded” solution. I also didn’t want to repurpose an old PC due to space and power restrictions. The solution was a small “NUC” style computer with a full operating system as a home router and firewall.

Jetway HBJC311U93W-2930-B
PC A.K.A. New Router and Firewall

Purchasing

I had a few requirements during my search for a good PC to use:

1. Cheap
2. Dual gigabit NICs
3. Virtualization support

While there were many incredibly cheap computers out there, the next two restrictions pushed the price up a bit. I found that $200 was the sweet spot during my search. I purchased a barebones Intel Celeron N2930 PC along with some RAM and a mSATA SSD.

At the time of purchase the cost breakdown was:

1. PC – $209.00
2. 8GB DDR3L RAM – $36.99
3. 64GB mSATA SSD – $37.99

Hardware Installation

The initial install of the SSD and RAM couldn’t be easier. The bottom plate of the enclosure is removed with 4 screws and a little prying unseat it. The RAM module snaps in, and the SSD slots into the mSATA connector and is held in place by a screw. Upon boot the BIOS recognized both the RAM and SSD without issue.

Software Installation

Virtualization

I was hoping to use the VMware ESXi hypervisor on the computer to provide easy remote management. To boil down a few hours of trial and error, there are no compatible drivers for the SATA controller. There is also an oddity with the display that I did not resolve where ESXi wouldn’t drive the HDMI ports after booting the kernel. I did not have a VGA display to test if that port was being driven, but using the COM port worked perfectly with a modification to the boot arguments.

I eventually decided that running a virtual machine on my “router” would have been nice, but wasn’t necessary. I moved on to trying other software.

Firewall Appliance

I looked at a few firewall appliances to run. I started evaluating pfSense, found Sophos UTM 9, and eventually settled on Sophos XG Firewall.

Sophos UTM 9 was almost immediately thrown out due to the 50 IP limit. I don’t quite hit that number, but counting devices I was easily able to get up to 40. I did not attempt to install it on hardware, but did install it in a VM for testing.

pfSense installed quickly and had drivers for everything. It detected the NICs and SSD without issue. I didn’t have any real problems with pfSense, but was pushed away from it based on the UI. I will be running the router at home where other non network savvy people may need access.

I installed Sophos XG last. It installed and detected all the required hardware without issue. After running through the setup wizard I was able to set up an isolated network to test with. I was content with the functionality and ease of use, and ended up installing it as my proper router (gateway / DHCP server / firewall).

Conclusion

I have only been running the new router for a day, but so far everything has been operating smoothly with multiple people streaming video, browsing, etc. I’ll update this post when it has a little more uptime under its belt.

Interested in what I used? All the parts were available from Amazon:

Jetway Intel Celeron N2930 Quad Core Dual Intel LAN Fanless – HBJC311U93W-2930-B

Kingston Technology 8GB 1600MHz DDR3L (PC3-12800) 1.35V Non-ECC CL11 SODIMM Intel Laptop Memory KVR16LS11/8

Premier Pro SP310 SATA 6Gb/s mSATA Solid State Drive ASP310S3-64GM-C

Leave a Reply