Netgate SG-2100 pfsense Firewall Hardware Review

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

But it can't do gigabit! So close!

👍︎︎ 17 👤︎︎ u/subwoofage 📅︎︎ Sep 08 2020 🗫︎ replies

Note- This is not my video, but I follow Tom’s YouTube channel. He is very knowledgeable on pfSense. Given the recent interest surrounding Netgate’s new pfSense appliance, I thought this video would be of interest to people

👍︎︎ 34 👤︎︎ u/DeutscheAutoteknik 📅︎︎ Sep 08 2020 🗫︎ replies

Sooo very interested to see where VPN performance lands once they enable hardware crypto in 2.5.

👍︎︎ 7 👤︎︎ u/Bubbagump210 📅︎︎ Sep 08 2020 🗫︎ replies

I had hoped for a UniFi Dream Machine “ replacement.

My SG-3100 almost does what I want, but every other day or so, suricata ends up eating so much CPU that the watchdog thinks the system is unresponsive and reboots it. The UDM is twice the hardware at half the price, and runs Suricata at gigabit speeds, as well as 500 mbit IPSec. It is not pfsense though.

👍︎︎ 7 👤︎︎ u/8fingerlouie 📅︎︎ Sep 09 2020 🗫︎ replies

Man I really want it. Looks like a great piece of equipment. I’m running my pfSense in a VM right now which works okay but I feel like having dedicated hardware is usually preferred, at least for the main router. I don’t need a lot of power, just enough to handle a standard range of devices for a home and things like pfblockerng. This seems perfect.

👍︎︎ 7 👤︎︎ u/TheAlmightyZach 📅︎︎ Sep 08 2020 🗫︎ replies

Just got a SG-5100 should I be worried about a replacement coming out

👍︎︎ 2 👤︎︎ u/Atemycashews 📅︎︎ Sep 08 2020 🗫︎ replies

SFP port is nice to see.

👍︎︎ 2 👤︎︎ u/luckman212 📅︎︎ Sep 09 2020 🗫︎ replies

Captions

tom here from orange systems i've been waiting to peel the plastic off of this for well a couple weeks so i'm going to peel it off right now to reveal something that maybe you've seen the tweet already from netgate but yes this is the new sg 2100 that netgate has for running pf sense and i'm going to review this i like it i've been testing it now full disclosure as always this was provided from netgate with an early release and they request that tom not talk about it until uh it's been released which has been released i've been using this at home for a little while matter of fact a couple of the videos you've seen were actually done using this at home i just didn't show you the name of the actual device because i was using this one right here this is actually same one for my house and now this is from my house and but don't worry they're still internet at my house that's i just keep rotating firewalls and testing them anyways but this was provided as a demo unit and i've been reviewing it and it's going to cover all the hardware details and all the fun stuff related to it before we dive on into that if you could click that click that like button hard to say sometimes click that like button and first if you'd like to learn more about me or my company head over to lawrences.com if you like to hire a sharp project there's a hires button right at the top if you'd like to help keep this channel sponsor free and thank you to everyone who already has there is a join button here for youtube and a patreon page your support is greatly appreciated if you're looking for deals or discounts on products and services we offer on this channel check out the affiliate links down below they're in the description of all of our videos including a link to our shirt store we have a wide variety of shirts that we sell and new designs come out well randomly so check back frequently and finally our forums forums.laurensystems.com is where you can have a more in-depth discussion about this video and other tech topics you've seen on this channel now back to our content so let's start here looking at the lineup of arm available devices from netgate in 2020 so netgate has this sg1100 this is the 179 box pretty good i've used quite a few of these we recommend to a lot of especially home users provided you don't have a internet connection that exceeds about 400 megs these will run out perfectly fine they start to choke a little bit when you get up to even higher speeds they'll go a little bit faster but either way there's some limitations to a hundred seventy nine dollar device i like it it's very reliable but well that's a limitation another limitation is we only got three ports on here and they're out of the box configured as three logical ports then we look over here at the sg 3100 which has a four ports as one port essentially one logical but four ports as a switch so hey cool we got switches and vlans ability to do some uh custom configurations and don't need to buy a switch to be able to have a couple devices plugged in then we have the wan port and the opt port kind of the optional configure however you want including for a failover mode so that's definitely a great option and this one's 3.99 so we've got 179 399 and now let me set these over to the side here we have for 299 you can get this neck gate sg 1100 now one of the things i complained i believe before i did a video but there's no little screw holes to mount this i guess they just expected you to set it down like that well i mean i think there's a bracket you can get for it or 3d print one or just zip tie it so if you have a side mount wall which of course is ugly but there's different ways you can mount it but my favorite way to mount most any of these routers is just to have it molded in right here with a screw mold so i can just click there we go now even with that it stands off enough and this is offset enough and it doesn't really get that warm to still be able to easily dissipate heat so that's not a problem and of course we have these switch ports on here and this is especially for home users and some of the even really small offices we deal with they just have a couple devices they need a switchboard on there it's really convenient they want to be able to plug in their wi-fi maybe have a couple of vlans on there and they don't want to have to pay the extra for a managed switch and i know a managed switch costs less than the 120 price difference the 120 dollar price bump to go from this to this but don't worry there's more first we have an sfp not sfp plus now that sfp port over here great for being able to use exactly like we're doing here a fiber handoff directly to the pf sense device so if you have your isp coming in as a fiber maybe that fiber is far away and then you'd have to get fiber and convert it over to rj45 well they can forego that because now you can plug it in sfp directly to the device second we have an rj45 port but that's not a logical second port that is a shared medium these cannot be plugged in at the same time so that is essentially only a single lan port now in advanced configuration yes you can break these four ports out which by out of the box work as a switch they can be configured to be a logical port to create one maybe as a failover if that's a scenario that you need set up so it is something that can be done but maybe you should look at some of the other ones uh if you really need that spend an extra hundred dollars and get the one that has the extra logical ports on there but nonetheless we have that and then we have our barrel connector i like this because that means i can dangle it by the power cord with no worries of it coming out now that is also on the 3100 but the sg 1100 just has this one so if we were to pull too hard and slide it you just pop the powerpoint out completely not a big deal for us you know like a home user you know but if you're if you're trying to reach around you're trying to plug something in the back and you bump it and the cord was a little tight um not having that come out i don't know i like these connectors a little screw type in there so they don't just fall out so what are the other details about this and one of the other things they've done is add a memory bump so as i said i was using this for a few weeks at home i had no issues with it at all and this does have eight gigs of memory and that means loading extra plug-ins not a problem now if you're familiar with the other netgate devices you can go here to interface and this shows up for switches this is on devices from netgate that have this switchport built in there's that vlan option and by default all the ports are tagged so any vlan crate just goes out like normal but then there's an advanced option where you can set this up to do that cutting out of the ports make them logical ports for you know trunking them for different purposes or configure them as a logical port and they do not have as of right now september 8 2020 the documentation finished for the sg 2100 for this part but i talked to decades and they did let me know they're working on it should be updated soon so probably even by the time you're watching this video depending on how far in the future it is that documentation may already be available but you can follow along if you order one of these and it gets there before the documentation it's the same configuration as the sg3100 where they have a step-by-step instructions i've covered this i believe in other videos of how you can create these as logical ports and tag them i've also covered this more in depth on the xg 7100 as well from netgate now they've also added this which is the lineup in terms of where it falls into different speed and by the way they update this based on versions of pfsense so spf sense has updated versions if the speed gets better they will reevaluate the just an fyi also there is a crypto chip if we'll go back over here to the page on this and the crypto chip is listed as inactive my understanding is this will be a psense 2.5 feature they will have better advantages um to the crypto because there's going to be some updated drivers once again that will update further so this will actually get faster in the future uh based on tweaking of drivers and updates from pfcn so i think that's pretty cool they're going to have that but when they have it comes down to the speed they do have all the different speeds broke down here so you can see where it kind of fits in the lineup your ipsec vpn based on your and we'll show you the top here iperf traffic now iperf is a benchmark i've used in the past it's more of a synthetic benchmark not necessarily representative real world traffic that's why they do both they do iperf traffic and imax traffic imax traffic is a whole mix of traffic run across and that is more representative real world traffic that's why you get these two different numbers and you can see how much different it is that's because the traffic you're running just doing a speed test is not the same as actually functioning so you may have a device that can speed test really fast because it can handle a single packet stream faster than it can handle a mix of well more realistic traffic that goes across your network and they have it all broke down here so you go from 74 to 118 46 to 68 so you get a speed bump and power over the sg 1100 so you're not just more memory a little bit faster processor on there and of course that kind of plays across all the way for all the different rules and everything you create now this is still not as fast as the sg3100 so if you have a need for even more speed on your vpn especially a lot of people are working from home and you want to remote into that or have a site to site set up using like a 3100 um that's still going to get you a little bit more speed so take that into consideration and if you are someone who says i just really need a lot more speed well just keep going down the list until you find the one that matches the speed that works for you on the comparison chart here but other than that i'm having more memory being able to run things like seracota and all the other packages or as these packages over time get bigger because they have more features that's a nice addition to have that extra memory i've had no problems with it it's been a great device i didn't bother taking this one apart unless there's enough demand i'll tweet out some pictures of it taken apart um i just didn't want to dig out the security bits to try to fit into it and take it apart but uh there's nothing serviceable inside sort of anything interesting for me to really dive into or talk about but my overall i like it it's a welcome lineup kind of that fitting in between just like i had them stack the little bit more features a little bit more speed than your 1100 but hey saving a hundred dollars from buying a 3100 and i'm hoping that netgate has some more devices where in the future as they come out with new devices we see more of these sfp ports on there this is just going to be a more common way companies are handing it off with fiber becoming more prolific and more companies offering it from a vendor standpoint or even if you're using these uh to start as a fiber distribution to get to another end of office but you still need routing out of direct connection once again fiber handoffs are kind of handy and if you don't want to use the fiber handoff i mean you can still have a standard lan port so it's not like you have to use it it's still got the standard lan port right next to it so hopefully this was insightful questions comments concerns head over to the forums leave some messages below and thanks and thank you for making it to the end of the video if you like this video please give it a thumbs up if you'd like to see more content from the channel hit the subscribe button and hit the bell icon if you like youtube to notify you when new videos come out if you'd like to hire us head over to lawrences.com fill out our contact page and let us know what we can help you with and what projects you'd like us to work together on if you want to carry on the discussion head over to forums.lawrences.com where we can carry on the discussion about this video other videos or other tech topics in general even suggestions for new videos they're accepted right there on our forums which are free also if you like to help the channel in other ways head over to our affiliate page we have a lot of great tech offers for you and once again thanks for watching and see you next time

Info

Channel: Lawrence Systems

Views: 106,389

Rating: undefined out of 5

Keywords: lawrencesystems, pfsense, sg-2100 reviews, netgate pfsense, netgate hardware, netgate sg-3100, pfsense setup, pfsense vlan, pfsense build, pfsense router, pfsense openvpn, pfsense firewall, router, firewall, netgate sg 3100, netgate sg 3100 review, netgate sg-3100 setup, netgate sg-1100 vs sg-3100

Id: 7E6TQXpuZN8

Channel Id: undefined

Length: 11min 21sec (681 seconds)

Published: Tue Sep 08 2020