Results 1 to 8 of 8
  1. #1
    Newbie
    Join Date
    Aug 2020
    Posts
    2

    Question Untangle suitability for home to replace my pfsense instance

    Hi All,
    I'm using pfsense v2.6.0 and in general it works perfectly well for my needs, and runs on a Seed Studio box specs blow:

    Components ODYSSEY - X86J4105
    Processor Intel® Celeron® J4105 (Frequency: 1.5 - 2.5GHz)
    Coprocessor Microchip® ATSAMD21G18 32-Bit ARM® Cortex® M0+
    Graphics Intel® UHD Graphics 600 (Frequency: 250 – 750MHz)
    Memory LPDDR4 8GB
    Storage 64GB eMMC V5.1
    Wireless Wi-Fi 802.11 a/b/g/n/ac @ 2.⅘ GHz HT160 & Bluetooth® 5.0
    Networking Dual Intel® I211AT PCIe Gigabit LAN
    USB USB 2.0 Type-A x2, USB 3.1 Type-A x1, USB 3.1 Type-C x1
    TPM Built-in TPM (2.0)

    My internet is with BT in the UK (VDSL2) and download is 75Mb and Upload 18Mb.

    The only gripe I have is I'm not sure if my setup is working as well as it could be for cloud gaming (notably stadia). I'm wondering if PPPOE being single threaded on pfsense is affecting the performance when the going gets tough, and ALTQ Traffic Shaping is also somewhat multi thread challenged. I've also tried FQ_Codel limiters and that's a bit of a mess too, but only for cloud gaming.

    So I am willing to give untangle a go, however I first need to check that all the wonderful things I can do in pfsense, can be setup within untangle, these are:

    1. IPV6 support - I currently request an IPv6 prefix/information through the IPv4 connectivity link on the WAN, and the LAN has "Track Interface" set to this IPV6 Configuration.
    2. OpenVPN Server 1 - Internet Only - My Dad connects to my current OpenVPN server from overseas to allow him to watch BBC iPlayer etc. to get around regional restrictions. This OpenVPN server only allows Internet Only access on connection, he can't see anything on the local network once he has connected.
    3. OpenVPN Server 2 - Internet and Local Access - This is used for myself to connect in and administer/support as required.
    4. OpenVPN Client - I've got an always on Client VPN with custom option (route news.usenetfarm.eu) that is used to route select destination hostname traffic via, such as Usenet.
    5. BufferBloat Mitigation - Traffic Shaping or SQM functionality to ensure gaming latency is at a minimum.
    6. Dynamic DNS to Cloudflare
    7. Firewall Scheduling to disable kids devices from accessing network between certain times.
    8. Lets Encrypt certificate generation/integration for a given domain

    I think that is all the must have's, hopefully untangle ticks all the boxes, look forward to the responses.

    Many Thanks!
    Last edited by saltyzip; 06-13-2022 at 09:44 AM.

  2. #2
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    874

    Default

    Quote Originally Posted by saltyzip View Post
    Hi All,
    I'm using pfsense v2.6.0 and in general it works perfectly well for my needs, and runs on a Seed Studio box specs blow:

    Components ODYSSEY - X86J4105
    Processor Intel® Celeron® J4105 (Frequency: 1.5 - 2.5GHz)
    Coprocessor Microchip® ATSAMD21G18 32-Bit ARM® Cortex® M0+
    Graphics Intel® UHD Graphics 600 (Frequency: 250 – 750MHz)
    Memory LPDDR4 8GB
    Storage 64GB eMMC V5.1
    Wireless Wi-Fi 802.11 a/b/g/n/ac @ 2.⅘ GHz HT160 & Bluetooth® 5.0
    Networking Dual Intel® I211AT PCIe Gigabit LAN
    USB USB 2.0 Type-A x2, USB 3.1 Type-A x1, USB 3.1 Type-C x1
    TPM Built-in TPM (2.0)

    My internet is with BT in the UK (VDSL2) and download is 75Mb and Upload 18Mb.

    The only gripe I have is I'm not sure if my setup is working as well as it could be for cloud gaming (notably stadia). I'm wondering if PPPOE being single threaded on pfsense is affecting the performance when the going gets tough, and ALTQ Traffic Shaping is also somewhat multi thread challenged. I've also tried FQ_Codel limiters and that's a bit of a mess too, but only for cloud gaming.

    So I am willing to give untangle a go, however I first need to check that all the wonderful things I can do in pfsense, can be setup within untangle, these are:

    1. IPV6 support - I currently request an IPv6 prefix/information through the IPv4 connectivity link on the WAN, and the LAN has "Track Interface" set to this IPV6 Configuration.
    2. OpenVPN Server 1 - Internet Only - My Dad connects to my current OpenVPN server from overseas to allow him to watch BBC iPlayer etc. to get around regional restrictions. This OpenVPN server only allows Internet Only access on connection, he can't see anything on the local network once he has connected.
    3. OpenVPN Server 2 - Internet and Local Access - This is used for myself to connect in and administer/support as required.
    4. OpenVPN Client - I've got an always on Client VPN with custom option (route news.usenetfarm.eu) that is used to route select destination hostname traffic via, such as Usenet.
    5. BufferBloat Mitigation - Traffic Shaping or SQM functionality to ensure gaming latency is at a minimum.
    6. Dynamic DNS to Cloudflare
    7. Firewall Scheduling to disable kids devices from accessing network between certain times.
    8. Lets Encrypt certificate generation/integration for a given domain

    I think that is all the must have's, hopefully untangle ticks all the boxes, look forward to the responses.

    Many Thanks!
    Looks like the box you have should work just fine.

    Not sure Untangle will tick every box though. You could download the trial version for 14 days and try it all..
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/c/jasonslabvideos << Please like and subscribe, helps me out !!

  3. #3
    Master Untangler
    Join Date
    Mar 2020
    Location
    UK
    Posts
    131

    Default

    Based on a number of those requirements I don't think Untangle NGFW will fully meet your requirements.
    Points 1 and 8.

    As others have said, download a trial and spin it up, but I don't think it'll meet the requirements. I'm moving away from Untangle atm.
    dashpuppy likes this.

  4. #4
    Newbie
    Join Date
    Aug 2020
    Posts
    2

    Default

    Quote Originally Posted by mikeyscott View Post
    I'm moving away from Untangle atm.
    What have you got your eye on as a replacement, my shortlist only consisted of Untangle and IPFire as specifically looking for multithreaded PPPOE. OpnSense has single threaded PPPOE hence why not on it.

  5. #5
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    874

    Default

    Quote Originally Posted by mikeyscott View Post
    Based on a number of those requirements I don't think Untangle NGFW will fully meet your requirements.
    Points 1 and 8.

    As others have said, download a trial and spin it up, but I don't think it'll meet the requirements. I'm moving away from Untangle atm.
    Opnsense Yep ! I still like Untangle/Arista 100% though. We shal see how things go this year.
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/c/jasonslabvideos << Please like and subscribe, helps me out !!

  6. #6
    Untangler
    Join Date
    May 2008
    Posts
    572

    Default

    Some of your deficits should be filled by 17.0 if they ever get the color change finished. But who knows. Openwrt will also fill the gaps for now. As for the letsencrypt issue use the wildcard and setup a script to propagate it.
    dashpuppy likes this.

  7. #7
    Master Untangler TirsoJRP's Avatar
    Join Date
    Oct 2010
    Posts
    478

    Default

    Quote Originally Posted by saltyzip View Post

    1. IPV6 support - I currently request an IPv6 prefix/information through the IPv4 connectivity link on the WAN, and the LAN has "Track Interface" set to this IPV6 Configuration. [Nope]

    2. OpenVPN Server 1 - Internet Only - My Dad connects to my current OpenVPN server from overseas to allow him to watch BBC iPlayer etc. to get around regional restrictions. This OpenVPN server only allows Internet Only access on connection, he can't see anything on the local network once he has connected. [Firewall rule]

    3. OpenVPN Server 2 - Internet and Local Access - This is used for myself to connect in and administer/support as required. [Yes]

    4. OpenVPN Client - I've got an always on Client VPN with custom option (route news.usenetfarm.eu) that is used to route select destination hostname traffic via, such as Usenet. [Tunnel VPN]

    5. BufferBloat Mitigation - Traffic Shaping or SQM functionality to ensure gaming latency is at a minimum. [QoS / Bandwidth control]

    6. Dynamic DNS to Cloudflare [Nope]

    7. Firewall Scheduling to disable kids devices from accessing network between certain times. [Policy Manager]

    8. Lets Encrypt certificate generation/integration for a given domain [Nope]
    See answers above.
    jcoffin, mikeyscott and dashpuppy like this.

  8. #8
    Master Untangler
    Join Date
    Dec 2018
    Posts
    217

    Default

    Quote Originally Posted by TirsoJRP View Post
    See answers above.
    #6 isn't exactly a *Nope* as you can use DNS-O-Matic and have Cloudflare set up within it.
    dashpuppy likes this.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2