Firewall with pfsense on a thin client
How to install pfsense on a thin client
This being the 1st post, I thought that I should begin with the firewall since it occupies a central position in the network and it is the enabler of a multitude of tasks that otherwise are impossible to accomplish.
At the beginning of 2020, when the need for a firewall was becoming a necessity, I started looking around for a solution. Netgate’s pfsense jumped from the crowd as it was free, well covered in tutorials and how-tos and proven to be one of the best options on the market.
Now that the software was selected, a machine to run things up was needed. Since I have a gigabit fiber connection at home, I wanted something that will not bottleneck the throughput of the network. Searching on eBay for cheap computers that are up to the task, I found a lot of references to a thin client machine from Fujitsu, namely the Futro series. I settled for the S900 model, as it has some impressive power for the size and very frugal in electricity consumption. Yes, about electricity: it consumes 14W on full load. That's about €15/year running 24/7!
So I bought a Fujitsu Futro S900 AMD G-T56N 1,65GHz 4GB Thin Client from eBay at €25. No hard drive included, but Amazon was selling a TCSUNBOW mSATA Mini PCIe 32GB Series SSD Solid State Drive at €14. Besides the storage, the firewall machine needs additional network ports since it has only one gigabit RJ45 on the mainboard. There's a PCI slot on Futro's motherboard but since it's a slim case, a riser card (736TR3230K100) should be used to add a network PCI card. Go for a dual-port NIC, you never know what the future brings.
So here it is, pfsense installed from a USB key to the mSata drive. Booting from USB required pressing F12 when starting up the computer to select the boot media.
As you can see in the screenshot, the CPU has no sweat handling the network traffic. The load average is subunitary, even if behind the firewall there's a Synology NAS seeding torrents.
Who better than Tom Lawrence to explain the inner workings of pfsense in his videos! Because now that the system works you have a lot of work to do in pfsense to configure the firewall rules, install some nice to have plugins and the fun begins!
To sum it all up, the hardware cost was €50 (plus an intel dual-port NIC that I already had) and it's running at €15/year, in silence! That's some old 2011 hardware put to good use, don't you think?
