OwnCloud error message

[lyle]

The pfsense box looks expensive! :(

 

[danb35]

The pfsense box looks expensive! :(

Doesn't have to be. Yes, it's expensive if you buy their hardware (I have one of their boxes, but they've jacked up the prices since I bought it), but it will run on commodity PC hardware and (unlike FreeNAS) isn't too demanding. It's still FreeBSD, so Intel NICs are preferred, and you'd want something with AES-NI in order to support the next pfSense release, but there are tons of options out there. Something like this should work well if you want small and silent, or more standard PC hardware will probably be cheaper yet.

Edit: I should probably point out that I'm not saying you need to use pfSense for this--by all indications, it sounds like you should be able to make this work on dd-wrt. I believe setting up OpenVPN would be much easier with pfSense (you'd do everything through the router's web GUI, and download a config file to put on your phone/laptop/tablet/whatever device(s) you wanted to use remotely), but then you'd need a separate wireless access point (I like Ubiquiti for that), so it wouldn't be an inexpensive proposition no matter how you do it.

 

[lyle]

I want one!! I'm already using a wireless access point (tplink/deco) - in fact I turned the wireless radio of my Archer C7 off and removed the antennas when I installed it on the w/e.

Still expensive though, and I doubt I could build a PC cheaper than that qotom. I may have to just put this on my xmas wish list for now!

 

[danb35]

Still expensive though, and I doubt I could build a PC cheaper than that qotom.

You could probably buy a used PC for less. But in any case, it's certainly more than a commodity consumer-grade router. Another possible option would be to look at one of the Ubiquiti EdgeRouter models; they also support acting as a VPN server (see these instructions for configuring OpenVPN, though they look like pure CLI--don't know if there's GUI support), and start around $100. Lots of ways to skin this cat.

 

[lyle]

You could probably buy a used PC for less.

I can't stand the thought of another fan making noise in my home office! So it would have to be itx form factor (fanless). Probably hard to find something used in this form factor....
I'll check out the Edgerouters too.

 

[lyle]

So now I'm obsessing and thinking maybe I will try a used PC. I found these two. They're both the same price. Similar processors, same storage, same RAM....

https://www.ebay.ca/itm/112917434481

https://www.kijiji.ca/v-view-details.html?adId=1344415109

 

[danb35]

The i3 doesn't have AES-NI, while the i5 does. You'd want that for VPN performance, and it will be a hard requirement for pfSense 2.5.

 

[lyle]

Thanks for pointing that out! Makes the decision easy. I'll pick it up this week. Now I'm just bitter that I wasted all that time on dd-wrt! LOL.

I guess I need a second Ethernet card/port. Anything I should watch out for or will any card work more or less?

 

[danb35]

It's FreeBSD, so hardware support should be pretty much what you're used to in FreeNAS. Intel NICs are generally going to be the best bet.

Oh, and you get ZFS-y goodness with pfSense too.

Edit: Here are OpenVPN instructions for pfSense.

 

[lyle]

Great thanks! Will keep you posted!

 

[lyle]

BTW- would there be any advantage to getting a dual port card? Like this:

https://www.ebay.ca/itm/Intel-Pro-G...646206?hash=item2cc467027e:g:j44AAOSwmZdZjSA-

 

[danb35]

would there be any advantage to getting a dual port card?

I don't know what that Dell has onboard; if it isn't an Intel NIC onboard I'd say definitely so. And since most non-server motherboards seem to use something other than Intel NICs...

 

[lyle]

If I believe this link, it is an intel nic. Would you see any other advantage to spending the extra $$ on a dual port nic?

https://www.cnet.com/products/dell-optiplex-980-sff-core-i5-650-3-2-ghz-4-gb-320-gb-4688405/specs/

 

[danb35]

If what's onboard is Intel, and you don't expect to do any fancy routing, I don't see that the dual NIC does anything for you.

 

[lyle]

Hi, Dan. Are you still out there? I know you've been dying for an update :)

Things are going GREAT! That Dell is sweet! It's the small form factor version, so very compact and virtually SILENT. PfSense is installed and the network is up and running smoothly. That's some nice software, I feel guilty that I got it for FREE! Haven't tackled the VPN yet...later this weekend.

Only problem is that I seemed to have bricked my C7 router. I tried to set it to a switch before I installed the pfsense on the Dell. In the dd-wrt interface I set- WAN Connection Type : Disabled. But I didn't change the IP address.

Now I can't communicate with it and it won't act as a switch. I tried using the physical reset button, but that had zero effect. When I plug it into the network I doesn't appear in the pfsense dhcp tables. Arrggg!!!

Any suggestions?

 

[Jailer]

It won't appear if you assigned it a static IP outside the DHCP range. And you do that on the LAN port not WAN. I hope you did that before you shut off the DHCP server on it.

 

[lyle]

Since it was the router, i’m pretty sure the ip was static x.x.1.1, and outside the new router’s ip range. Newbie alert!

What can I do now to recover?

 

[lyle]

Hey, Dan. Are you still tracking this thread? Followed the OpenVPN setup link you sent me, but struggling to get it working. I am getting this error when trying to connect:

TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed

Any suggestions you can offer?

 

[danb35]

I am still following the thread, though I don't immediately have an idea of what could be causing it. What are you using as a client?

 

[lyle]

Hi, there. I'm using a Windows/PC client. This same client worked fine back in the old days of dd-wrt with PPTP (last week).