We'd love to hear about it! Click here to go to the product suggestion community
I'd like to change my home UTM-9 hardware from an old PC to one of the newer QOTOM-like devices.
I need four NICs - WAN, LAN, 2 WLANs.
Price is an issue, I'd like to keep the total < CDN$375 (US$300) if possible.
I'd appreciate recommendations and any 'gotchas' I should look out for.
In reply to Mike_Cunningham:
Sorry for the late reply. Never received notification of another posting.
I can't honestly answer your question as I never turned av scanning on in the first place. All clients except for android devices have their own local av software (kaspersky).
Also, I don't know if the cpu load pictured earlier is valid because the 5250u is dual core with hyper threading. I don't think it's ready all core loads properly. Exsi cpu utilization shows around 100% (for all available cpus) if I do speed tests with IPS turned on.
There's a thread on here outlining a number of exceptions to add to utm so it skips scanning of netflix/youtube content. Also, since installing utm almost 8 months ago i've only had one IPS hit. Originating from a local client and targeting the utm, both on the local lan. I think that might be a false alert because it's the only one in so much time and has never been repeated.
I have att fiber coming out this week to install symmetrical gigabit because of ongoing upload issues with the cable isp. I'm hoping the install goes well and there's no obstacles. Supposedly fiber has been available in my area since 2015 so the network should be well developed by now. Most in the neighborhood have comcast, some have the other cable provider. It'll be interesting to see what the utm achieves assuming i'm able to hit advertised speeds connected directly to the att gateway. If all goes well I plan on keeping the cable around for a week or so while I do more testing.
Will be doing some vpn testing with the cable internet for as remote. At the least I expect a 500mbps+ upload with fiber. Should have no problem saturating the cable's 350 mbps download so the only bottle neck will be the utm hardware. I recall either here or on the pfsense forums, somewhere around 200-250 mbps was typical for a qotom 5250u vpn connection.
In reply to Jay Jay:
I am currently using the aliexpress box for the latest version of UTM and my NICs are in the correct order. My link speed is 4/0.4 so nothing gets really stressed.
No wifi, 8gb ram 128 ssd, 4 NICs.
In reply to rfcat_vk:
Did you have any issues installing the UTM as the Qotom box doesn't have a VGA port?
In reply to Jevin Lizardo:
I didn't get the qotom box, i got the aliexpress 4 port device that jay jay refers to earlier in this thread.
^^The box I referenced is the qotom box. The q355g4.
Edit: Q355g4, not q335g4.
Looks like there's countless of these mini pc's on aliexpress. How does the atom e3845 compare to an i5-5250u?
Looking at some of these other minipc's, the big drawback are the NIC's used.. Many are realtek, few and far between are intel. For a firewall/router appliance I wouldn't use anything but intel. Of course, the fastest cpu available is also high on the criteria list.
I'm pretty happy with my set up. Handles the 350mbps isp without issue. If all goes well, will have gigabit fiber by the end of the week. Will see how well the 5250u handles that.
Hi Jay Jay,
it has 4 genuine Intel NICs which are supported by the UTM software. The processors a quad core but i can't stress it due to ISP link speed limitations. Sometime this year I might get access to a 50/20 link. It is more powerful than most of the lower end SG/XG hardware.
I bought the box to replace my XG (the XG handles dual links very well), but instead put it in front of the XG to provide IPv6 connectivity. When t he link upgrade happens I will be back to one link and have to decide whether the XG or UTM. Hopefully by then the XG will have improved the IPv6 handling.
Here's a comparison of the Atom e3845 vs. the i5-5250U.
Intel Core i5 5250U vs. Intel Atom E3845
This qotom mini pc has the Intel I211-T nic which works.
In reply to alan weir:
If I was to buy again, I'd get this one.
This processor is somewhat faster than the 5250u, supports vt-d (for virtualization).
Higher base freq (2.4ghz vs 1.6ghz for the i5 5250u), and 4mb cache vs 3mb. Realistically negligible differences, but unfortunately the 5250u is no longer available. I paid $335 USD for mine last september. Looks like this new one is around $420 USD. Demand went up, prices went up. Or buy with no ram and get the ram at newegg/amazon.
Ram prices went up too!@# $65-80 for the 8gb of ram these days.
thank you for those links. If the new box is not capable of handling the load I will continue to use my existing XG.
The issue with that one, according to some people from the community, is that it doesn't have a VGA port (Only HDMI) which makes the Sophos ISO fail and get stucked at "Detecting Hardware". It might've been fixed now but I am not sure. Need someone from Sophos to confirm.
I can't recall with 100% certainty but I don't recall having issues installing when connected via hdmi. Ultimately I installed it under exsi so I could run other services on the box - freepbx and and a small ups monitoring linux install (cyberpower systems).