This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall Home edition on Celeron J1900

Hi All

Apologies if this has been asked before

I have a qotom hardware with 4 Intel NICs running on Intel Celeron J1900 processor. I was running OPNSense on it for many months and wanted to try out the XG Home edition version 18.0.1-396. I tried to install it with both UEFI and Legacy boot and could only boot it with Legacy Boot option. 

Post the boot, after 2-3 minutes, it just hangs and I can't ping 172.16.16.16 and no response on the VGA console. What should I do to fix this issue

Following is the CPU details (installed Ubuntu 18.04 recently)

root@pghome-ubnt:~# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 1
Core(s) per socket: 4
Socket(s): 1
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 55
Model name: Intel(R) Celeron(R) CPU J1900 @ 1.99GHz
Stepping: 9
CPU MHz: 1332.800
CPU max MHz: 2415.7000
CPU min MHz: 1332.8000
BogoMIPS: 3998.40
Virtualization: VT-x
L1d cache: 24K
L1i cache: 32K
L2 cache: 1024K
NUMA node0 CPU(s): 0-3
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology tsc_reliable nonstop_tsc cpuid aperfmperf tsc_known_freq pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 movbe popcnt tsc_deadline_timer rdrand lahf_lm 3dnowprefetch epb pti ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid tsc_adjust smep erms dtherm ida arat md_clear



This thread was automatically locked due to age.
Parents
  • Could also be the size of memory.

    Also the hardware encryption is missing. I think OPNSense, pfSense or Sophos SG might better suit to this Hardware.

  • what you mean by that H/W encryption AES?? sure, XG doesn't use it anyway, Sophos XG is fine it's just heavy on resource usage as it applies multiple features on the passing traffic. PFSense may be lightweight, or it was but since it was bought out and no longer free to use it become bloated too..... But i don't even consider PFSense, for me is XG with HW to utilise it properly i.e. XG Home up to 4 cores and 6gb ram.

    Its same reason Sophos suggest disabling some features on rules for their low-end Sophos boxes.....  More Memory may not help in this case depending what this user's ram capacity is they didn't say.  I'd hope it's at least 4gb min, IPS is the CPU hog along with AV scanning on traffic next......

    JK

  • I am talking about AES-NI. This helps with the troughput of VPN connections. If I understand it right it is supported on the bigger XG hardware applicances.
    community.sophos.com/.../hardware-acceleration-aes-ni-isn-t-being-used-on-the-software-version-of-xg-v18

  • Assumed you meant AES but yeah depends if you need, Doubt the j1900 has it but could be wrong as haven't asked google. 

    JK

  • Hi,

    AES-ni is not supported on low end Sophos hardware or the home edition. The j1900 will work but the GUI will be very slow and throughput will depend om your WAN link. Make sure you have the maximum memory installed eg two 4gb sticks and that your NICs are not realtek or i219 series.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Hi john_kennny - i looked into my XG 135w which should be able to handle smaller companies. Contains 6 GByte RAM and a Intel Atom C3538@2.2 GHz Compared to the J1900 Pankay Gupta is using there is not that much difference the J1900 is even faster than the J1900. (Single thread  569 vs. 647 and Passmark 1650 vs.1111). 

    The "feeling" of the webinterface on XG 135w is rather slow.

    However compared with what you are proposing - current 2/4; 4/4 or 4/8 processor this rather slow.

    i3 (i3-1100@3.6 GHz 4/8; single Threas 2645, passmark 8899) /* Did not find a 4/4 i3 */
    Pentium Gold G6500@4.1 GHz 4/4: single Thread 2567, passmark 4213)

    Do you know whether the home version is supporting Hyper-Threading? I know it is 4 cores with 6 GByte RAM but nothing about the Hyper Threading.

  • Im work with XG125 rev 2, XG135 rev 3 and both have slow WEB interface. My old test box with 4GB RAM and Intel Core2DUO CPU(P8600) with old 500G HDD(XG HW have SSD) have a lot of faster GUI... For example on XG135 you need to login and go to network then DHCP to se dhcp leases and you need around 1-2 minutes to do that. On my old test box I can do around half faster(30-60 seconds)... It load pages a lot of faster but on paper is probably same speed or slower...

    Sophos XG v18.5.x - Supermicro CSE-512, X10SLM+F, E3-1220v3 8GB RAM, Intel X520-DA2

  • Yes Home version can utilize HT as its done by the Motherboard not the OS......  As i mentioned all I try to do is max out Home Ed's max spec 4 cores whether physical or logical its no different really and then 6gb Ram + SSD for good measure.

    See I use Partaker 1U machines for my DIY XG home ed builds..  Come in I3, I5 & I7's plus SSD and 8gb ram as long as you double check the HW specs to confirm its HT or quad physical core and they run a treat, get em off amazon.....

    Along this line: -

    www.amazon.co.uk/.../ref=sr_1_1

    Just keep in mind some items have multiple models other than the CPU & RAM buttons selected and previewed from hover over with the small Icon pics under the price sections, took me while to clock that but thats where you will find the various model CPU units.. Just takes time to find the perfect model but that url should be for I5 and then just use the 8GB RAM, 64GB SSD button and your Golden... (FYI This is only for XG Home ed usage not to be used in production!!!)

    Also Atoms same issues as Celerons fine for low throughput but for decent throughput u really need XG2XX or XG 3XX models as there CPU's are XEON's if you read up on the specs but as mentioned the Partaker 1U units ive been using I5 or I7 run like bats out hell lol and multiple NIC's too.....

    JK

Reply
  • Yes Home version can utilize HT as its done by the Motherboard not the OS......  As i mentioned all I try to do is max out Home Ed's max spec 4 cores whether physical or logical its no different really and then 6gb Ram + SSD for good measure.

    See I use Partaker 1U machines for my DIY XG home ed builds..  Come in I3, I5 & I7's plus SSD and 8gb ram as long as you double check the HW specs to confirm its HT or quad physical core and they run a treat, get em off amazon.....

    Along this line: -

    www.amazon.co.uk/.../ref=sr_1_1

    Just keep in mind some items have multiple models other than the CPU & RAM buttons selected and previewed from hover over with the small Icon pics under the price sections, took me while to clock that but thats where you will find the various model CPU units.. Just takes time to find the perfect model but that url should be for I5 and then just use the 8GB RAM, 64GB SSD button and your Golden... (FYI This is only for XG Home ed usage not to be used in production!!!)

    Also Atoms same issues as Celerons fine for low throughput but for decent throughput u really need XG2XX or XG 3XX models as there CPU's are XEON's if you read up on the specs but as mentioned the Partaker 1U units ive been using I5 or I7 run like bats out hell lol and multiple NIC's too.....

    JK

Children
  • Hi,

    there's a difference between a real and a hyper thread core. Real cores uses memory  and provide 100% CPU, hyperthreads rely o ethereal core to provide IO etc and provide a lot less processing power. So for home use the recommendation is 4 real cores at the highest speed you can get at a reasonable cost and power consumption eg the unit in my signature.

    Ian

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Well in theory yeah thats always the case but in practice the perf difference is negligible, but why i always prefer I5 or I7 quad cores for reasons you mentioned but what i was going for was if you can at least use dual core with HT on I3 because Cost reasons it will still be lot faster than Dual core without HT.  HT is designed for this reason...... 2 threads pass a single core at the same time so as say lag is in ms.... 

    You are correct in the case of HT on budget CPU's although dont thing Celerons or Atoms even have HT so Intel Cores with HT be fine......

    JK

  • Hi john_kenny,

    here is a quote for you about the value add of hyper threading so people can get a perspective of extra performance.

    "For a single socket system, hyper-threading can boost system performance by up to 30%."

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • As i mentioned I agree that your right but if it came to a price barrier with choice of dual core no HT or Dual core with HT we both know what wed take lol.....  Again as mentioned why myself I go I5 quad with HT or I7 Quad with HT, at bare min I5 Quad no HT......

    Was only trying to point out that HT should be a shopping trip target, no idea where that 30% came from but depending what Gen CPU you use HT varies in perf gain and again depends on whats using HT software wise......  I do however know from Experience I3 dual core with HT running XG home ed was far superior from XG mode ed on I3 dual core no HT.... Throughput was almost double (with all features enabled that is IPS mainly as you can tweak IPS via the console to use all 4 logical cores if you have too)

    Good talk tough but you get my point and I def get yours, top man.....

    So if you in market for decent XG home Ed performer at lowest price look for Intel core IX Dual core with HT but if you can stretch to the price Go Quad as rfcat_vk said....

    JK