The TZ210 (single core) cpu is maxed out during transfers to the datacenter, which I thought was the bottleneck. High-Capacity Performance Featuring 10G SFP+ interfaces, the Security Gateway XG supports up to 20,000 clients for enterprise‑level businesses, stadiums, hotels, and large‑scale deployments.

I almost decided that I am not going to wait for UBNT to do the right thing.

I apologize if this has already been discussed, a quick search did not come up with any definite answers. So over the last couple of days I have been finding out all the stuff that is lacking.. Don't get me wrong - it is handling my 500/50 connection fine..

See our newsletter archive to sign up for future newsletters and to read past announcements. Your browser does not seem to support JavaScript. I am fairly close to pulling the trigger on a few USG Pros and USG's, but I can't find anything good about the site to site VPN speeds. PS. Life is too short for updating firmware manually, or to spend recovering data after being hacked because your firmware was not updated.

While the dpi stuff is interesting.. Not sure how it would compare to just installing ntopng package on pfsense?

I apologize if this has already been discussed, a quick search did not come up with any definite answers.

I am currently getting about 50Mb/s (using iperf3 for tests) through the Sonicwall VPN which is not too bad. I have two sites each with a USG-3P connected with IPsec VPN. I also considered Synology router as I already a Synology DSM but it seems that it suffers from OpenVPN low performance and that is not a priority for them. I lock my plex down to the amazon blocks of networks they are using.. A few /12 and /15, etc.

While that would be another step in right direction, they are still very very far behind that is for sure.. The usg dhcp doesn't even allow for a simple reservation.. Cool, thanks for the link. Enterprise Gateway Router with Gigabit Ethernet. Quite an interesting thread as I am an UBNT user myself and my original plan was to get one of their routers.

Is there some other aspect of the info your looking for like the DPI stuff that unifi can do? I am at my wits end with Sonicwall and its licensing/support/etc.

UniFi Dream Machine, UniFi Dream Machine Pro and UXG-Pro.

Comparison of UniFi security gateway models including UniFi Security Gateway, UniFi Security Gateway Pro.

After firing up the usg, I quickly found that its has really zero dns support.. If one just wants to see the throughput which is passing via pfSense why not capture that at the switch port via simple SNMP tool like Cacti? Without having to edit the client after its already gotten an IP in the controller client listing. So while I am letting the usg do the routing and nat.. Build your high‑performance network with the UniFi® Security Gateway XG. ".

Combining robust security features and advanced routing technology, the Security Gateway XG delivers unprecedented network security and throughput in a cost-effective unit Once they add Open VPN to the GUI most of the things keeping me on pfSense will have been addressed.

Is it possible to plug a Unifi Security Gateway between my modem and the pfsense box, or between the pfsense and switch, to see the throughput information provided by the USG? Integration with UniFi Controller: Bundled at no extra charge, the UniFi Controller software conducts device discovery, provisioning, and management of the UniFi Security Gateway and other UniFi devices through a single, centralized interface. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Cookies help us deliver our Services. After watching them for about 2 year, it seems that there is a LOT confusions at UBNT and their software development is very slow and confusing at least. the Security Gateway XG delivers unprecedented network security and throughput in a cost‑effective unit. Anyone have anything to speak of regarding site to site VPN speeds? I am fairly close to pulling the trigger on a few USG Pros and USG's, but I can't find anything good about the site to site VPN speeds.

The creation of firewall rules is very clunky at best.. And doing a simple port forward into my plex server required a long list of rules since you can not use multiple netblocks in the same rule as source.. So you have to create multiple rules to allow the port forward from different ips or netblocks. They are working now on UNMS which is supposed to integrate also with EdgeOS range of products but …. The USG (UniFi Security Gateway) and EdgeRouter devices are two product lines that target a similar market – I would say the SOHO and SMB enterprise market (although there are higher-end models that can be used in larger corporate networks) – so these two product series are very often the subject of comparison among professionals and users. I'm getting close to 150/10 speeds between the two. Results may vary a bit, test was run on a active network with users on the connection. I am still trying to find the HW to order for pfsense as the SG one seems far outside what I am willing to pay for. Here are my results just now on active network with users doing their thing. Looks like your connection to Netgate Forum was lost, please wait while we try to reconnect.

I've had some Unifi AP's for a while and absolutely love them and the interface. That is what the monitoring traffic graph would show you for whatever interface you want. NoScript). I am a big fan of their APs, and for the price point the usg is not a bad little box..  And if they continue to mature it - it will for sure be a viable option for many a budget minded user that is for sure.

We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats. I may add some for security/Voip/wireless/etc in the near future, but for now it's just a subnet per site with IPSec tunnels back to the datacenter. © 2020 Rubicon Communications, LLC | Privacy Policy.

My opinion might be a bit fanatical when it comes to pfsense since I have been using it for so many years and have watched it grow and mature…  And I sure hope the usg gets there, but for me - its a few years behind for sure.. pfSense fits a fairly niche market, at least for home users).

I've had some Unifi AP's for a while and absolutely love them and the interface.

One has a 500/500 FIOS and the other has a 200/15 Comcast. I have 2 sites on 100/100 fiber running USG4-Pros; Ill run some Iperfs and report back. I can live without the vpn access and HE ipv6 tunnels until I get my pfsense running on hardware - sometime in nov I hope.. Unifi Security Gateway - I just want the throughput info. And then the specific IPs of my sons and friends that I allow to access it directly. But for those that fall into that niche, pfSense is a really exceptional tool. I do not have any shaping enabled - but I will test how bad of hit it takes when you try that.. You hit on openvpn.. Yup, mainly just lighting up the rest of the Unifi dashboard and the more detailed stats from DPI (although they have their shortcomings too). New comments cannot be posted and votes cannot be cast.

I have a datacenter and then 2 corp offices, all of which are 100/100 fiber. I haven't had time to test it myself, but plan to over this long holiday weekend.

Dhcp - again while yes people want pfsense to be able to handle dhcp for networks its not in.. In case it was not clear: I don't fancy fully DIY software: I would consider only a device where I can enable OS auto-updates. "Once they add Open VPN to the GUI most of the things keeping me on pfSense will have been addressed. By using our Services or clicking I agree, you agree to our use of cookies.

Still UBNT had two different blends: USG which is less configurable by advanced users and EdgeOS based one which is more power but not yet integrated with their UniFi Controller. Press question mark to learn the rest of the keyboard shortcuts.

After two years of stagnating, the USG is finally maturing into something useful with the latest beta controllers. The Unifi Security Gateway extends the Unifi Enterprise System to provide cost-effective, reliable routing and advanced security for your network. I/O includes one dedicated console port and three 10/100/1000 Gigabit Ethernet ports. This topic has been deleted. Our network is extremely simple in regards to its layout, I have no VLANs or any need for them at this time.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e.

Press J to jump to the feed. The UniFi ® Security Gateway Pro extends the UniFi Enterprise System to provide cost-effective, reliable routing and advanced security for your network. I have left my pfsense vm to handle dhcp and dns duties.

The OpenVPN performance requirements make the search quite hard. sweet jesus you're kidding!

they fail to deliver working software... not to mention this interesting issue I found yesterday https://github.com/Ubiquiti-App/UNMS/issues/86. This is an unofficial community-led place to discuss all of Ubiquiti's products, such as the EdgeRouter, UniFi, AirFiber, etc.

So that is a lot of rules I had to create for 1 simple port forward. I then have 6 small remote offices with cable/Uverse connections ~25/5 with a few guys in it, light use.

Time to click order finally and give it a go!

https://pics.me.me/much-obliged-made-on-imgur-much-obliged-19344215.png. I am at my wits end with Sonicwall and its licensing/support/etc. So, as times passed pfSense looks more and more interesting especially because I want both: a linux configurable router where I can to advanced things but also a simple web gui for doing basic things, like looking traffic load, changing DHCP assignments.