Use my referral link for £100 Amazon voucher when you join Community Fibre!

I recently got set up with Community Fibre Internet. The latency and bandwith are fantastic, however the Linksys Velop routers are bare bones, so I decided to just use it as a wireless bridge and replace the routing / firewall aspect with a custom Pfsense device.

I bought an n5100 fanless mini-pc from AliExpress. You can get bare bones and buy the drive & memory yourself.

I then installed Proxmox. I recommend you enable the non-free repository and install the intel-microcode package (otherwise VMs will crash) – this may no longer be required for Proxmox 8.

(I already have a Pi-Hole handling DNS & DHCP – you can do this in docker inside another VM on the n5100 if you like).

On proxmox one interface was designated LAN * – connected to my internal network & one WAN – initially unconnected and bridges (vmbr0 & vmbr1) were created for both of these.

I then installed pfSense from ISO image, configuring the 2 interfaces as above.
Finally I moved the WAN cable from the Velop to the n5100 WAN port. Shortly after DHCP got an external address (different from the original, based on MAC?) and I was connected.

Finally, I changed my default gateway on my static devices to the LAN address of the pfSense VM and also changed it in the piHole DHCP settings & reconnected devices.

Post install I disabled intel turbo boost to keep the CPU temperature down. Update: I re-enabled turbo boost and instead bought a USB fan from AliExpress to sit on top of the case.

* Actually I used a bonded pair, but you require special switch support for this.