Dealing with old computers after an upgrade is very a common problem. Sure, there are the obvious solutions like selling them or giving them away, but these approaches carry some problems (e.g. personal warranty, recipient not happy to receive a very outdated unit, red tape, etc.) that make them somewhat impractical.
There is another option: turn them into a firewall/router using pfsense.
Tech-savvy readers might ask what’s the difference between doing this instead of just upgrading your router’s firmware using DD-WRT or the like. Well, for starters, most of the routers sold in the Philippines are nerfed versions of those sold outside the country and don’t support custom firmwares. This simply means that it’s much easier to setup a pfsense server in this country than to setup DD-WRT.
In terms of features, pfsense and DD-WRT have features to distinguish themselves from the other. Obviously, you can’t control wireless signal strength in pfsense, and DD-WRT has some firewall features that are missing in the former. On the other hand, pfsense allows packages to be added to it like squid and nmap. It also has these funky RRD graphs:
The one feature that really caught my eye is support for load balancing. This allows you to consolidate two or more internet connections on your router, whether it’s for simple load balancing (bandwidth usage is spread between the ISPs) or for failover (when one ISP fails, the connections are routed to the other ISPs). With this, you could subscribe to two crappy DSL providers like, say, PLDT and Globe, and still have a relatively higher uptime than you would normally have.
You could buy a dedicated load balancing router, but the cost difference between that (PhP 4,000+) and an extra lan card (PhP 100-PhP 150 in surplus shops) and the thought that your old PC would probably be much more powerful than the puny chip inside that router make pfsense a more logical choice.
The biggest downside to using pfsense instead of dedicated router devices is the power usage, which can be anywhere from 5 to 20 times that of a typical router. Expect a slight increase in your power bill, especially if your “old” PC is one of those power guzzling Pentium 4s or Athlon XPs. You can try to underclock them, but I don’t expect to see much of a difference.
With all that talk out of the way, let’s move on to the actual installation.
What you need:
- an old PC – you only need the following: CPU/motherboard, RAM, power supply, hard drive, casing, and at least 2 ethernet sockets. For missing or defective parts, you can get replacement parts from computer surplus shops in malls (or in your neighborhood, if you’re lucky). Heck, if you buy all of this from scratch at a surplus store, you probably won’t spend more than the price of a typical wifi router.
- CD-ROM drive and keyboard from your current PC – for installing pfsense.
- download the LiveCD with Installer and burn it on a CD.
- Note that pfsense requires you to format the entire hard drive so backup files from the hard drive beforehand if you’re feeling nostalgic.
- Extra ethernet cable
Installation is pretty straightforward:
- Setup the PC. You’ll probably add the extra LAN cards, CD-ROM drive, and keyboard at this point. Don’t forget to change the boot sequence in the BIOS to use the CD-ROM drive first.
- Boot up the LiveCD and go to Installer when the OS prompts you.
- Install using defaults (screenshots here). The system will reboot at the end of the installation.
- When prompted for VLAN setup, answer no.
- When prompted for LAN and WAN, first use autosense to list down the available interfaces. Then just guess which of the listed interfaces would be for LAN (the one you’ll eventually connect to your router) and WAN (the one you’ll eventually connect to your DSL modem). Don’t worry about guessing them wrong, you could always change them in the console and the web interface.
- Connect your PC or laptop to the LAN socket of your new pfsense server. Open a browser and go to http://192.168.1.1/. In case you didn’t see the default credentials at the end of the installation, the username is “admin” and the password is “pfsense”.
- Go through the wizard.
- After finishing the initial setup, connect your DSL modem to the WAN socket. You should now be able to access the internet at this point.
- To make your router cooperate with your new pfsense router, you’ll have to convert it to an access point (or a switch, if your router doesn’t have wifi). Normally you’ll just need to disable the DHCP server, change the router address to avoid conflict, and connect one of the LAN ports (not WAN) to the LAN of the pfsense server. Here’s how to do it with DD-WRT.
And that’s it. Assuming you already have all items at hand, this should take only 30 minutes, a far cry from the afternoons I spent installing DD-WRT on a D-Link DIR-300.