Qotom Q750G5 - Hardware Overview, OPNSense Install, and Performance Testing

Подписаться 4,9 тыс.

Просмотров 27 тыс.

50% 1

Picked up a Qotom q750g5 a month or so back to replace my Meraki MX64. I'm installing OPNsense to use the Qotom PC as a home firewall, and excited that it comes with five 2.5Gb Ethernet interfaces. In this video, I'll provide an overview of the Qotom q750g5 hardware, followed by installing OPNsense, and finishing with a set of performance tests. The performance tests will cover a base install with a simple config, a configuration that includes Suricata IPS, and VPN throughput with Wireguard.
Additional details on my blog: 0x2142.com/opnsense-qotom-q75...
Qotom q750g5 mini pc (affiliate link): amzn.to/3yQjleR
Links / Follow me elsewhere:
- Blog: 0x2142.com
- Twitter: / 0x2142
- Mastodon/Fediverse: @matt@0x2142.com
- GitHub: github.com/0x2142
If this video was helpful to you, please consider subscribing & sharing! Please leave a comment if you would like similar content! Thank you!!!
Want to support this channel? Buy me a coffee: www.buymeacoffee.com/0x2142
Thanks for watching!
- Matt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Chapters:
0:00 - Intro - Current Firewall & Qotom Specs
1:16 - Hardware Overview
8:07 - Create OPNsense Install USB
9:35 - OPNsense Install
13:05 - Overview of Topology used in Perf Tests
14:37 - OPNsense Install Wizard
17:53 - Interface Configuration
19:22 - Virtual IP / Proxy-ARP Configuration
19:52 - Configuring Network Address Translation (NAT) / Port Forwarding
21:45 - Perf Test with a Basic Setup
23:32 - Configuring Suricata IPS
24:47 - Perf Test with Suricata IPS
26:29 - Perf Test with Wireguard VPN (No IPS)
30:06 - Perf Test with Wireguard VPN (With IPS)
31:42 - Wrap Up
Standard Disclaimer: Any comments / opinions here are my own, and do not represent my current or former employers.

Наука

Опубликовано:

28 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 64

@bilinz Год назад

What a great video! Please continue with the opnsense content!

@murtazasaeed3410 2 года назад

My Q750G5 was delivered this morning. Didn't expect there to be any content about this obscure box, so I was quite surprised to find this. Going to subscribe in case you decide to make more OPNsense videos. Great job on this one.

@chris415-a Год назад

great video, I need to pick up one of these, your install looks easy to follow, thank you.

@serifbold5974 2 года назад

This was such a fantastic video that addressed all my concerns. The quality here is incredible. Thank you so much, I've subscribed.

@0x2142 2 года назад

Hi there! Thank you so much for the comment & sub 😊. Glad to hear you enjoyed the video!

@tylercgarrison Год назад

I've deployed 2 of these with PfSense and they were pretty awesome!

@GavinBingman 2 года назад

Great video. Thanks for making that. Answered a lot of questions.

@0x2142 2 года назад

Thanks for the comment! Glad to hear it helped 🙂

@brito809 Год назад

Thank you for the instructions!

@kleash Год назад

Very informative. Thank you.

@ecotts 2 года назад

I really enjoyed your video man, nicely done.

@0x2142 2 года назад

Glad to hear it! Thank you for the comment 😊

@matldn2697 Год назад

I have had a Qotom: i5-5250U, 8GB RAM and 120GB SSD since 2017. Use pfesense - fantastic!!

@AryaNakh Год назад

Incredible video!

@tonylofreso9579 2 года назад

Great video!

@andymok7945 Год назад

Nice video. I have been running pfSense on a 6 port Qotom mini PC for 4 years and works great. Unless I miss heard you, that is an mSATA SSD and not M2 SSD.

@daninmanchester Год назад

I have a similar N5105. It looks very similar. I run XCP-NG on it then Opnsense. very capable, but it does run a bit hot so I got a tiny 40mm fan and it makes a big difference.

@michbret123 Год назад

Very nice video ! Thanks I have almost the same mini PC from another brand (Intel J4125 + 4 x 2.5Gb Eth) so I was really interested by your test since I am planning to use pfSense on it. I will post here my result when my setup will be finished. Best regards

@0x2142 Год назад

Awesome! Glad to hear it was useful. Hope your system works great too!

@Chris-ji8jw Год назад

Wow, that was pretty cool. Thanks for sharing that ( :

@flow7007 2 года назад

Thanks for your test! Can you say something about power consumption (idle, stress 1 core, stress all core, "normal use")?

@MarekCezaryWojtaszek Год назад

Great video, thanks! In my case 8g RAM 128GB SSD would be more than enough and it costs $174. Unfortunately I leave in EU, it there does not seem to be way to ship it to my country, unless there is a way I am not aware of...

@Phil-D83 2 года назад

J4125 is sufficient. There is a version with the newer n6005 cpu and the tigerlake i7 mobile cpus. Using a custom built Frankenstein opnsense box with a ryzen 3200g at 4ghz and 16gb ddr4. Maxes wireguard and openvpn on my gigabit connection with snort, clam av,etc.

@dohyea6093 Год назад

Thanks for all the info! Looks like even 8g of ram might be overkill. Spend less on ram and more on cpu. Am curious what cpu level would end the capping out on test. To the pfsense people, when I tried installing pfsense on my n5105 box it wouldn't install because of lack of drivers for the 2.5 nics.

@an_birb 2 года назад

ur the best owo

@TangDynasty1983 Год назад

Thanks a lot for the video! Is it possible if you can make a video on how to configure multiple trunk ports on multiple NICs (acting like a switch) on OPNsense. I just received my Qotom Q1012GE and it has 8 NICs. I would like to utilize four of them to form a switch. I want all four of them to be trunk ports, carrying the same tags on each trunk (native, VLAN10 and VLAN20). Is it even possible at first? If so, how to configure? And will it affect the firewall rules? Thanks again.

@youngyadie Год назад

can you connect to the firewall dashboard without the box?

@Dvalin21 Год назад

Would love to know if the wifi worked with opnsense or not. I need an all in one

@HuyLe-qc8jc Год назад

I am testing out a similar system based on the N5105 processor. Heat is a concern. At idle, the chassis is about 50C (122F) and the CPU core temp is 60C (140F). I am not sure how long these system will last running at these temperature continuously. If you are interested in buy these, I'd look for ones that have extensive fins to keep the system cool or go for ones with a fan.

@0x2142 Год назад

Yeah, I think heat is definitely going to be a concern long-term. Been running this box since I posted the video, and it idles between 150-170F most days.

@wshyangify Год назад

I have a similar j1900 box that's also fanless. It always felt very hot to the touch but it had lasted almost 7 years.

@TangDynasty1983 Год назад

Thanks for the video. Is Qotom providing BIOS update on their website? If not, is it gonna be a problem in the long run? Thanks again.

@0x2142 Год назад

Qotom does provide some BIOS updates on their website, though I haven't seen any yet for this specific model. For what it's worth, I've been running this box for about 10 months now & haven't had any issues.

@IAmZen_007 Год назад

What is the average electricity consumption?

@ashrafulalam1734 8 месяцев назад

From AliExpress i got similar box with N5105 i226-V network ports, 16gb ddr4 RAM, 256GB nvme m.2 SSD, the unit runs very hot which is my main concern - any suggestions?

@javiermitchell7073 9 месяцев назад

Thanks very much for your review and the tests. I got a similar mini-pc without active cooling. would you mind telling us how hot were the cpu temp sensors during normal workloads? my one is running most of the time at 60 dgrees celsius , so not sure if this is normal

@0x2142 9 месяцев назад

Hi there! So I've been running this box for a while now, and so far have had no issues. Going through the history I have, CPU temp seems to average between 50-60 Celsius. For what it's worth, mine is in a small space that's shared with a few other mini-PCs and a NAS.

@ChrisDePasqualeNJ Год назад

ProXmoX ?? I have two WAN ports that give me two dif WAN IP's from my ISP. Currently I have them both configured to two different Routers - about 50 devices. But this is becoming a hassle when trying to print etc. I think I may just combined them and do Multi-WAN fail-over and Load Balancing. But I all so want to segment my LAN with separate vLAN's. One for IP Cam's - Streaming - Gaming - VOIP - etc. Can you make a video showing how to do that?

@AryaNakh Год назад

Exact same situation for me!

@DugB0915 6 месяцев назад

Would you stay with the ssd they shipped or would you replace it with something that has a better reputation for reliability?

@0x2142 6 месяцев назад

I'm coming up on about 2 years of having mine running 24x7 as my home firewall. So far I haven't run into any trouble & it performs just fine. That being said, my use case isn't likely the most disk-intensive - so perhaps it just depends on the use case. I think at this point I would just keep the one they shipped unless anything comes up.

@mikemcmahon67 Год назад

So it's been awhile. Still working well? How were the temps during those high CPU tests?

@0x2142 Год назад

So far so good - This box is still my primary home firewall & no issues to report yet! I didn't take temps during the stress testing, but I'll certainly add that to my list for next time I do something like this. During average daily usage though, it's fluctuating between 120-140°F

@mikemcmahon67 Год назад

@@0x2142 yeaahhhh....not comfy with putting a passively cooled box running at 120-140F in an enclosed space, especially when that's where it sits under standard load.

@AlanDike Год назад

You sold me on this unit.. though I went with no drive or ram since I have 8gb sticks here and a 480gb 2.5" ssd I'm gonna toss into it. The NIC's were detected at install and no oddball issues with em right?

@0x2142 Год назад

Awesome! I hope you enjoy the unit - mine is still running smoothly. Everything was detected properly during install, no issues 👍

@AlanDike Год назад

@@0x2142 I'm really looking forward to it. My opnsense image had a bad partition table ,so I ended up on pfsense CE. It's been an interesting struggle since I've been doing it from within my environment trying not to drop things, creating a trunk port, etc... I don't think I"m gonna be able to push this in the least... It's only gonna be handling like 3-4 zones (untrust, private, general use lan, lab, wireless, and storage) with a little bit routing, very few rules... Just doing the install I"m not seeing any heat at all, not even breaking 40C on the processor. Got a bare bones and dropped an 8gb sodimm I had laying around and a 400gb ssd (also had it laying around).. So far I'm quite impressed on how well it runs. I was expecting much less responsiveness from it...

@AlanDike Год назад

@@0x2142 Ended up with pfsense.. my download of opnsense had an invalid partition table and I sad f it lol. Been running smooth. I see 50% max cpu load when running speedtests, and it sits at about 35-37C under normal use... Really happy with it, just a learning curve. Been 20 years since I messed with FW's

@0x2142 Год назад

Awesome! Glad to hear it's been working well for you!

@b4g4b3l Год назад

hi there, do you think OPNSense would work in an VM ?

@0x2142 Год назад

Yeah absolutely! I have a couple VM instances in my lab that I use regularly & it works great 👍

@b4g4b3l Год назад

@@0x2142 what do you use as os ? i was thinking of installing truenas scale and doing a vm of opnsense in there

@0x2142 Год назад

I use VMWare ESX. Never tried out True NAS, but it should work if it supports VMs

@rsadix1 Год назад

Great Presentation! I would like to see you show a configuration of a site to site WireGuard VPN (branch to HQ) with the main HQ site in a dual WAN failover. Instead of routing all traffic through the VPN from the branch to HQ, just some of the traffic that is hosted by HQ (shared network drive, private web application, etc.) so that regular internet traffic can still use the branch ISP (spit VPN). Then how does wan fail over handle that VPN tunnel if the HQ primary ISP goes down.

@gwojcieszczuk Год назад

What's surprising, is that you wouldn't get even 50% of that performance if using Cisco router up to 2k $.

@0x2142 Год назад

🙃

@gastonhitw720 Год назад

those are all lan ports? can I use them as wan?

@0x2142 Год назад

Hi there - Any port can be used as LAN or WAN. While OPNsense will automatically assign one LAN & one WAN port, they can be reassigned. I'm using the first two ports on mine as WAN, since I have a primary & backup internet connection - then I use the rest as LAN.

@TangDynasty1983 Год назад

@@0x2142 Is there a fail over configuration option for OPNsense?

@robertwestinghouse4098 Год назад

Great...but you were too fast on the validation of the file. I tried to search on google but it did not work. I am on Win 10 ..please can you be a little more simple for validating the download

@0x2142 Год назад

Hi there - I use an application called HashTab, which adds a new tab in the Windows file properties for calculating SHA/MD5 hashes. Using this tool, you could copy a file hash from the OPNsense download page, then right click on the file & click properties. The utility would add a new tab that automatically calculates & compares file hashes for you. Unfortunately, I just found out it was discontinued a few months ago - but there are other softwares that should be able to do the same thing. If you search, there are still downloads of the HashTab utility available too, but they are no longer updated/supported.