Firewalla Gold - The Gold Standard for Firewalls?

  Переглядів 87,690

Gary Explains

Gary Explains

2 роки тому

The Firewalla Gold is a prosumer or small business firewall with an impressive set of features including ad blocking, traffic shaping, load balancing between two Internet connections, failover between two Internet connections, safe search, a VPN client & a VPN server, Docker, and more! Here is my review.
More info on the Firewalla Gold: geni.us/bK4Y4ef
(Not an affiliate link).
Introduction to Android app development: www.dgitacademy.com
Let Me Explain T-shirt: teespring.com/gary-explains-l...
Twitter: / garyexplains
Instagram: / garyexplains
#garyexplains

КОМЕНТАРІ: 289
@Henfredemars
@Henfredemars 2 роки тому
It took a few months, but this video introduced me to the world of consumer routers with built-in intrusion detection and prevention systems.
@Black_Kakari
@Black_Kakari Рік тому
I just bought the Firewalla Purple for my home, your video, although for the Gold, is going to help me set up the purple
@JoeyBaby47
@JoeyBaby47 2 роки тому
Other than the simple setup, how is this different from pfsense? Can you set this up from a browser or just from the phone?
@oscarmvl
@oscarmvl 2 роки тому
Thanks for he video, it does seem like a very robust solution for someone who doesn’t want to spend hours trying to setup a firewall, and especially taking into account the throughput that you get, and it being fanless which means you can hide it in the comms box next to the ISP modem.
@rodster1972
@rodster1972 2 роки тому
Brilliant and glad to see its avail in Australia also - just purchased one because of this video. Been looking for a device like this that is simple to sue and has the granularity to configure and monitor everything on my network. For a family its great for keeping Teenagers and kids at bay on the internet. Only place in OZ that sells it is LTS Security in Australia is where I got mine from.
@shubhampatil5251
@shubhampatil5251 2 роки тому
Garry can you make video on various 2FA methods, best account protection practices ?
@olafschermann1592
@olafschermann1592 2 роки тому
Same from me: Yubiko key is a/the most solid solution. Includes a great password manager. If you want to avoid hardware keys at least use Google or Microsoft Authenticator at EVERY place that supports 2FA. Especially if breaking in could cost you money or other troubles. Examples are AWS/Google/Azure cloud VMs or protecting your internet domain or the mail account you use for password resetting (like for your domain. Who has access to your mail account can own your domain/twitter account/…)
@TheIcarusSystem
@TheIcarusSystem 2 роки тому
Nice timing, I've been looking for alternatives to my pfsense box.
@stalksover8409
@stalksover8409 2 роки тому
Was going to buy dream machine pro coming from pfsense and Cisco router. Firewalla Gold is awesome love the anti lockout feature using Bluetooth, easy to setup networks and vlans, statistics are good, ips/ids seems to work nicely and no noise. The web GUI isn’t good I’ve had no issues managing the device via the app in fact it is easy. I love the inbuilt ddns. If your looking at a firewall really consider this device.
@bamabaso
@bamabaso 2 роки тому
I bought and setup the firewall gold primarily because of this video. Super well explained, Gary!
@danielcookeb90
@danielcookeb90 Рік тому
Brilliant Gary, keep em coming.
@raphaelgman9265
@raphaelgman9265 2 роки тому
Great explanation the setup has been perplexing me as well, I think I had the double NAT issue going on because I couldn't affect my individual devices this video will help.
@ISMAILOMAR_ISH3000
@ISMAILOMAR_ISH3000 2 роки тому
Thanks Garry, I have been looking for something like this.
@Flameboar
@Flameboar 2 роки тому
Thank you for another excellent video.
@ImaITman
@ImaITman Рік тому
Holy crap it has docker!!!! That's freaking amazing!
@knjpollard
@knjpollard Рік тому
Just got the gold plus that is 2.5gigabit. I am going to set it up first behind my router, but will also be trying it as my router.
@leonardobehrens1204
@leonardobehrens1204 2 роки тому
Good video. Like all things Internet. Lots of "individualists" saying here they have something cheaper etcetera etcetera. All in all they forgot : 1 That takes time 2 each individual had to tweak the device one way or another to different specs. 3 everyone had different knowledge and backgrounds The device is supposed to be convenient without taking all your time. Suggestions or comments are way better if they compare apples to apples. Not apples to....pudding.
@TLOH7
@TLOH7 2 роки тому
I have mine ISP Modem >> ISP router >> firewalla (connected from Lan port from router). It stills monitoring the devices connected to my network. Am I doing this the right way? I gotta tell, then costumer service is not a newbie friendly one. I'd really appreciate if you could advice me! Thanks!
@AmericanPatriots87
@AmericanPatriots87 2 роки тому
Have used the Firewalla Gold and Blue. Love them! Super easy to deploy and manage. Personally, the Gold or Purple are worth the money over the Blue.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
I agree and only had it a couple hours now. Giving Unifi the boot.
@pschulte
@pschulte 2 роки тому
Nice review Gary. Curious if you can share what LTE router/bridge (make/model) you are using for your failover WAN connection?
@GaryExplains
@GaryExplains 2 роки тому
I use a TP-Link Archer MR600 4G+ because it supports Carrier Aggregation.
@mtxpert
@mtxpert 11 місяців тому
Just got my Gold Plus and installed it, so freaking awesome to be able to go full pipe on my 1.2G internet connection finally!
@konman181
@konman181 Місяць тому
Literally what I'm here for too 😂 how were your LAN speeds? I'm looking at the 2.5gbe one.
@mtxpert
@mtxpert Місяць тому
@@konman181great, everything works perfectly
@amateurwizard
@amateurwizard 2 роки тому
0.7 seconds, the record holder for fastest intro
@1MarkKeller
@1MarkKeller 2 роки тому
*GARY!!!* Good afternoon Professor! Good afternoon fellow classmates! Stay safe out there everybody!
@GaryExplains
@GaryExplains 2 роки тому
MARK!
@anthonyshort8957
@anthonyshort8957 2 роки тому
Great vidieo, thank you. My ISP requires a VLAN tag on the WAN traffic, do you know if the Firewalla can do this?
@GaryExplains
@GaryExplains 2 роки тому
If you look at 14:15 you can see that there is a field for VLAN ID when creating a WAN configuration.
@nahco3994
@nahco3994 2 роки тому
I feel like at that price point, the Firewalla Gold should really be compared to the entry level models from Fortinet or Barracuda. Do you know how it holds up against those names?
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Worlds easier to setup, use and get useful information from the Firewalla and the throughput is still there.
@izhaanabid5312
@izhaanabid5312 2 роки тому
just picked on of these with other bits like POE heaps of stuff on local auction site for 75 bucks, now that i watched this video and checked the price for these, great investment, and honestly i am sick of pfsense too much to muck around with.
@angelorestrepo
@angelorestrepo 2 роки тому
Does it offer antivirus like some other alternatives? Can the system boot up allows you to boot up to another OS in case this company goes bankrupt?
@gamerzer0004
@gamerzer0004 2 роки тому
I own three "Golds" and they work perfectly. Its an amazing firewall that gets updated with great new features. Their customer service and tech support is great. There is a new Purple one... We need Gary to explain that to us too :)
@SixLowa
@SixLowa Рік тому
So is firewalla a security program built into hardware?
@pierrepaniagua
@pierrepaniagua 2 роки тому
How do you compare this to a ubiquiti UDM pro?
@briandsouza7854
@briandsouza7854 2 роки тому
Hello Gary, can you make a video on how zero knowledge password managers work? I want to know how does the server authenticate the hashed key if it doesn't save anything. I am talking about Bitwarden here, I checked their security whitepaper but it is not clear and hard to understand.
@ernstoud
@ernstoud 2 роки тому
Try to find an explanation on public key exchange.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
An overlooked point is if you put a wireless cable modem into "bridge mode", it will connect your Firewalla directly to the internet as expected, but you will lose the wifi portion of your wireless cable modem. Alot of ISP modems come with wireless capability so in order to keep the wifi you will either buy a new wifi router or access points and attach them to the LAN side of the Firewalla, OR you will not bridge the cable modem at all. If you don't bridge the cable modem, then, as the video explains, you will automatically have a double NAT network, which is perfectly fine, useable and FAST, unless you need special access from the internet using a VPN or some specific connection. For home use or very small business uses, I find double NAT helps serve as a non-intentional security hurdle against hackers.
@IBITZEE
@IBITZEE 2 роки тому
Nice video... but... Why the comments on your video "How to crack passwords - Gary Explains" were disabled???
@GaryExplains
@GaryExplains 2 роки тому
Because it was getting spammed all the time. So I disabled the comments.
@timothythanop
@timothythanop 2 роки тому
If I have an unmanaged switch, where should I connect it Please help?. Thank you in advance. Is it between Gold and AP (Mesh network)?.
@GaryExplains
@GaryExplains 2 роки тому
This page has very clear instructions for the different scenarios help.firewalla.com/hc/en-us/articles/360046669734-Firewalla-Gold-Tutorial-Installation
@PlanetCypher_
@PlanetCypher_ 2 роки тому
Does the WAN port support pppoe ? I'm assuming it's just an ethernet port, I need a decent firewall with VDSL WAN port.
@GaryExplains
@GaryExplains 2 роки тому
Yes the WAN port supports PPPoE, but I haven't tested it.
@UPsideDOWNworld321
@UPsideDOWNworld321 2 роки тому
but why do you need firewall for a video camera ? do the camera move ?
@Stelios.Posantzis
@Stelios.Posantzis 2 роки тому
Having to access it via a mobile device in order to set it up is a big disadvantage in my opinion. Does it really matter? It depends.. but I would like sth that I'd be able to set up via a regular pc over both a cable connection or wifi.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Very little setup, a few questions is all and they guide you right through. I think the mobile device app is a big plus. I can screw around with the device anytime, even in bed at night and who isn't going to have a mobile device on them?
@dinuguan510
@dinuguan510 2 роки тому
So your phone has to be on the same WiFi and connected by Bluetooth to access the UI? i.e. no cellular admin access at all?
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Just connected via Bluetooth, unless you have the optional Wifi dongle/antenna.
@lailiag5040
@lailiag5040 Рік тому
If I put a switch between the firewalls gold and the mesh nodes, would the firewalls still be able to monitor?
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
yes, switches are normally dumb devices that just pass the traffic along.
@paulgray1318
@paulgray1318 2 роки тому
Best firewalls come in pairs from two different manufacturers so if one is explioted by a zero day, then the second wont as different supplier.
@SApcGUY
@SApcGUY 2 роки тому
lol funny joke
@c1ph3rpunk
@c1ph3rpunk 2 роки тому
The vast majority of Bad Guys won’t burn an 0day on normal humans, they’re reserved for special purposes. That’s akin to sending the SEALS to install a deck.
@futuresocieties.
@futuresocieties. 2 роки тому
@@c1ph3rpunk Ah, so aliens?
@c1ph3rpunk
@c1ph3rpunk 2 роки тому
@@futuresocieties. Kaseya
@mrcvry
@mrcvry Рік тому
Firewall of the isp router and behind that the Firewalla as a second line of defense.
@FlorinArjocu
@FlorinArjocu 2 роки тому
I don't think some regular small business owner or home user would know how (or want) to make their own firewall, so this would be handy, you buy it and install it. A custom one also needs maintenance, updates, this probably gets security updates. Anyways, it also needs a fiber wan port. I'd like something like this, but I have a box with everything inside it (modem + wifi router that has a separate 1Gbps wifi channel for TV's box, so I don't have any cables between the tv small box and the modem&router&co. thing). Beside the lacking wan fiber connection, this TV channel is probably also a game stopper for me :(
@LifeKeysEnglishLanguage
@LifeKeysEnglishLanguage 2 роки тому
I love this Accent. Are you really British, sir? learning of your channel, i will get your accent the same. thanks a lot.
@thomaslemaire1846
@thomaslemaire1846 2 роки тому
Good product but why should i prefer this instead of edgerouter er-x that is way more cheaper with same features
@The_Lotus_Flowerr
@The_Lotus_Flowerr 2 роки тому
Very underrated
@SystemsPlanet
@SystemsPlanet 2 роки тому
I love my pfsense firewall walls. I never see ads. My cameras cant reach the internet.
@jk-mm5to
@jk-mm5to 2 роки тому
Opnsense has nicer interface and is more compatible with uefi only bios.
@Mombasa2201
@Mombasa2201 Рік тому
I need to access geo-restricted sites in the US while outside the US. Would this work?
@GaryExplains
@GaryExplains Рік тому
You need a VPN, not a firewall.
@Kaelleonm4913
@Kaelleonm4913 28 днів тому
do physicall firewalls slow down internet speeds?
@Placesandspaces35
@Placesandspaces35 18 днів тому
I have 2 Firewalla Gold Plus boxes and i get the full speeds on my internet plans through them. Best purchase i made probably in the last 5-10 years easily.
@ernstoud
@ernstoud 2 роки тому
This is only useful if the modem/router or ONT of your ISP allows to be put in bridge mode. Otherwise you end up with double NAT.
@GaryExplains
@GaryExplains 2 роки тому
But double NAT at that point doesn't matter. How does that make it not useful?
@mrcvry
@mrcvry Рік тому
Have used it like that for years. No problems. Makes a DMZ between those two routers.
@spaceiswater6539
@spaceiswater6539 2 роки тому
Need it work on a web interface really and not a phone application because if they stop making the app the hardware simply becomes junk. Great video Garry but the firewall lacks the most important feature of all a web interface.
@GaryExplains
@GaryExplains 2 роки тому
There is a web interface but it is still in beta: help.firewalla.com/hc/en-us/articles/360049873154-Does-Firewalla-have-a-web-interface-
@spaceiswater6539
@spaceiswater6539 2 роки тому
@@GaryExplains It does state on the link you provided "The web interface is to complement the mobile interface; You still need a mobile device to log in to this interface." 'You still need a mobile device to log in to this interface'
@mrcvry
@mrcvry Рік тому
What if they stop making the hardware? Will the app be junk? 😄 Azure has teached me to hate those damn web interfaces. Slow and buggy.
@propacollector3499
@propacollector3499 2 роки тому
wpuld modem then firewire to a switch work
@temoteocao5906
@temoteocao5906 Рік тому
You mean you can't manage it through console or http? only through phone via Bluetooth?
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
You can SSH into it, or use a browser or whatever phone or tablet you have using an app. Bluetooth is only for first time startup for initial options so the device can mesh into your network. Otherwise, Bluetooth is only used as a No-Lockout feature in case you somehow lock yourself out. I dont see how that can happen via the routers UI.
@Dorff_Meister
@Dorff_Meister 2 роки тому
Thanks. Seems decent. Configuration by phone is sort of a deal breaker for, for me although it seems they have a "beta" web interface. I'm happy with my Netgate 2100 running pfSense, but it's nice to see what else is out there.
@matldn2697
@matldn2697 2 роки тому
Agree, PFsense is superb. use a Qotom i5 8GB RAM with a 120 GB SSD. Long term powerful mini PC that does it all.
@DUNCEATRON5000
@DUNCEATRON5000 Місяць тому
I love my purple , so good
@acerides1724
@acerides1724 Рік тому
Are these multi gig ports? I currently have 2.5gb and 1GB isps. If I link aggregate both, do I get 3GB? Yes, I got 10gb, and 2.5gb computers.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
No. Computers don't work that way.
@jp_manns
@jp_manns 2 роки тому
hello gary!!
@jcgoobee
@jcgoobee 2 роки тому
I love my Firewalla Gold from Day 1. The responsiveness of their support team is second to none. It makes my network administration tasks so much easier. It's not cheap but you get what you pay for.
@boeske1980
@boeske1980 2 роки тому
I had problems to setup my VPN client, the supportteam responded everytime within a day, they sorted it out in a few days because the vpn's i got aren't that popular.
@jcgoobee
@jcgoobee 2 роки тому
@@boeske1980 I use private VPN and was able to set it up within minutes. 😁
@boeske1980
@boeske1980 2 роки тому
@@jcgoobee problem was that it is required to put in a username. And then my VPN doesn't work, they erased the user in my profiles with remote support. Now everything works great.
@jcgoobee
@jcgoobee 2 роки тому
@@boeske1980 ah.. got it. Glad they figured it out. Good luck if you had a Ubiquiti box and asked for support like this, your support case might sucked into a blackhole for eternity. :P
@gnewt75
@gnewt75 Рік тому
@@jcgoobee has using a VPN on this slowed down your internet speed?
@JamesStrickland1975
@JamesStrickland1975 2 роки тому
Does this support VLANs?
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Good Question. No VLAN support that I know of. Only had it a couple hours now.
@spyone7851
@spyone7851 2 роки тому
Hi Gary I'm really interested in firewalla gold since 6 months ago, I'm considering to buy it, but what I'm looking for but I've not still found are the performance with ids and/or ips active, did you know anything about it?
@peterfrisch8373
@peterfrisch8373 2 роки тому
Have you checked FireWalla's website? If they don't show it, then go on to something else.
@spyone7851
@spyone7851 2 роки тому
@@peterfrisch8373 I've tried on their website and the community, the only page that explains the speed limitations sayis something about the blue, red, etc.. and the gold but it doesen't says nothing about the speed in IDS and IPS, here the title of the article "Firewalla Speed Limitations Explained"
@gnewt75
@gnewt75 Рік тому
Just got this FW Gold Firewalla tech support is terrible. I want to bridge mode this between my modem and Asus x89x router. So far I have the app and box set up in Bridge mode and it sees devices on my network, but I've got NO internet connection. Anyone have any suggestions?
@GaryExplains
@GaryExplains Рік тому
I guess you will get a quicker reply if you ask your question directly to Firewalls support or in the Firewalls community.
@gnewt75
@gnewt75 Рік тому
@@GaryExplains I did and FW support has no helpful answer for the bridge/AP mode/no internet connection configuration that I mentioned.
@GaryExplains
@GaryExplains Рік тому
Oh, very sorry to hear that 😟
@gnewt75
@gnewt75 Рік тому
@@GaryExplains no worries. Got it worked out myself. Everything's connected. 😊
@Jormunguandr
@Jormunguandr 2 роки тому
Cute device. At work I work with check point gaia with splunk client.
@patdbean
@patdbean 2 роки тому
Nice bit of hardware, but I think at that price I would rather use one of the free UTM distributions like 'untangle' and run it on an old pc . I haVe an old pentium 4 2.8ghz 4gb with 2 on board GB NiCs and 2 100mhz PCI cArds. Runs untangle from an 80gb SSD on trouble.
@GaryExplains
@GaryExplains 2 роки тому
Like those who fix their own car rather than taking it to a garage, there are always other options.
@HellcatM
@HellcatM 2 роки тому
Good video! You should have mentioned there are other Firewalla's (blue, blue pro, purple and red I think) at the end when you were saying who should buy it.
@SilviuDimulete
@SilviuDimulete 2 роки тому
Over $400 it's a lot. Cheaper alternatives are : Raspberry Pi 4 with OpenWRT, or a SH SFF computer with OPNsense/pfsense.
@GaryExplains
@GaryExplains 2 роки тому
Indeed... maybe... remind me how you are getting 4x Gigabit Ethernet ports on a Pi again?
@SilviuDimulete
@SilviuDimulete 2 роки тому
@@GaryExplains One is onboard, and another two can be added with USB3.0 to RJ45 gigabit adapters(yes the total is 3 ports instead of 4 but also the price difference is huge). If the ports are the issue, an SFF powered by an i5/i7 can be mounted with a PCI LAN card with 4 gigabit ports and with the onboard one make it to 5 for all of your networking needs and more, at a quarter of the price. I built this setup a couple of years ago with a refurbished SFF i5-4570, 8GB RAM, 128 SSD with OPNsense for around $150.
@GaryExplains
@GaryExplains 2 роки тому
True, all true. I could also build my own car if I wanted, but I don't. PS. The throughput on the Pi would be terrible. But that isn't the point.
@SilviuDimulete
@SilviuDimulete 2 роки тому
@@GaryExplains It all comes down to budget and know-how.
@GaryExplains
@GaryExplains 2 роки тому
@@SilviuDimulete As do most things, but convenience is also a big factor.
@guilherme5094
@guilherme5094 2 роки тому
Nice!
@Lexitivium
@Lexitivium 2 роки тому
$400 for the same features as my 5 y/o $150 NETGEAR router with custom firmware. Although it doesn't have the same mobile app - but all the exact same features, some named differently.
@GaryExplains
@GaryExplains 2 роки тому
Including load balancing over two Internet connections?
@Lexitivium
@Lexitivium 2 роки тому
@@GaryExplains Indeed! NETGEAR R8000 with a Tomato firmware, which I modified for a little extra kick. This kick is larger hash tables (got more memory than a usual R8000) and then the redundancy using one LAN port for fail-over / load balancing. Works like a charm - although uses way more power than a modern age router.
@GaryExplains
@GaryExplains 2 роки тому
@@Lexitivium interesting indeed.
@Lexitivium
@Lexitivium 2 роки тому
​@@GaryExplains Don't get me wrong. The Firewalla is one nice little device, that could look good beside my fiber box. But I think the features - although nice - doesn't quite justify the pricetag. My son just said: "Dad, that's just a Raspberry Pi with multiple RJ45". "Well, my son. You still got a bit to learn" ;-)
@highrzr
@highrzr 2 роки тому
The thing I think it is missing is a higher speed WAN port considering it's not cheap. Also, having to configure it via a not so smart phone is a deal breaker for me. It needs to have a web based admin console. No thanks, I'll pass.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
2.5Gb is not fast enough on the WAN?? You don't have to use a smart phone, use a larger tablet. You can SSH into it via a web browser or whatever.
@peterfrisch8373
@peterfrisch8373 2 роки тому
Gary, from what I have seen there is a disturbing trend of phone apps to configure/control various consumer network gear without recourse to the way you and I are familiar with. Also, oft times with less options for control. Further, I you don't have cell service with data and sufficient bandwidth, then you can't configure your own device. I have extremely poor cell service at my home, but good internet access. This and other devices would not work for me, and likely others as well. I can rail about other devices, some of which I own, but i will spare you.
@tonycheung7624
@tonycheung7624 2 роки тому
I buy one today
@ninjarider443
@ninjarider443 8 місяців тому
Firewalla has a lot of vulnerabitlies on their devices - read many blogs about it - so not sure if i would want something like this.
@Placesandspaces35
@Placesandspaces35 18 днів тому
Zero issues and i have five of them if i include travel routers i use them on. Constantly getting updated. But hey different strokes for different folks.
@rwashi
@rwashi 2 роки тому
Hello Gary, I use pfSense for that, had an old Intel built machine with dual core and I installed pfSense and I have the same function. Just cost conscious.
@Metalheaddox
@Metalheaddox 2 роки тому
Why do you the demodulator a modem (modem analog to digital) and not a transceiver (digital to digital) ?
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Because people can't keep facts straight, no matter what you tell them. Same with calling somebody who breaks into your network a "Hacker" instead of a "Cracker", as in safe cracker, or cracking the code. A hacker is someone who just throws stuff together to make something work, a hack job. People misuse language as a past time.
@samiam9059
@samiam9059 2 роки тому
I'm never going to configure a firewall through a phone app....
@mikescott4008
@mikescott4008 2 роки тому
Been running a variety of firewalls for quite some time. Currently on pfsense, but have used Sophos XG and Untangle as well. Probably going to switch back to Untangle or Sophos XG at some point.
@lucasdealmeidacarotta3174
@lucasdealmeidacarotta3174 2 роки тому
A pfsense box even for a larger house wouldn't offer a better investment ratio?
@GaryExplains
@GaryExplains 2 роки тому
If you have the time, expertise and sufficient experience with pfSense, then sure. I don't have the time to spare to build, manage and maintain and custom/hybrid solution. Convenience is an important factor.
@lucasdealmeidacarotta3174
@lucasdealmeidacarotta3174 2 роки тому
@@GaryExplains I have asked this because a few months ago I tried to download and compile the Firewalla code -- I think it was for a Blue or Red box, don't remember right now -- but it didn't work... At the same time I know that I can do this for pfSense -- it would be a pain, but there's always the OPNSense option for this --... And I went trough this rabbit hole because I was looking to buy one of the cheapest box for my mom but I would like to see it first -- specially because I live in Brazil and even the cheapest one would mean a pretty significant investment
@GaryExplains
@GaryExplains 2 роки тому
If you don't have the budget, then of course making your own solution will be cheaper, but it will take more time. Same for most things in life. Do I fix my own car or take it to a garage?
@DREDKNOT2063
@DREDKNOT2063 2 роки тому
now that im using firewalla gold so far i really like it ,but something i dont know is with its built in blockers such as adblock ,pornblock , face book an more combined with its dns-over-https do i need to keep using some or all of my firefox extensions iv got ublock origins , privacy badger,LeechBlock NG (for face an others) an AdBlocker Ultimate with HTTPS Everywhere an while i think they've served me well do i still need the installed with the gold now as my primary router an can i add more to the gold ,are ther any equivalents to anything like privacy badger an https2 an Malwarebytes Browser Guard that can be add to the gold
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
If I was you, I'd only use Ublock Origin and forgo the rest, except Malwarebytes, but not the browser guard version. Malwarebytes already works in your browser.
@doomedsomehow7114
@doomedsomehow7114 2 роки тому
Seems cool but i prefer Fortinets for that price range
@smile768
@smile768 2 роки тому
The hacked pipeline guys should have got one of these.
@GaryExplains
@GaryExplains 2 роки тому
😂
@James_Knott
@James_Knott 2 роки тому
FWIW, I built my firewall/router with pfsense on a Qotom mini PC with i5 CPU, 4 GB RAM, 64 GB SSD and 4 GB Ethernet ports. My cable modem is configured in bridge mode, so my firewall connects directly to my ISP. My ISP supports IPv6, so I can configure pfsense to provide 256 /64 subnets. Pfsense has similar features to Firewalla, such as traffic shaping and more. I really don't feel the need for using a cell phone to configure a firewall/router, as I have computers handy. It also supports a serial port connection, so you can set up a dial up modem for a back door. That i5 CPU also supports the AES-NI encryption instructions, which can be used for a VPN. I don't believe the Celeron CPU does. Pfsense is built on FreeBSD. BTW, I have a Ubiquiti Unifi AC Lite access point too.
@oaksif0
@oaksif0 2 роки тому
Still has intel management engine no good so has hardware backdoor. If it was based on ARM or RISC-V I would buy it.
@x3roxide
@x3roxide 2 роки тому
I thought the ME exploit required physical access to the device.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
There is no intel management engine firmware, unlike your PC.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
@@x3roxide ME exploit has been patched and required a very specific scenario.
@DonutsReview
@DonutsReview 10 місяців тому
It seems to do all the things DUMA OS + Bitdefender Armor provide.👽
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
A Lot more than Duma OS, which is only updated on the Net2.
@TheJackal917
@TheJackal917 2 роки тому
Intel cpu. With all it's security flaws. I thought it was something custom made with encryption. Hmm...
@joaopedroalbernaz
@joaopedroalbernaz 2 роки тому
"Rutah" - Explains, Garry
@GaryExplains
@GaryExplains 2 роки тому
Yes, that is the correct way to say it, as in roulette, routine, and Rousseau.
@AP-ir5uz
@AP-ir5uz 2 роки тому
@@GaryExplains Huh never even thought about that. Good supporting vocab!
@joaopedroalbernaz
@joaopedroalbernaz 2 роки тому
As an American, that was something that stood out and called my attention the whole video every time you said.
@GaryExplains
@GaryExplains 2 роки тому
As I Brit, it is something that stands out to me every time I watch a video from an American 🤦‍♂️ Aren't we beyond such things yet?
@VictorVargas_
@VictorVargas_ 2 роки тому
@@GaryExplains umm this is the internet, comments like this are normal. They aren’t meant to make fun or ridicule the person, it’s more of pointing something out that stood out.
@dan4315
@dan4315 2 роки тому
Too expensive for what it does. It’s not a UTM firewall so it’s limited to what it can protect.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
I haven't found a reasonably priced UTM firewall/security gateway yet. I used to install Ubiquiti but they don't support spam monitoring and availability is horrible. Regardless, I have other solutions for the issues that Firewalla is not meant to address.
@Obloms
@Obloms 2 роки тому
Wait, you HAVE to use it an app through a bluetooth on your phone and stuff? I mean, that's a deal breaker, IMO.
@jasonk5979
@jasonk5979 2 роки тому
There website says there is a web interface. (Beta)
@glovedcop69
@glovedcop69 2 роки тому
That's just to start once it's hooked up its no longer needed as you can access it from anywhere via the app.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Again, the Bluetooth startup option is standard anymore and is only used for a couple minutes on the very first installation. A great option if you ask me. Thereafter, you configure/manage using a tablet, a phone, web browser or SSH.
@scooter5480
@scooter5480 2 роки тому
$438.00
@TesserId
@TesserId Рік тому
Oh, have to use smart phone, have to have wifi connectivity. So, I can't use this on a wired only LAN. Sorry, that's a deal breaker.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Goodness. Don't need wifi connectivity as it doesn't contain a wifi module unless you buy the optional USB wifi product. It only needs to access a bluetooth phone on first startup for initial basic config, Thereafter, use phone and/or tablet app, any web browser, or SSH into it. You missed out on a fantastic piece of kit.
@dominiquebalabat197
@dominiquebalabat197 Рік тому
Gone are the days when privacy was a thing. Over and done.
@GaryExplains
@GaryExplains Рік тому
Eh?
@kdog8787
@kdog8787 2 роки тому
For people that have wireless routers without AP or bridge mode: You don't need to use AP or bridge mode. You only need these if you want to use your wireless router's WAN port. You can disable DHCP on the wireless router and connect it using one of the LAN ports. D-Link tech support taught me this before AP and bridge mode existed on their consumer routers.
@GaryExplains
@GaryExplains 2 роки тому
I think you then get a routing problem.
@kdog8787
@kdog8787 2 роки тому
@@GaryExplains The DHCP on the wireless router tells its clients to request internet traffic from the wireless router. If you disable it and plug the firewall router into a LAN port (as opposed to the WAN port) on the wireless router, the DHCP on the firewall router should take over and tell all the wireless clients on the LAN to request internet traffic from the firewall router. It's important to disable DHCP on the wireless router before plugging it into the rest of the LAN so it doesn't interfere. It's also important to make sure the wireless router has a different LAN IP and is on the same subnet as the firewall router. I usually take the firewall router LAN IP (eg 192.168.1.1) and add four to the last number (eg 192.168.1.5). This is usually outside the range of IPs that are assigned to clients. I've successfully done this with a Ubiquiti EdgeRouter and many wireless routers over the years. Now I use AP mode on my Archer AX50, which I still connect through a LAN port.
@GaryExplains
@GaryExplains 2 роки тому
I think it depends on the router. If it has a dedicated WAN port, some of them only accept DHCP answers over that port. For example, I have a Mikrotik hAP Lite and depending on the configuration you might need to explicitly set DHCP address acquisition to all ports rather than the WAN. Anyway, I tested the setup you suggested using the Mikrotik hAP Lite and as I feared, no internet on client devices connected to its Wi-Fi. The problems seems to be that the router doesn't get a DHCP address from the Firewalla. Moving the cable from the LAN to WAN port fixes it, and then setting it to Bridge mode fixes the double NAT.
@kdog8787
@kdog8787 2 роки тому
​@@GaryExplains The wireless router doesn't need a DHCP address for the clients to get internet so long as its wireless is bridged to its LAN ports. I set a static IP for my wireless router so I know where to find it. Microtik has a DHCP snooping option which can block DHCP servers that aren't trusted. I imagine it blocked the Firewalla from giving IP addresses to the clients.
@kdog8787
@kdog8787 2 роки тому
I recommend AP or bridge mode to anyone that has it.
@playdoh1975
@playdoh1975 2 роки тому
Lolz 😂
@fuzzyball2132
@fuzzyball2132 Рік тому
You need some networking experience to full utilize all features for growing network at home or small businesses. Lot of money will be wasted if it’s just plug and play.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Few people utilize all features. And there are less expensive Firewalla for the budget conscious.
@Demopans5990
@Demopans5990 8 місяців тому
*laughs in pihole*
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
You need a hand getting out of that pihole you're in?
@Flankymanga
@Flankymanga 2 роки тому
Im sorry but my Mikrotik has a lot more features and does not need bluetooth smartphone to access and best of all... and costs quarter of this thing.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Your Mikrotik has any 2.5ghz ethernet ports to communicate with 2.5ghz switches or modems? Your Mikrotik can process VPN data at 1Gbps and more? Your Mikrotik has dual Wan ports with fail over? Your Mikrotik has an ARM quad core CPU? Your Mikrotik has a fully fleshed out UI with everything done for you? Your Mikrotik has a No-Lockout Bluetooth option? Your Mikrotik has an easy Bluetooth first time startup feature? Your Mikrotik has a phone app, a tablet app, a web browser command interface with charting, and SSH, all able to configure and manage the interface? Your Mikrotik has IDS? Your Mikrotik has IPS? Your Mikrotk has option to auto quarantine new devices until reviewed? Your Mikrotik has auto updating malware and blocking lists? Your Mikrotik has easy learning curve? I could go on and on. If indeed it has any or most of these features, let me know and I'll switch (to a product I left behind decades ago). 😂
@riahaidan
@riahaidan Рік тому
Gold users, how's the Wi-Fi range on the Gold? Is it also short range like the Purple?
@jk-mm5to
@jk-mm5to 2 роки тому
Great firewall for prosumer and not professional.
@logwind
@logwind 2 роки тому
Can't this device act as an AP?
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
It's not wireless AP.
@midnightchurningspriteshaq8533
@midnightchurningspriteshaq8533 2 роки тому
roooter
@GaryExplains
@GaryExplains 2 роки тому
Correct. How do you pronounce routine?
@midnightchurningspriteshaq8533
@midnightchurningspriteshaq8533 2 роки тому
​@@GaryExplains spam filter blocked me from replying, because i provided a link i think. the first router was invented in the US, allowing for the generally accepted pronounciation of the American dialect to determine the sound of the product. There are many words with the same characters, and even the same accents that are pronounced differently. Similarly, the word pantaloon v.s. pantalon does not set a precedent for the word jeans, even though it should sound like johns the same way sean sounds like shohn or shawn. instructions are often given with the sayings, "use this rowt" to get to yorktown. i believe that english pronounciations are influenced by french and latin and brittish english being formed together to a written language that gave up accents, and created sounds from local dialects. the dialect wins over the etymological roots because: jeans sound like genes and not like johns yet have no accent in english but will in its relative languages. and the router was invented in a place where the dialect used it in the sound of "rowter". the road system will also show a route, like route 66 will be pronounced as root 66 because the road systems where likely created under brittish control, or with old english in mind. Definition of rowt dialectal chiefly British variant of rout, rout:3 from online sources: In my local dialect (Toronto, Canada), it is /ruːt/ for a roadway, and /raʊt/ (but that's very approximate; see Canadian raising ) for the act of specifying a path (and rowter for the computer networking device) You're correct that "o" is US and "ou" is non-US. It'd be considered bad style to switch between them in the same text. Generally, you should just choose one style and use it consistently, and you will be understood. I've heard a rule that if you're writing for a mostly American audience, you should use the American spelling, and otherwise use the international forms, but that may not even be necessary. One place that mixing styles is allowed is when quoting verbatim from text, or in technical literature where spellings must be retained exactly: I asked him what colour he wanted, and he said "I'm no good at picking colors". In many North American dialects, including that of the Inland North, route and rout [ɹaʊt] are homophones rhyming with shout; router [ˈɹaʊɾɚ] rhymes with shouter; the root [ɹʊt] in the ground rhymes with foot and soot, just as in put and hood; but to root [ɹuːt] for one’s home team rhymes with shoot, which means that only a person who’s doing that sort of cheering would be a rooter [ˈɹuːɾɚ]. And roof is [ɹʊf], rhyming with hoof, not with proof [pʰɹuf] or prove [pʰɹuːv]. And yet, rut is [ɹʌt] Living in many places in the US, and dealing with networking equipment in all of them, I've always, always heard rowter (rhymes with "shouter") for the networking equipment. If I said "rooter" they'd wonder what I was talking about and if the toilet was stopped up. - Who invented the first router? The Interface Message Processor (IMP) was the packet switching node used to interconnect participant networks to the ARPANET from the late 1960s to 1989. It was the first generation of gateways, which are known today as routers. The idea for the Interface Message Processor (IMP) was suggested by Wesley Clark at the "ARPANET Design Session" held by Lawrence Roberts at the IPTO Principal Investigator meeting in Ann Arbor Michigan in April, 1967. (1) Professor Leonard Kleinrock is Distinguished Professor of Computer Science at UCLA. He developed the mathematical theory of packet networks, the technology underpinning the Internet, while a graduate student at MIT in the period from 1960-1962. The birth of the Internet occurred in his UCLA laboratory (3420 Boelter Hall) when his Host computer became the first node of the Internet in September 1969 and it was from there that he directed the transmission of the first message to pass over the Internet on October 29, 1969. (2) The IMPs were built by the Massachusetts-based company Bolt Beranek and Newman (BBN) in 1969. (3)
@GaryExplains
@GaryExplains 2 роки тому
@@midnightchurningspriteshaq8533 But you can route more than network traffic. You can route a horse and cart. The word existed before network routers. 🤔😜
@midnightchurningspriteshaq8533
@midnightchurningspriteshaq8533 2 роки тому
@@GaryExplains similarly pantalons and pantaloons existed before jeans (with varied sounds/pronunciations/accents) , but jeans became the universal word and sound for that product, jeans will always sound like genes and never like johns. you don't wear denim johns in any place on earth. the jeans, like the networking router, are inventions the supersede any linguistic convention. the only difference is that a router is both a noun and a verb whereas the jeans and pantaloons are nouns about a similar invention.
@GaryExplains
@GaryExplains 2 роки тому
@@midnightchurningspriteshaq8533 Well that cleared that up. 🤦‍♂️
@MrSmithToday
@MrSmithToday 2 роки тому
Opnsense firewall is good.
@ppal64
@ppal64 2 роки тому
So a almost a netgate clone that has no web gui install.? Dumb not to have WEB interface. Much more u,ser friendly for the home user compared to pfsense.
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
Dumb for pfsense to not have a cell phone/tablet interface.
@nikolaskallianiotis8622
@nikolaskallianiotis8622 2 роки тому
One who can setup this can also spent $50 to buy a raspberry pi 4 (or any other SBC), install FOR FREE anything he/she wants (lots of solutions) and get the same benefits without spending a cent more. The most important yet, free new knowledge and training.
@GaryExplains
@GaryExplains 2 роки тому
I disagree. The knowledge to setup this isn't the equivalent of creating a custom solution with a Pi or PC. Also, the Pi won't give you the same throughput. Finally, the hassle of setup and maintenance of a custom solution doesn't make it cheaper. If I am busy then I want a complete solution. I could fix my own car but I choose to take it to a garage because I don't have the time. Cheaper isn't just about cash values.
@nikolaskallianiotis8622
@nikolaskallianiotis8622 2 роки тому
@@GaryExplains I'm sure this is not for every day users who just want to press a button and the magic happens. It's for advanced users and such as any other solution can be acceptable. To fix you car you need equipment costing thousands, to make your own firewall only time, knowledge and a few dollars do the trick. I only agree that not everyone has the time. As for the throughput it's debatable. For me having a VDSL connection acting as bottleneck, throughput is more than enough. If someday I find the money and the ISPs decide that I can also have the "luxury" of a Gbe then maybe I'll need something more advanced. But then again, if and when this happens, some other SBC maybe more suitable. And don't say that only a few have just a poor VDSL. I am watching your channel from Greece. Here 200Mbps Fiber costs nearly 60EUR and are only available in some suburbs. For the rest 90% DSL is the only available solution. I'm sure many other countries in the "developed world" share more or less the same situation.
@GaryExplains
@GaryExplains 2 роки тому
@@nikolaskallianiotis8622 I was referring to the throughput of the interfaces on the router as it is Gbe for the LAN side and the firewall monitors all the LAN traffic. The LAN side functions are quite advanced.
@georgeklimes7604
@georgeklimes7604 Рік тому
@@nikolaskallianiotis8622 Nikolas, when I come to Greece, I WISH I could get anything near 200 Mbps. And on Kalymnos, it's extremely painful in many places (like 2 or less Mbps sometimes!!!). Has the Cosmote coverage improved in Athens?
@SpaceCadet4Jesus
@SpaceCadet4Jesus 4 місяці тому
@@nikolaskallianiotis8622 You might consider taking all that saved money you have lying around from self-building stuff and MOVE to a location with better internet speeds.
@mrtuk4282
@mrtuk4282 2 роки тому
Sadly I don't think IOS or Android are safe from tracking so it looks like I cannot use this device.
@gsgrzegorz98
@gsgrzegorz98 2 роки тому
No web interface. Boooooo!
@GaryExplains
@GaryExplains 2 роки тому
There is one in development, it is currently in Beta: help.firewalla.com/hc/en-us/articles/360049873154-Does-Firewalla-have-a-web-interface-
@dab42bridges80
@dab42bridges80 2 роки тому
I don't want a device on my network that can only be controlled by my cellphone.
Firewalla Gold SE - Full Review
10:27
Brian Unboxed
Переглядів 3,7 тис.
Stylish cement speakers created by a master!
00:44
Kree Creates
Переглядів 8 млн
Лама Мама А4 и Кунг-фу Панда топчик❤️
00:22
Дим Димыч
Переглядів 2,5 млн
Президент відвідав наших військових на Сумщині
00:20
Repair LUXPOWER SNA5000WPV INVERTER REPAIR NO OUTPUT BURNT IGBT
24:22
Technodrive Repairs
Переглядів 61
Firewalla - How it's going after a few weeks running
24:53
nTRaaS
Переглядів 14 тис.
Fast networking is cheaper than you think.
22:58
Hardware Haven
Переглядів 324 тис.
The Best Home Security Device Money Can Buy
18:33
Legends of IT
Переглядів 45 тис.
I hope you don't need internet.... - PfSense Router Update
27:31
Linus Tech Tips
Переглядів 2,4 млн
My Thoughts on the Firewalla Firewall...
8:05
Lawrence Systems
Переглядів 51 тис.
3x 2.5GbE Fanless Firewalls Compared
24:02
ServeTheHome
Переглядів 88 тис.
DO NOT design your network like this!! // FREE CCNA // EP 6
19:36
NetworkChuck
Переглядів 3 млн
Firewalla Gold Network Manager Overview
5:06
Firewalla
Переглядів 1,6 тис.
Stylish cement speakers created by a master!
00:44
Kree Creates
Переглядів 8 млн