I use pfSense. I do not use the IPS features mostly because of the reasons you present. However pfSense is also a very capable router, which is why I use it.
Are there other ways to solve this problem? Of course, most problems in tech have a large number of solutions, each with their own trade offs. If I were to set my network up again, I would probably go with an edgerouter pro or similar - but since I already had a low power server I could repurpose as the router, it was $0 vs $400.
That makes sense. If that's why most people use these things --- to repurpose old hardware in their basement rather than ordering a new router --- then pfSense makes some sense to me.
Doesn't have to be just re-purposing old hardware for it to make sense IMHO.
I started using pfSense on old hardware to get rid of Verizon's router, however I plan to replace it with a brand new box that will likely be $250-500.
I have gigabit FiOS coming into the ONT outside, and from there I get an Ethernet port that comes straight to the pfSense box. No Verizon router present at all.
Besides pfSense, what other open source options do I have to run a firewall that can handle gigabit ethernet with VPN? DD-WRT? Tomato?
Sure, I can setup a Debian box with iptables in my sleep, but pfSense is much nicer.
I’m in a similar boat (ATT fiber) and really curious as well. I’ve considers pfsense with dual gigabit nic but honestly I’d rather have a dedicated box that can handle the routing and firewall features.
OpenWRT is standard for routers, you can even run it on x86 just fine, and unlike PFSense it won't shit a brick and sit in a broken state at console just because a secondary ethernet interface disappears.
PFSense really is targeted at the prosumer market. If your happy to haul a screen out on every upgrade or minor hardware change, PFSense is fine. Otherwise, going Openwrt is a solid choice as you can actually debug it remotely.
Are there other ways to solve this problem? Of course, most problems in tech have a large number of solutions, each with their own trade offs. If I were to set my network up again, I would probably go with an edgerouter pro or similar - but since I already had a low power server I could repurpose as the router, it was $0 vs $400.