How was the experience running it in a virtual environment? And, if I may ask, why the change over to AIO? Was it something related to running it in a virtual environment?
AIO = All in One system, that is, Im still running pfSense virtualized.
I see no reason to let pfsense sit on bare metal. It consumes quite little resources for the "non-complicated tasks". I run mine at 8GB RAM at the moment, but will look for a reduction down to 2-3GB, based off the RAM usage pattern. There is a lot of resources sitting not being utilized when running pfSense on metal. That can be mitigated with ESXi ;)
The key to piece of mind for virtualizing the firewall is how it interacts with WAN. I've run it both through a virtual NIC in ESXi, which worked fine. Yet however then traffic seems to be forced through the ESXi network stack/firewall. I'm not sure to what extent (I've not dug into it) but once I decided to passthrough a dedicated physical NIC to that VM, I was under the impression that some things quickened up considerably. Perhaps it was so, or maybe pure placebo. None the less, I do recommend passing through a physical NIC. Doing so, disables the typical arguments on security worries related to virtualizing firewalls (ie, exposing the host for a slim surface for attacks, that ..was problematic a couple of years ago, but since then has not surfaced again, on later versions of ESXi). Clearly, the industry moves towards increasing virtualization meanwhile there are a set of core oldschool users still vouching for <keep the firewall physically separated>.
At the end of the day it is a question of getting enough piece of mind from the security solution.
Or, you know, whichever self motivation process flow works for you.
We're sharing that property to some extent. However, at one point or another we all attempt something we don't anticipate the amount of energy and time that needs to be invested in the software and technology to reach our intents.
I'd say FreeNAS comparatively speaking, is straight forward and easy to setup decently. Where as pfSense is a confusing mess, with an abundance of dated guides and recommendations that no longer can be followed blindly - options have changed, layouts have been reworked and functionality has evolved to require additional or fewer steps to reach the same goal. Their forum is a complete mayhem and the wikimanual (probably except for the paid book) ...could use a lot of clarification. It is not as dumbed down as the FreeNAS documentation is, far less complete too.
Problems quickly get stacked once one is following guides blindly and suddenly settings described in the guide no longer matches what you see in the configuration.
The way I've gone about to get where I want to be at with pfSense has been to merge a couple of 3-4 dated guides (since none of them appear to follow the same steps, nor the same options) for general concepts to TEST what seems to work, then start reducing rules and options until stuff breaks again to figure out what are the minimum required settings. Tedious don't even begin to explain the experience I've had.
However, that is probably what to expect when not being familiar with most of the concepts used. Particularly how to read and interpret what order settings are applied to make correct adjustments for functionality is ...still an upphill battle I come across often once I try to get something else done.
So ehh, the hurdle to get into FreeNAS is sort of stepping up on a chair compared to climbing the Everest of pfSense.
-Once you want to get into stuff.
Now, this might sound dis-encouraging but it really isn't. Peoples miles do vary.