Book Image

Learn pfSense 2.4

By : David Zientara
Book Image

Learn pfSense 2.4

By: David Zientara

Overview of this book

As computer networks become ubiquitous, it has become increasingly important to both secure and optimize our networks. pfSense, an open-source router/firewall, provides an easy, cost-effective way of achieving this – and this book explains how to install and configure pfSense in such a way that even a networking beginner can successfully deploy and use pfSense. This book begins by covering networking fundamentals, deployment scenarios, and hardware sizing guidelines, as well as how to install pfSense. The book then covers configuration of basic services such as DHCP, DNS, and captive portal and VLAN configuration. Careful consideration is given to the core firewall functionality of pfSense, and how to set up firewall rules and traffic shaping. Finally, the book covers the basics of VPNs, multi-WAN setups, routing and bridging, and how to perform diagnostics and troubleshooting on a network.

Related Content you might be interested in

Current Title:

Small book image
Learn pfSense 2.4
David Zientara
Jul, 2018 | 346 pages
Small book image
Network Security with pfSense
Manuj Aggarwal
Jul, 2018 | 152 pages
Small book image
OPNsense Beginner to Professional
Julio Cesar Bueno de Camargo
Jun, 2022 | 464 pages
Small book image
Networking Fundamentals
Gordon Davies
Dec, 2019 | 510 pages
Table of Contents (14 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Getting Started with pfSense
Getting Started with pfSense
Technical requirements
The pfSense project
What pfSense can do
The pfSense community
Objectives of this book
Summary
Questions
Further reading
2
Installing pfSense
Installing pfSense
Technical requirements
Networking fundamentals
Typical pfSense deployment scenarios
Hardware requirements and sizing guidelines
Installing pfSense
Initial pfSense configuration
Summary
Questions
Further reading
3
Configuring pfSense
Configuring pfSense
Technical requirements
IPv4 and IPv6 addressing
Additional setup options
SSH login
Adding interfaces
Adding a DHCP server
VLAN configuration
Summary
Questions
Further reading
4
Captive Portal
Captive Portal
Technical requirements
Captive portal basics
Captive portal best practices
Enabling a captive portal
Captive portal examples
Troubleshooting captive portals
Summary
Questions
Further reading
5
Additional pfSense Services
Additional pfSense Services
Technical requirements
Introduction to DNS
Configuring DNS
DDNS
NTP
SNMP
Summary
Questions
Further reading
6
Firewall and NAT
Firewall and NAT
Technical requirements
Firewall fundamentals
Firewall best practices
Creating firewall rules
Scheduling
Aliases and virtual IPs
NAT
Troubleshooting
Summary
Questions
Further reading
7
Traffic Shaping
Traffic Shaping
Technical requirements
Traffic shaping fundamentals
Configuring traffic shaping
Manual rule configuration
Using Snort for traffic shaping
Troubleshooting
Summary
Questions
Further reading
8
Virtual Private Networks
Virtual Private Networks
Technical requirements
VPN fundamentals
Configuring a VPN tunnel
Troubleshooting VPNs
Summary
Questions
Further reading
9
Multiple WANs
Multiple WANs
Technical requirements
Multi-WAN fundamentals
Configuring multiple WANs
Troubleshooting
Summary
Questions
Further reading
10
Routing and Bridging
Routing and Bridging
Technical requirements
Routing and bridging fundamentals
Routing
Bridging
Troubleshooting
Summary
Questions
Further reading
11
Diagnostics and Troubleshooting
Diagnostics and Troubleshooting
Technical requirements
Troubleshooting fundamentals
pfSense troubleshooting tools
A troubleshooting scenario
Summary
Questions
Further Reading
12
Assessments
Assessments
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
13
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

What pfSense can do

To provide a general idea of the versatility of pfSense, consider the following use cases:

  • You have a home network, and need a means of connecting the wireless devices in your house (such as computers, laptops, and tablets) to the internet. Therefore, you need a router (to connect your home network to the internet), a firewall (to perform ingress and egress filtering at the boundary between your private network and the internet), and a wireless access point (to enable wireless devices to connect to your home network). You will likely also want to have a DHCP server to assign IP addresses to devices on the network, and possibly dynamic DNS (DDNS) capabilities, so that you don't have to remember your public IP address when accessing your home network from the outside world. pfSense can perform all these functions.

  • You have a small office/home office (SOHO) network, and you need to connect several computers in your company to the internet. You also want to provide a means of allowing customers to connect to the internet on the same connection, but you want to have some means of controlling their access to the network so they don't use up the bulk of available bandwidth. You also want to keep them from accessing the internal company network. Therefore, you need to have separate subnets for your internal network and for customers, a captive portal to control customers' access to your network, and possibly traffic shaping capabilities to limit the amount of bandwidth used by customers. Again, pfSense can perform all these functions.

  • You are an administrator at a corporation that has an office in another city. You want to provide access to your local corporate network to workers in the remote facility, but you are concerned about confidential corporate information traveling over the public internet. A private WAN circuit is one possible option to allow remote users to connect securely to your network, but private WAN circuits are expensive. Therefore, you decide that the best option is to set up a peer-to-peer VPN connection between your local network and the remote site. You also want to have more than one internet connection, to provide redundancy when one of the connections goes down. As you might have guessed, pfSense allows you to set up VPN connections between networks, and to set up multiple WAN connections.

In short, pfSense can be used in a variety of scenarios, ranging from a simple home network with a handful of internet-connected devices to a corporate network with thousands of users. For those administering corporate networks, commercially available equipment with proprietary technology (such as Cisco switches and routers) may prove to be the better option. Such equipment often performs better under heavy load scenarios, offers integrated voice, video, and data services, and often comes bundled with technical support.

This book, however, is aimed primarily at beginners; therefore, it is generally assumed that the reader is more likely to set up a home network or SOHO network than a corporate network, in which case pfSense is generally a cost-effective, sensible option. There is a great deal of functionality built in to pfSense, and in many cases, when the base install does not provide the functionality you need, there are third-party packages available that do provide such functionality.

Previous Section
End of Section 4
Next Section