Book Image

pfSense 2.x Cookbook - Second Edition

By : David Zientara
Book Image

pfSense 2.x Cookbook - Second Edition

By: David Zientara

Overview of this book

pfSense is an open source distribution of the FreeBSD-based firewall that provides a platform for ?exible and powerful routing and firewalling. The versatility of pfSense presents us with a wide array of configuration options, which makes determining requirements a little more difficult and a lot more important compared to other offerings. pfSense 2.x Cookbook – Second Edition starts by providing you with an understanding of how to complete the basic steps needed to render a pfSense firewall operational. It starts by showing you how to set up different forms of NAT entries and firewall rules and use aliases and scheduling in firewall rules. Moving on, you will learn how to implement a captive portal set up in different ways (no authentication, user manager authentication, and RADIUS authentication), as well as NTP and SNMP configuration. You will then learn how to set up a VPN tunnel with pfSense. The book then focuses on setting up traffic shaping with pfSense, using either the built-in traffic shaping wizard, custom ?oating rules, or Snort. Toward the end, you will set up multiple WAN interfaces, load balancing and failover groups, and a CARP failover group. You will also learn how to bridge interfaces, add static routing entries, and use dynamic routing protocols via third-party packages.
Table of Contents (18 chapters)
Title Page
Copyright and Credits
About Packt

Configuring a LAN interface

This recipe describes how to configure the Local Area Network (LAN) internal interface of our pfSense firewall.

Getting ready

The LAN interface is the interface to the internal network through which our nodes will be able to securely connect to other internal nodes and to the internet. An assigned LAN interface is required.

How to do it...

  1. Navigate toInterfaces | LAN.
  2. Check the Enable Interface checkbox:
  1. Choose anIPv4 Configuration Type(usuallyStatic IPv4).
  2. Choose an IPv6 Configuration Type (or leave it set to None).
  3. Enter an IPv4 Address in the appropriate field, and the correct CIDR in the adjacent drop-down box. Leave IPv4 Upstream gateway set to None.
  4. If you enabled IPv6 by setting the IPv6 Configuration Type, enter an IPv4 Address in the appropriate field and the correct CIDR in the adjacent drop-down box.
  5. Leave Block private networks and Block bogon networks unchecked (they should be unchecked by default).
  6. When you are done making changes, click on the Save button. When the page reloads, click on the Apply Changes button.

How it works...

You have just defined your first internal network. If you have been following these recipes in order, you now have met the minimal requirements for a fully functional network. You can now either continue adding networks, or start configuring the rules to regulate traffic between the networks.

There's more...

You can now connect a switch to the LAN port of your pfSense system, and connect nodes to the LAN network.

See also

  • The Identifying and assigning interfaces recipe in this chapter
  • The Configuring a WAN interface recipe in this chapter
  • The Configuring optional interfaces from the console recipe in this chapter