Book Image

Network Security with pfSense

By : Manuj Aggarwal
Book Image

Network Security with pfSense

By: Manuj Aggarwal

Overview of this book

While connected to the internet, you’re a potential target for an array of cyber threats, such as hackers, keyloggers, and Trojans that attack through unpatched security holes. A firewall works as a barrier (or ‘shield’) between your computer and cyberspace. pfSense is highly versatile firewall software. With thousands of enterprises using pfSense, it is fast becoming the world's most trusted open source network security solution. Network Security with pfSense begins with an introduction to pfSense, where you will gain an understanding of what pfSense is, its key features, and advantages. Next, you will learn how to configure pfSense as a firewall and create and manage firewall rules. As you make your way through the chapters, you will test pfSense for failover and load balancing across multiple wide area network (WAN) connections. You will then configure pfSense with OpenVPN for secure remote connectivity and implement IPsec VPN tunnels with pfSense. In the concluding chapters, you’ll understand how to configure and integrate pfSense as a Squid proxy server. By the end of this book, you will be able to leverage the power of pfSense to build a secure network.

Related Content you might be interested in

Current Title:

Small book image
Network Security with pfSense
Manuj Aggarwal
Jul, 2018 | 152 pages
Small book image
Mastering pfSense
David Zientara
May, 2018 | 450 pages
Small book image
pfSense 2.x Cookbook
David Zientara
Dec, 2018 | 298 pages
Small book image
Learn pfSense 2.4
David Zientara
Jul, 2018 | 346 pages
Table of Contents (7 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Introduction to pfSense
Introduction to pfSense
What is pfSense?
Benefits of pfSense
Use cases
pfSense features
Prerequisites for installation
Installing pfSense on a virtual machine
Launching the virtual machine
Configuring VM and completing the installation
Configuring pfSense
pfSense WebGUI walkthrough
Configuring pfSense as a DHCP server
Summary
2
pfSense as a Firewall
pfSense as a Firewall
What is a firewall?
Configuring pfSense as a firewall
Setting up firewall rules
Managing firewall rules
Summary
3
pfSense as a Failover and Load Balancer
pfSense as a Failover and Load Balancer
Load balancing and failover
Load balancing and failover across multiple WAN connections
Configuring Gateway Groups
Verifying load balancing across WAN connections
Failover across multiple WAN connections
Summary
4
Remote Connectivity with pfSense and IPsec
Remote Connectivity with pfSense and IPsec
What is IPsec?
Security Association
IPsec VPN tunnel implementation
Prerequisites
IPsec phases
Configuring IPsec tunnel
Configuring pfSense firewall rules
Summary
5
Using pfSense as a Squid Proxy Server
Using pfSense as a Squid Proxy Server
The proxy server
Installing the Squid proxy server
Configuring the Squid proxy server
Testing the Squid proxy server
Summary
6
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

pfSense features

Let's discuss the pfSense features through a use-case diagram:

The preceding diagram gives you an idea of how pfSense plays a vital role in the network. The ISP Modem/Router connects pfSense to the internet. The Switch connects pfSense to various desktops.

In this scenario, pfSense acts as a DHCP Server, Firewall, and NAT device. It can play these roles distinctly or all at the same time simultaneously.

Let's explore some other standard features of pfSense:

  • The DHCP Relay Agent feature serves the DHCP service for all clients.
  • The Firewall feature filters requests and responses by source and destination IPs, and source and destination ports. It also limits simultaneous connections on a per rules basis.
  • NAT port forwards include range and use of multiple public IPs and one-to-one NAT for individual IP or multiple subnets.
  • The Multi WAN functionality enables the use of multiple internet connections, with load balancing, failover, and usage distribution. With this, you can achieve redundancy across multiple ISP connections, and not only that, you can distribute the traffic from your internal network to the internet to numerous links in a load-balanced fashion.

As a VPN server, pfSense offers two options for VPN connectivity:

  • IPsec allows connectivity with any device supporting standard IPsec. This is most commonly used for site-to-site connectivity to other pfSense installations, and almost all other firewall solutions like Cisco, Juniper, and so on. It can also be used for mobile client connectivity.
  • The second is OpenVPN. OpenVPN is a flexible, powerful SSL VPN solution supporting a wide range of client operating systems. Let's assume that the computers are in different sites. You can use IPsec VPN to connect them both together.

Now that you're familiar with pfSense, let's go ahead with installation and configuration of pfSense. But before we start with that, let's review the minimum hardware requirements for installing and running pfSense.

Previous Section
End of Section 5
Next Section