Book Image

Mastering pfSense - Second Edition

By : David Zientara
Book Image

Mastering pfSense - Second Edition

By: David Zientara

Overview of this book

pfSense has the same reliability and stability as even the most popular commercial firewall offerings on the market – but, like the very best open-source software, it doesn’t limit you. You’re in control – you can exploit and customize pfSense around your security needs. Mastering pfSense - Second Edition, covers features that have long been part of pfSense such as captive portal, VLANs, traffic shaping, VPNs, load balancing, Common Address Redundancy Protocol (CARP), multi-WAN, and routing. It also covers features that have been added with the release of 2.4, such as support for ZFS partitions and OpenVPN 2.4. This book takes into account the fact that, in order to support increased cryptographic loads, pfSense version 2.5 will require a CPU that supports AES-NI. The second edition of this book places more of an emphasis on the practical side of utilizing pfSense than the previous edition, and, as a result, more examples are provided which show in step-by-step fashion how to implement many features.

Related Content you might be interested in

Current Title:

Small book image
Mastering pfSense - Second Edition
David Zientara
May, 2018 | 450 pages
Small book image
Network Security with pfSense
Manuj Aggarwal
Jul, 2018 | 152 pages
Small book image
OPNsense Beginner to Professional
Julio Cesar Bueno de Camargo
Jun, 2022 | 464 pages
Small book image
CompTIA Network+ Certification Guide
Glen D Singh | Rishi Latchmepersad
Dec, 2018 | 422 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Revisiting pfSense Basics
Revisiting pfSense Basics
Technical requirements
pfSense project overview
Possible deployment scenarios
Hardware requirements and sizing guidelines
Hardware sizing guidelines
The best practices for installation and configuration
pfSense configuration
Summary
Questions
Further reading
2
Advanced pfSense Configuration
Advanced pfSense Configuration
Technical requirements
SSH login
DHCP
DNS
DDNS
Captive portal
NTP
SNMP
Summary
Questions
3
VLANs
VLANs
Technical requirements
Basic VLAN concepts
VLAN configuration at the console
VLAN configuration in the web GUI
Configuration at the switch
Troubleshooting VLANs
Summary
Questions
4
Using pfSense as a Firewall
Using pfSense as a Firewall
Technical requirements
An example network
Firewall fundamentals
Firewall best practices
Creating and editing firewall rules
Scheduling
Aliases
Virtual IPs
Troubleshooting firewall rules
Summary
Questions
5
Network Address Translation
Network Address Translation
Technical requirements
NAT essentials
Outbound NAT
1:1 NAT
Port forwarding
Network Prefix Translation
Troubleshooting
Summary
Questions
6
Traffic Shaping
Traffic Shaping
Technical requirements
Traffic shaping essentials
Configuring traffic shaping in pfSense
Advanced traffic shaping configuration
Traffic shaping examples
Using Snort for traffic shaping
Troubleshooting traffic shaping
Summary
Questions
Further reading
7
Virtual Private Networks
Virtual Private Networks
Technical requirements
VPN fundamentals
Configuring a VPN tunnel
Troubleshooting
Summary
Questions
8
Redundancy and High Availability
Redundancy and High Availability
Technical requirements
Basic concepts
Server load balancing
CARP configuration
An example of both load balancing and CARP
Troubleshooting
Summary
Questions
Further reading
9
Multiple WANs
Multiple WANs
Technical requirements
Basic concepts
Multi-WAN configuration
Example – multi-WAN and CARP
Troubleshooting
Summary
Questions
10
Routing and Bridging
Routing and Bridging
Technical requirements
Basic concepts
Routing
Bridging
Troubleshooting
Summary
Questions
11
Extending pfSense with Packages
Extending pfSense with Packages
Technical requirements
Basic considerations
Installing packages
Important packages
Other packages
Summary
Questions
Further reading
12
Diagnostics and Troubleshooting
Diagnostics and Troubleshooting
Technical requirements
Troubleshooting basics
pfSense troubleshooting tools
Troubleshooting scenarios
Summary
Questions
13
Assessments
Assessments
Chapter 1 – Revisiting pfSense Basics
Chapter 2 – Advanced pfSense Configuration
Chapter 3 – VLANs
Chapter 4 – Using pfSense as a Firewall
Chapter 5 – Network Address Translation
Chapter 6 – Traffic Shaping
Chapter 7 – Virtual Private Networks
Chapter 8 – Redundancy and High Availability
Chapter 9 – Multiple WANs
Chapter 10 – Routing and Bridging
Chapter 11 – Extending pfSense with Packages
Chapter 12 – Diagnostics and Troubleshooting
14
Another Book You May Enjoy
Another Book You May Enjoy
Leave a review - let other readers know what you think

Summary

In this chapter, we covered NAT, the reasons it was implemented, and the issues that it raises. We also covered both Static NAT, or 1:1 NAT, and Dynamic NAT, which covers both Outbound NAT and Port Forwarding. Although understanding all of these types of NAT are key to a thorough understanding of the technology, we also acknowledged that Port Forwarding is most commonly equated with NAT, and is probably the most likely form of NAT you will utilize. We also covered NPt, which is a rarely used method of mapping IPv6 public addresses to IPv6 private addresses, but does have its applications, particularly with multihoming.

Understanding this chapter is important, as we will return to NAT in subsequent chapters. For example, in Chapter 7, Virtual Private Networks (VPNs), we will use Outbound NAT to redirect traffic when setting up VPN tunnels. At the very least, you will want...

Previous Section
End of Section 9
Next Section