• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

FRONTPAGE Building a pfSense Firewall

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
Overclockers.com

Overclockers.com

Member
Joined
Nov 1, 1998
Jay_III said:
Today I would like to share some of my experiences with you in regards to firewalls, as this is an area of computing that is often overlooked. Far too many people rely simply on the Windows firewall and whatever filtering is done by your router. You're being left in the dark about what is actually being filtered or done, can you even trust this? I hope after today I can help you take more control over your own network and its security.
Click to expand...


... Return to article to continue reading.
 
Last edited by a moderator:
Now that, ladies and gentlemen, is how you make a tutorial. Very well done Jay! :clap:
 
Very well done, and good timing.

I actually just bought 3 Dell 2650 servers for dirt cheap and was planning on doing the very same with one of them. (Waiting on network parts though...)
 
All your screenshot pics of pfsense do not open up, you need to link them in WPress
Fantastic write up btw :)
 
what hokie said! This is a fantastic tutorial, I read this the other day at work and was really excited about it. I went home that night and used an old pc to set this up and has been great. A little tricky at first as I've never used a firewall before (besides windows).
 
I put some hardware together and installed this and seems to work good. I had to take my router out to get it to work though. I am a noob at this kind of thing and don't know how to make this work together with my router.

If I put the router next in line I cannot access the settings and configuration. I am sure I have to disable the firewall that is built in to the router or set some kind of passthrough things. :shrug:

Please excuse all of my technical illiteracy.
 
xsuperbgx said:
I put some hardware together and installed this and seems to work good. I had to take my router out to get it to work though. I am a noob at this kind of thing and don't know how to make this work together with my router.

If I put the router next in line I cannot access the settings and configuration. I am sure I have to disable the firewall that is built in to the router or set some kind of passthrough things. :shrug:

Please excuse all of my technical illiteracy.
Click to expand...

You will ahve to disable DHCP on your router and set the router's IP to somethign that is within the range you'll specify withing PF sense, but not in it's DHCP range, and obviously not the same IP as the PFsense machine.

This article has finally pushed me to upgrade my router from IPCOP, gonna give this a whirl and see how i feel about it.
 
Great job, I'm just finishing up Hardening down a OS to use as a honeypot for a Lab class we haven't really touched much on the network side of things so it was a handy read!

We focus more on the software side of things, disabling commands, ports ect.
 
I have been working on getting one of these in place. I found out that to use router with it, you need to assign a different IP address to the router, also, plug the incoming wire from the firewall into the lan port, not Wan.

My biggest issue now is getting the filter figured out, so that it keeps the garbage out, without effecting regular browsing and surfing.
 
Usually you don't plug a "router" in front of pfSense since pfSense does the routing. And as a sidenote, the word "router" is somewhat charming to the retail boxes from Asus, AVM, whatnot and it's more of a marketing term looking at their capabilities.

What you really need is a modem, either a cablemodem or a DSL modem in front of pfSense. And yes, it would go into the specified WAN port of pfSense, nothing else makes "sense" ;).

If you still want to use your old "router" as a modem (if it has an internal modem built in), search for bridging mode. That would allow pfSense to establish the conenction on its own [terms] through your old "router".
 
I used a cable modem but this was for the home internet that needs wired and wireless.
Therefore, it was cable modem-->pfsense firewall-->wireless n router
 
You said "was" as if your issue is a thing of the past. How's your setup right now? Do you still need assistance setting things up? May I can help with pfSense and you can help me with overclocking ;)
 
I got it set up already. There should be plenty of help around here for overclocking too...

Edit: I see an older thread of yours. Are you still having the same issue or something else?
 
Oh, now that's just friggin' awesome! I sooooo want to build one! Thanks for that write up, what a great read.
 
xsuperbgx said:
Edit: I see an older thread of yours. Are you still having the same issue or something else?
Click to expand...

I updated the kernel and the Linux Mint version, but also changed some settings. I can't definitely say what caused the lockups, because back then I was experimenting with BIOS and kernel settings quite a lot.

Currently I'm stable at 4500, experience infrequent freezes for about 10 seconds and I would say 5% of these freeses are permanent and I have to hard reset.

On the forums they say it's because of the GPU (I'm using the Intel HD 3000 onchip).

Maybe I could take BIOS screens and you could glance over them?
 
Just in case someone is thinking about one but the Supermicro board looks expensive. You want Intel NICs. No, you don't want any VIA/Broadcom/Realtek NIC. You need Intel for servers. They are the only reliable stuff you will find. Don't cheap out on NICs for a gateway. Believe me. I did. I regret.

My WAN card (Realtek) gave me headaches, for a long time. Replaced it with an Intel. All the problems disappeared. I no longer drop connection with my PPPoE modem.
 
WARNING:Dont buy this specially for PFSense!!! ull regret IT

Finally i can react on this micro crap board, i bought it because i thought i could make a stable "semi hardware firewall ,i have some concerns and i wil lcontact my reseller about it because i had some major problem with it wich will not be fixed soon sinds their are two problems, one is a USB problem in de mobo board itself wich i cannot debug fully because i dont have the right stuff to check it it needs a special mobo debugger and the other problem is,lays probertly in the PFsense kernel itself it simply doenst support the USB drivers and the problem lays probertly much deeper but after 72 hour of fully testing i give up ,than before some winers go shout here are the problems!i will give the outcome now: (this error event even happend without usb wifi installed on (run0)wlan_run0)
uhub_reattach_port: port 1 reset failed. error=usb_err_timeout (under this line it says same begin as above but with usb_err_timeout disabling port 1 ,ok so this is the error log, before some says try this or that belive me ive tried everything from bios settings to new installs 32/64bits allmost everything ecept for the things like hardware debugging console and testing cause i simply dont have the equipment for it :salute: furthermore i could do two or three things but i decided to if posible try to get my money back ,ask a new mobo because of posible internal failur or i could wait for a distro of pfsense to come out with all things fixed but am affraid i have to wait a very long time and i dont think this can be fixed because their are so many boards and they wont test all of them :shock: when i begun on this project i had good confidence that it would work but now i am really sad and unsatisfied with the outcome ,unless someone could talk me outoff this sadness called pfsense(i dont meen all of pf just the new kernel wich is sad at this moment) and x7spa-d525-h super micro usa crapboards :facepalm: shortly said dont invest in this hardware, and sorry for all my to much :blah: http://www.overclockers.com/building-pfsense-firewall if give me one moment i will make a photo of the error, weirdly enough i am trying to generate it again than i will put the photo here..,
2md3vup.jpg
a14swy.jpg
mb47ll.jpg

The testing was done with the latest PFSense knightly build 64bits and latest update.

greets vasty)"
 
Last edited:
You must log in or register to reply here.

Similar threads

don256us
Happy Thanksgiving T32. (That's you. I'm wishing you a Happy Thanksgiving.)
Replies
2
Views
622
don256us
don256us
Max0r
Hard Drive Product Lines & Reliability Factors in 2022
Replies
12
Views
1K
ihrsetrdr
ihrsetrdr
ps2cho
Is setting up a PFSense hardware firewall server beneficial?
Replies
0
Views
303
ps2cho
ps2cho
don256us
T32 EOC WIR 20Jun20: 5 Billion and the return to milestones.
Replies
9
Views
845
Slayer2003
Slayer2003
P
Building a firewall/router from an old PC, I need some advice.
Replies
1
Views
588
RubyBeats
RubyBeats
Back