Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [pfsense]

pfsense is a customized FreeBSD+pf distribution designed for use as a firewall. It wraps many of the features of the pf firewall code in an easy-to-use web interface.

pfSense is an open-source firewall product built on top of FreeBSD and the OpenBSD pf firewall.
It provides a graphical (web-based) interface for configuring and managing firewall rules, as well as viewing traffic and firewall decisions (accept/reject).

pfsense is available as a pre-built applicance (such as OPNSense or StrongBochs) or as installable software directly from the pfSense project's site.

pfsense is similar in concept to m0n0wall, however as of this writing m0n0wall uses the ipfilter packet filter.

838 questions
8
votes
2 answers

pfSense Firewall or Linksys/Cisco router for small offices

I'm about to start switching some networks around for multiple small offices. Each office has about 10 to 15 users and 10 to 15 computers. Each office has a spread of generic routers and access points. The routers vary from being used as routers, to…
Tim Meers
  • 663
  • 6
  • 16
8
votes
4 answers

Wireless AAA for a small, bandwidth-limited hotel

We (the tech I work with and myself) live in a remote northern town where Internet access is somewhat of a luxury, and bandwidth is quite limited. Here, overage charges ranging from few hundreds, to few thousands of dollars a month, is not uncommon.…
Anthony Hiscox
  • 295
  • 1
  • 8
7
votes
1 answer

pfSense not forwarding DNS to concerned VPS

We are running Xenserver hyper-visor and I created 5 VM and 1VM for pfSense so all VMs are in 172.16.0.0/24 range attached to pfSenese LAN interface. pfSense has two interfaces: LAN (172.16.0.100 as a gateway for all VMs) and WAN with Failover_IP…
Ghayel
  • 71
  • 1
  • 6
7
votes
2 answers

public ip resolves externally but not internally

I have a one to one NAT on pfsense that assigns a public IP to an internal IP (running a web server). When I open the public IP from an internal machine, it will not resolve to the internal IP, instead it opens the router web page. When I open the…
001
  • 491
  • 1
  • 11
  • 21
7
votes
4 answers

pfsense log file retention

We have a pfSense firewall in our datacentre. By default, pfSense is only storing 500K of firewall filter logs, which is only a few hours for us. How can I increase this? pfSense uses clog rather than the usual BSD newsyslog. I only want the log…
Colin Pickard
  • 1,260
  • 2
  • 16
  • 28
7
votes
1 answer

How do I assign a public IP to a machine behind a pfSense box using 1:1 NAT?

This should be dead simple but for the life of me, I can't get it working. I must be doing something stupid. I have a PFsense server with a public IP address. Behind it is three LAN segments: [ Internet ] <---> [ pfSense] …
Josh
  • 9,190
  • 28
  • 80
  • 128
6
votes
0 answers

pfSense Internal Traffic Policy Based Routing

What is the current and correct way to apply policy based routing to pfSense internal traffic (originating from the firewall itself)? Creating a floating rule with the WAN interfaces selected, direction OUT and a gateway defined does not work…
Monstieur
  • 536
  • 3
  • 15
6
votes
1 answer

How do I configure a second pfSense server for failover?

I have 2 pfSense servers (the new and the old one) which are used as routers, DHCP and DNS servers. I want to configure the old one as a backup of the new one. It means that when all is ok, all the traffic is managed by the new one. And if the new…
jmlemetayer
  • 223
  • 1
  • 3
  • 8
6
votes
1 answer

Designing segmented LAN with fairly shared hi-speed internet access on a tight budget

With another member of the owners' association, I've been tasked with designing and setting up shared, hi-speed, internet access, for our apartment building. We have very little budget and hope to be able to do this, with the hardware already at…
abstrask
  • 1,688
  • 14
  • 24
6
votes
1 answer

How can I detect a DDoS attack using pfSense so I can tell my ISP who to block?

Last week my network was hit by a DDoS attack which completely saturated our 100 MBps link to the internet and pretty much shut down all the sites and services we host. I understand (from this experience as well as other answers) that I cannot…
Josh
  • 9,190
  • 28
  • 80
  • 128
6
votes
4 answers

IPv6 LAN to IPv4 with PFsense

Is it possible to setup PFsense to do IPv6 to IPv4? I am setting up an IPv6 LAN for "testing" and also to mess around with and I can't get an IPv6 address from my ISP so I need a way to change IPv6 to IPv4. Update Ok I upgraded to the PFsense 2.0…
AtomicPorkchop
  • 1,975
  • 8
  • 34
  • 55
5
votes
7 answers

Multiple devices with one IPv6 to the Internet?

I want to connect several devices (in the LAN) to the Internet via a single public IPv6 address. Unfortunately I did not find a good way to do this. The only idea I had was to tunnel everything from the PF/OPNsense via OpenVPN to an Raspberry Pi or…
Hannes
  • 301
  • 4
  • 9
5
votes
1 answer

pfSense: dynamic DNS does not update automaticaly - it knows it's outdated

I'm using dyndns with pfSense and I have a router connected on the WAN line (DHCP configuration). Every few days my ISP changes my IP but pfsense does not update it automatically. If I open the WebUI and visit the dynamic DNS service it shows my IP…
ndemou
  • 1,315
  • 3
  • 17
  • 28
5
votes
2 answers

pfSense + NAT and nginx - real IP not shown in logs

My current setup includes a pfSense firewall which port forwards public WAN traffic to a NAT internal IP. Example: 104.12.134.12:80 (WAN IP) port forwards all traffic to 192.168.1.104:80 This is working as expected, traffic is forwarded on…
steadweb
  • 161
  • 1
  • 7
5
votes
2 answers

pfSense - IKEv2 with EAP-RADIUS: Any fallback option if the RADIUS server is down?

I'm deploying an IKEv2 VPN authenticating against a RADIUS service within a pfSense 2.3-RELEASE box. But I'm afraid of the complications of this approach when the RADIUS server is down. Since the RADIUS is behind the pfSense box, in an event of a…
Vinícius Ferrão
  • 5,520
  • 11
  • 55
  • 95
1
2
3
55 56