pfSense 2.x Cookbook
eBook - ePub

pfSense 2.x Cookbook

Manage and maintain your network using pfSense, 2nd Edition

  1. 298 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

pfSense 2.x Cookbook

Manage and maintain your network using pfSense, 2nd Edition

Book details
Book preview
Table of contents
Citations

About This Book

A practical, example-driven guide to configuring even the most advanced features of pfSense 2.x

Key Features

  • Build a high-availability fault-tolerant security system with pfSense 2.x
  • Leverage the latest version of pfSense to secure your cloud environment
  • A recipe-based guide that will help you enhance your on-premise and cloud security principles

Book Description

pfSense is an open source distribution of the FreeBSD-based firewall that provides a platform for flexible and powerful routing and firewalling. The versatility of pfSense presents us with a wide array of configuration options, which makes determining requirements a little more difficult and a lot more important compared to other offerings.

pfSense 2.x Cookbook ā€“ Second Edition starts by providing you with an understanding of how to complete the basic steps needed to render a pfSense firewall operational. It starts by showing you how to set up different forms of NAT entries and firewall rules and use aliases and scheduling in firewall rules. Moving on, you will learn how to implement a captive portal set up in different ways (no authentication, user manager authentication, and RADIUS authentication), as well as NTP and SNMP configuration. You will then learn how to set up a VPN tunnel with pfSense. The book then focuses on setting up traffic shaping with pfSense, using either the built-in traffic shaping wizard, custom floating rules, or Snort. Toward the end, you will set up multiple WAN interfaces, load balancing and failover groups, and a CARP failover group. You will also learn how to bridge interfaces, add static routing entries, and use dynamic routing protocols via third-party packages.

What you will learn

  • Configure the essential pfSense services (namely, DHCP, DNS, and DDNS)
  • Create aliases, firewall rules, NAT port-forward rules, and rule schedules
  • Create multiple WAN interfaces in load-balanced or failover configurations
  • Configure firewall redundancy with a CARP firewall failover
  • Configure backup/restoration and automatic configuration-file backup
  • Configure some services and perform diagnostics with command-line utilities

Who this book is for

This book is intended for all levels of network administrators. If you are an advanced user of pfSense, then you can flip to a particular recipe and quickly accomplish the task at hand; if you are new to pfSense, on the other hand, you can work through the book chapter by chapter and learn all of the features of the system from the ground up.

Frequently asked questions

Simply head over to the account section in settings and click on ā€œCancel Subscriptionā€ - itā€™s as simple as that. After you cancel, your membership will stay active for the remainder of the time youā€™ve paid for. Learn more here.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlegoā€™s features. The only differences are the price and subscription period: With the annual plan youā€™ll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access pfSense 2.x Cookbook by David Zientara in PDF and/or ePUB format, as well as other popular books in Informatik & Cybersicherheit. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Packt Publishing
Year
2018
ISBN
9781789808087
Edition
2
Topic
Informatik
Subtopic
Cybersicherheit

Initial Configuration

In this chapter, we will cover the following recipes:
  • Applying basic settings to General Setup
  • Identifying and assigning interfaces
  • Configuring a WAN interface
  • Configuring a LAN interface
  • Configuring optional interfaces
  • Enabling SSH access
  • Generating authorized RSA keys
  • Configuring SSH RSA authentication
  • Accessing the SSH
  • Configuring VLANs
  • Assigning interfaces from the console
  • Configuring a WAN interface from the console
  • Configuring a LAN interface from the console
  • Configuring optional interfaces from the console
  • Configuring VLANs from the console

Introduction

pfSense is open source software that can be used to turn a computer into a firewall/router. Its origins can be traced to the FreeBSD packet-filtering program known as PF, which has been part of FreeBSD since 2001. As PF is a command-line utility, work soon began on developing software that would provide a graphical frontend to PF. The m0n0wall project, which provides an easy-to-use, web-based interface for PF, was thus started. The first release of m0n0wall took place in 2003. pfSense began as a fork of the m0n0wall project.
Version 1.0 of pfSense was released on October 4, 2006, and version 2.0 was released on September 17, 2011. A key point in the development of pfSense took place with the release of Version 2.3 on April 12, 2016. This version phased out support for legacy technologies such as Point to Point Tunneling Protocol (PPTP), Wireless Encryption Protocol (WEP), and Single DES, and also provided a face-lift for the web GUI. Version 2.4, released on October 12, 2017, continues this trend of phasing out support for legacy technologies while also adding features. Support for 32 bit x86 architectures has been deprecated, while support for Netgate Advanced RISC Machines (ARM) devices has been added. A new pfSense installer (based on FreeBSDā€™s bsdinstall) has been incorporated into pfSense, and there is support for the ZFS filesystem, as well as the Unified Extensible Firmware Interface (UEFI). pfSense now supports multiple languages; the web GUI has been translated into 13 different languages.
This chapter will cover the basic configuration steps common to virtually all deployments. Once you have completed the recipes in this chapter, you will have a fully functional router/firewall. By following the recipes in subsequent chapters, you can enhance that functionality by adding specific firewall rules, enabling traffic shaping, adding load balancing and multi-WAN capabilities, and much more.

Applying basic settings to General Setup

This recipe describes how to configure core pfSense settings from the web GUI.

Getting ready

All that is required for this recipe is a fresh install of pfSense and access to the web GUI.
On a new install, the default login credentials are Username: admin and Password: pfsense

How to do it...

  1. In the web GUI, navigate to System | General Setup.
  2. In the first section of the page (System), enter a Hostname. This name can be used to...

Table of contents

  1. Title Page
  2. Copyright and Credits
  3. About Packt
  4. Contributors
  5. Preface
  6. Initial Configuration
  7. Essential Services
  8. Firewall and NAT
  9. Additional Services
  10. Virtual Private Networking
  11. Traffic Shaping
  12. Redundancy, Load Balancing, and Failover
  13. Routing and Bridging
  14. Services and Maintenance
  15. Backing Up and Restoring pfSense
  16. Determining Hardware Requirements
  17. Other Books You May Enjoy