PFsense Configuration with Topology and Screenshots - NETSEC

Latest

NETSEC

Learning, Sharing, Creating

Cybersecurity Memo

Wednesday, February 6, 2019

PFsense Configuration with Topology and Screenshots

pfSense is an open source routing and firewall software that is based on the FreeBSD distribution. The basic features including:
pfSense Home Topology

  • Static/default/dynamic routing
  • Stateful firewall
  • Network Address Translation (NAT)
  • Virtual Private Networks (VPN)
  • Dynamic Host Configuration Protocol (DHCP)
  • Domain Name System (DNS)
  • Load balancing and so on. 

With many supported add-on packages, other advanced features including:
  • Snort (for Intrusion Detection and Prevention)
  • FreeSWITCH (Voice over IP)
  • Squid (Proxy)
  • SquidGuard (URL Filtering/HTTPS inspection)
  • Darkstat (Network Traffic Monitor)

Here is my home pfSense firewall topology and configuration with screenshots and YouTube videos.

1. Topology and Installation


pfSense Installation YouTube Video:


2. Configuration Screenshots
2.1 Log into pfSense and Dashboard shows


2.2 System - General Setup

2.3 System - Package Manager
I have following packages installed:

  • Cron: The cron utility is used to manage commands on a schedule.
  • Lightsquid: LightSquid is a high performance web proxy reporting tool. Includes proxy realtime statistics (SQStat). Requires Squid package. 
  • Open-VM-Tools: VMware Tools is a suite of utilities that enhances the performance of the virtual machine's guest operating system.
  • Squid:High performance web proxy cache (3.5 branch). It combines Squid as a proxy server with its capabilities of acting as a HTTP / HTTPS reverse proxy.
  • squidGuard: High performance web proxy URL filter. 


2.4 Interfaces




2.5 Firewall Rules


There are some NAT settings, but all are default.

2.6 Services - Cron
I have set up a daily restart task for my pfSense.

2.7 Services - Squid Proxy Server




2.8 SquidGuard Proxy Filter







2.9 Squid Proxy Reports






Notes: If in the status report, it only shows IP name, here is a solution I found online:

In an environment were pfSense is the only DNS server internally I have configured pfSense to look to itself first.  This is what my config looks like.
  • Disable DNS resolver
  • Services | DNS Forwarder

check - Enable DNS forwarder
check - Register DHCP leases in DNS forwarder
check - Register DHCP static mappings in DNS forwarder

  • System | General Setup | DNS Servers

1st DNS Server - 127.0.0.1
2nd DNS Server - 8.8.8.8
3rd DNS server - 1.1.1.1
4th DNS server - 8.8.4.4
uncheck - Allow DNS server list to be overridden by DHCP/PPP on WAN



Related YouTube Videos:











Read more

Subscribe via email

Author Image

About Netsec
Netsec - Learning, Sharing, Creating!

-
Tags:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)