Firewall is a network security device that acts as a filter for network or computer.It allows or block the data flow from internet to trusted connection(LAN). The firewall can be hardware, software or combination of both. The Firewall having some rules that are predetermined or user determined rules.
pfSense is a open source firewall/router which have user defined value to allow or block the network connection for some specific user or all users.It is based on the FreeBSD operating system. pfSense software is used to make dedicated firewall/router for a network and it is considered for its reliability and offers many features which mostly found in commercial firewalls.
Hardware Requirements:
- Minimum of Pentium processor
- 256MB of RAM
- 1GB of HDD
- 2 Ethernet card
- pfSense “.ISO” file in bootable pen drive
pfSense installation:
Step 1. First visit the pfSense download page and select your computer architecture and platform.
Step 2. After selecting the architecture and platform, you will get a list of mirrors to download, make sure to select nearest mirror link to download the image from there.
Step 3. After download completes, the downloaded image should be burn to a USB media as an ISO image before we start using it.
Step 4. Now switch on or reboot the target machine, place pfSense USB stick and set the BIOS options to your (USB) choose.
Step 5. As the pfSense starts booting, a prompt is displayed with some options and a countdown timer. At this prompt, press 1 to get install pfSense by default.
Step 7. Next, press ‘I ‘ to install fresh copy of pfSense.
Step 8. On the next screen, it will ask you to ‘Configure Console ‘, just press ‘Accept these settings‘ to move forward for installation process.
Step 9. Select a partition to install the pfSense,
Step 10. Once partitions has been created, you will see the installation process.
Step 11. At last for installing the kernel, you can choose from the options as Standard Kernel.
Step 12. After kernel has been installed, reboot the machine and configure the networking and more in next step as follows.
Machine Is Rebooting Now…..
Step 13. After rebooting, you will get the below screen with available interfaces to configure the network
emo–default internal Network Interface Card.
em1—External Network interface card.
Note: The first option is presented as VLAN’s, generally VLAN’s are not needed, and they are needed for advance networking, and simply here say ‘NO’
There are two interface’s emo and em1, I have planned to assign em0 as WAN and interface and em1 as LAN
Step 14. Continue by pressing Return Key. It will ask for the confirmation Yes/No proceed with Y and press enter to continue.
Step 15. After setting up interfaces, you will get the pfSense menu as show below
- WAN IP address will be assigned from DHCP. If you need you can assign a static IP.
- LAN IP address will be default as 192.168.1.1, if you want to change choose option 2 and set interfaces IP address.
First let me define a Static IP, subnet mask in Bit count and gateway for the WAN and LAN. Disable the DHCP and continue by choosing Y
Step 16. Then for LAN interface, if we need DHCP for local area network from pfSense we can assign a range of address from pfSense
I have chosen 192.168.0.15 as my pfSense LAN address and for client machine’s I need to assign an IP address from DHCP in the range of 192.168.0.16 – 192.168.0.25
Step 17.After all the above settings are performed, it will prompt you a link to access pfSense web configurator interface to configure further steps.
Step 18. Open the given link using HTTP protocol and enter the username as ‘admin‘and password ‘pfSense‘.
Step 19.Once you logged in, a setup wizard window appears that will guide you through the initial configuration of pfSense
Step 20. On the next screen, enter the hostname, and domain for pfSense, by following provide a Primary DNS server and secondary DNS and click Next
Step 21. Choose the time zone and click next to configure WAN
- On this screen, configure WAN interface, if you have a PPOE connection or if you need to use this pfSense machine as a router, you need to choose PPOE from the drop menu
Or
- Else simply select ‘static‘ and set the static IP address, gateway and click ‘Next‘ to continue…
Step 22. We’ve already configured LAN network in terminal mode, just move forward by choosing NEXT.After setting admin password, click on reload to make changes.
Step 23. Click on the link, will take you to pfSense Webconfigurator GUI Dashboard
Conclusion:
PfSense can be used as router or firewall with many advanced features such as traffic shaper, Load Balancer and much more. It can be used in small scale to large scale environment.