Press "Enter" to skip to content

PFsense Configuration with Topology and Screenshots

0

pfSense is an open source routing and firewall software that is based on the FreeBSD distribution. The basic features including:

pfSense Home Topology
  • Static/default/dynamic routing
  • Stateful firewall
  • Network Address Translation (NAT)
  • Virtual Private Networks (VPN)
  • Dynamic Host Configuration Protocol (DHCP)
  • Domain Name System (DNS)
  • Load balancing and so on. 

With many supported add-on packages, other advanced features including:

  • Snort (for Intrusion Detection and Prevention)
  • FreeSWITCH (Voice over IP)
  • Squid (Proxy)
  • SquidGuard (URL Filtering/HTTPS inspection)
  • Darkstat (Network Traffic Monitor)

Here is my home pfSense firewall topology and configuration with screenshots and YouTube videos.

1. Topology and Installation

pfSense Installation YouTube Video:

2. Configuration Screenshots
2.1 Log into pfSense and Dashboard shows

2.2 System – General Setup

2.3 System – Package Manager
I have following packages installed:

  • Cron: The cron utility is used to manage commands on a schedule.
  • Lightsquid: LightSquid is a high performance web proxy reporting tool. Includes proxy realtime statistics (SQStat). Requires Squid package. 
  • Open-VM-Tools: VMware Tools is a suite of utilities that enhances the performance of the virtual machine’s guest operating system.
  • Squid:High performance web proxy cache (3.5 branch). It combines Squid as a proxy server with its capabilities of acting as a HTTP / HTTPS reverse proxy.
  • squidGuard: High performance web proxy URL filter. 

2.4 Interfaces

2.5 Firewall Rules

There are some NAT settings, but all are default.

2.6 Services – Cron
I have set up a daily restart task for my pfSense.

2.7 Services – Squid Proxy Server

2.8 SquidGuard Proxy Filter

2.9 Squid Proxy Reports

Notes: If in the status report, it only shows IP name, here is a solution I found online:

In an environment were pfSense is the only DNS server internally I have configured pfSense to look to itself first.  This is what my config looks like.

  • Disable DNS resolver
  • Services | DNS Forwarder

check – Enable DNS forwarder
check – Register DHCP leases in DNS forwarder
check – Register DHCP static mappings in DNS forwarder

  • System | General Setup | DNS Servers

1st DNS Server – 127.0.0.1
2nd DNS Server – 8.8.8.8
3rd DNS server – 1.1.1.1
4th DNS server – 8.8.4.4
uncheck – Allow DNS server list to be overridden by DHCP/PPP on WAN

Related YouTube Videos:

Leave a Reply

%d bloggers like this: