Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [pfsense]

pfsense is a customized FreeBSD+pf distribution designed for use as a firewall. It wraps many of the features of the pf firewall code in an easy-to-use web interface.

pfSense is an open-source firewall product built on top of FreeBSD and the OpenBSD pf firewall.
It provides a graphical (web-based) interface for configuring and managing firewall rules, as well as viewing traffic and firewall decisions (accept/reject).

pfsense is available as a pre-built applicance (such as OPNSense or StrongBochs) or as installable software directly from the pfSense project's site.

pfsense is similar in concept to m0n0wall, however as of this writing m0n0wall uses the ipfilter packet filter.

811 questions
0
votes
1 answer

Connect VM Behind pfsense interface to host on physical home router

I have a Hyper-V server (192.168.1.251) on my home network. My home router is 192.168.1.1. I have a PFSense VM with a bridged network adapter (192.168.1.177) I have a couple of interfaces connected to the PFSense VM and the hosts on all those…
Paul Hill
  • 1
0
votes
0 answers

PfSense(on ESXi) on hetzner, IP Subnet not working

i have one primary IP of Hetzner DS(with ESXi on it, and pfsense). i got a subnet of /29 from hetzner. they say that the subnet IPs must route through Primary IP address of server, like if server IP is 1.1.1.5 then my subnet 2.2.2.2/29 must have…
Farhan
  • 4,210
  • 9
  • 47
  • 76
0
votes
1 answer

Not able to forward Pfsense 2.4.4 Squid log to elk

I have tried a couple of options so far but not able to forward logs to my elk server. Can someone please help me on this and guide me what configuration changes I have to make in order to achieve this.
Chandan Singh
  • 34
  • 5
0
votes
2 answers

pfSense allow ping only from 1 IP address

We are a dutch company with an office in the USA. This office has an pfSense firewall device with the 182.12.12.12 IP address . In the Netherlands' office we have an IP address like this: 100.12.10.12 Is there a way that we can set up a rule in…
klaashansen123
  • 7
  • 1
  • 1
  • 2
0
votes
1 answer

scp to pfsense not working

When ever I try to scp a file from pfsense I get back what appears to be the help for pfsense's scp: scp admin@fw:/tmp/test /tmp/ usage: scp [-12346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P…
ndemou
  • 1,215
  • 2
  • 16
  • 27
0
votes
2 answers

pfSense: Allow VLAN Access to all but WAN

I have machines in a VLAN and I need to have them access all but not get out to the internet. I have tried this (and lots of others options) but nothing is working. I simply need to block internet access and allow all other access. From how I…
dross
  • 385
  • 1
  • 3
  • 10
0
votes
1 answer

Share AWS DirectConnect between multiple accounts

AWS allows you to share your DirectConnect connection amongst multiple AWS accounts via a hosted virtual interface (instructions here). I have a pfSense device on the local side of an MPLS line for the BGP connection. All of this works currently. …
TPCoMatt
  • 67
  • 4
0
votes
2 answers

carp versus proxy arp

Currently I have a redundant pfSense firewall system set up for our corporate server farm. The main router IPs are sharing an IP address through Carp. Our two public /27 networks are assigned as proxy arp addresses to the wan interfaces and are…
goose
  • 151
  • 7
0
votes
2 answers

pfSense: add multiple static IP/MAC bindings?

I have a pfSense router that handles some labs. It is configured such that DHCP only hands out IP addresses for machines listed in the static IP/MAC bindings list. Whenever we upgrade a lab with new machines, I have to manually remove all of the old…
b_laoshi
  • 103
  • 5
0
votes
1 answer

NFS w/Kerberos - Network change broke auth?

So, I've recently changed my network setup a bit, and for reasons I'm still trying to suss out replacing the old router with a new PFSense box appears to have broken the authentication within the network somehow. The network setup uses a Kerberos…
Adam Luchjenbroers
  • 218
  • 1
  • 2
  • 10
0
votes
1 answer

Split DNS and internal port forwarding

I have a pfSense firewall running in a pretty standard configuration, 1 WAN, 1 LAN. On both sides of the pfsense I'd like to make available a service via DNS name, lets say "service.domain.com". For WAN the DNS entry points to the WAN IP address of…
HannesS
  • 322
  • 5
  • 17
0
votes
2 answers

VPN Connection to Windows Network behind Firewall

We have a Windows network with a single Windows Server 2012 server which works domain server as well as a file server, which is protected by pfSense firewall. We want to allow a specific user (with company-owned laptop joined to the domain) to…
D Navi
  • 1
0
votes
1 answer

Unifi AP-PRO with pfSense running FreeRADIUS, with MySQL database externally

I'm in the process of moving from a set of Aerohive AP's to Unifi AP-PRO to increase the range of our wifi. Adding more Aerohives could be a solution, but they're way more expensive and I already have good experiences with the Unifi range of AP's…
Jacob F.
  • 1
  • 2
0
votes
1 answer

pfSense unable to LDAP bind to Active Directory Server

I've been instructed to setup an OpenVPN Server on our local pfSense VM. I've combed over tutorials and guides, netgate, openvpn documentation and I feel I must be missing something. I've tested the AD Servers ability to bind using ldp.exe* I can…
nulltron
  • 103
  • 1
  • 6
0
votes
0 answers

PfSense double nat and opening ports with ISP modem

At the office we I have a router/modem from my ISP which cannot be used in bridge mode, unfortunately. So I'll have to work with double NAT. Setup: (82.xx.xx.xx "wan" - ISP modem/router - 192.168.2.254 "lan") -> (192.168.2.254 "wan" - PfSense box -…
Nick D
  • 1
  • 3
1 2 3
54 55