Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [pfsense]

pfsense is a customized FreeBSD+pf distribution designed for use as a firewall. It wraps many of the features of the pf firewall code in an easy-to-use web interface.

pfSense is an open-source firewall product built on top of FreeBSD and the OpenBSD pf firewall.
It provides a graphical (web-based) interface for configuring and managing firewall rules, as well as viewing traffic and firewall decisions (accept/reject).

pfsense is available as a pre-built applicance (such as OPNSense or StrongBochs) or as installable software directly from the pfSense project's site.

pfsense is similar in concept to m0n0wall, however as of this writing m0n0wall uses the ipfilter packet filter.

811 questions
0
votes
1 answer

pfSense / Load Balancer: Access Virtual Server from LAN

I have a network as diagram below: On SITE A, pfSense firewall server public port for a virtual server (example: port X), virtual server have 2 pool: Pool 1: point to A_Srv_01 Pool 2 (Fall-back Pool): point to A_Srv_02 Virtual server listen on…
NothingCtrl
  • 191
  • 1
  • 11
0
votes
2 answers

OpenVPN: Route between 2 OpenVPN Servers on LAN

I have a strange scenario where I have 2 OpenVPN servers on my LAN (192.168.1.0/24) both over TUN. Server A (on 192.168.1.100) provides clients with addresses on the 172.16.0.0/24 subnet and Server B (192.168.1.1) provides clients with the…
Felix Jen
  • 403
  • 4
  • 17
0
votes
1 answer

ESXI, pfSense, 10gbE

Good day all! I will try and make this short and sweet. My current setup is: XS708T NETGEAR 10gbE switch ESXi Machine #1: 2x Intel 10gbE pfSense (VM) with WAN on one vSwitch, LAN on other vSwitch, NIC's above respectively for each. pfSense, Ubuntu…
Matthew Toye
  • 3
  • 3
0
votes
1 answer

Is NAT/Port Forwarding Faster than DNS Host Overrides?

I have a LAN based site that was setup to resolve via a internal domain like dev.example.com via host overrides in DNS resolver (overrides LAN request to dev.example.com to ). It was fast and worked great. Then we needed to access…
jtlindsey
  • 303
  • 1
  • 6
  • 15
0
votes
0 answers

Pfsense Multi-wan Access non default gateway

i have a pfsense setup with multiple wan from which they share a gateway group GW_group1 in the same tier i have it linked through tinc with another 2 setups with the same design and it redirects few ports to other servers and accepts connections…
VirusEcks
  • 111
  • 5
0
votes
1 answer

Freeradius 3 can't find Auth-Type for pfSense OpenVPN Auth-Requests

I've successfully set up Freeradius 3.0.12 with NTLM-Auth against a Samba 4.5.8 AD domain controller. Radtest works fine with every user and a correct password. When I try to authenticate OpenVPN users on pfSense against the Freeradius server, it…
Christopher Thonfeld-Guckes
  • 37
  • 2
  • 7
0
votes
1 answer

IPSec Tunneling Between 3 Different Sites

I need some help to shed me some lights over an IPsec tunneling. Here I will explain on my current setup. Site A <-------IPSEC------> Site B (HUB) <------IPSEC------> Site C 10.1.1.1/24 10.2.2.1/24 …
heezam
  • 1
  • 1
0
votes
2 answers

Block one device from accessing internet but allow all other destinations

If I have one device (192.168.12.5) on LAN interface that I want to prevent from accessing the internet and i put a rule (top rule #1) on LAN interface to: Block Protocol Ipv4* Source 192.168.12.5 Port * Destination ANY Port * Gateway * …
jtlindsey
  • 303
  • 1
  • 6
  • 15
0
votes
1 answer

pfSense WPA2 auth loop of death

I'm using a modern pfSense: FreeBSD 10.3-RELEASE-p19 FreeBSD #1 76a12c4e6(RELENG_2_3_4): Fri Jul 14 15:02:35 CDT 2017 with this wireless chip: ral0: at device 0.0 on pci3 ral0: MAC/BBP RT3090 (rev 0x3213), RF RT3020 (MIMO…
Reinderien
  • 202
  • 2
  • 13
0
votes
0 answers

DNS Host override to IP & port?

I have a service on my network at 192.168.1.60, the service is listening on port 8008. I have setup a DNS host override in PFSense so I can type in emby.mydomain.com and it will direct the traffic to 192.168.1.60. However, since the service is…
Douglas Gaskell
  • 266
  • 1
  • 3
  • 11
0
votes
1 answer

How to retain the source IP?

Network Diagram Hi Everyone, Could anyone help me with any solution on this? here's the setup: Client : 1.1.1.1 Public Server: 2.2.2.2 (Digital Ocean) pfSense : 3.3.3.3 WEBSERVER : 4.4.4.4 Public Server(Linux) is connected to pfSense…
Pak3rs
  • 1
0
votes
1 answer

How to prevent "GET slash" http DDoS attack from frontend

Yesterday our webservers running Apache2.2 got DDoSed from a botnet which caused nine (9) hours downtime. The attacker was just creating too many "GET /" connections with result our servers to reach cpu load 100 and finally rejecting further…
giomanda
  • 1,644
  • 4
  • 20
  • 30
0
votes
1 answer

Multiple internet connections and single firewall appliance

The company that I work for has three internet connections. We're planning to install a single firewall appliance that covers all of the three connections. I can theoretically imagine it being done by connecting all of the network lines to a single…
Arpan Adhikari
  • 1
  • 1
0
votes
0 answers

Upgrade error in Pfsense

I am experiencing an error while trying to upgrade Pfsense 2.3.2 to 2.3.3_1. [2.3.2-RELEASE] pfSense-upgrade -d Updating repositories metadata... Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense…
David
  • 21
  • 3
0
votes
1 answer

OpenVPN on pfSense, can ping but nothing else

I have an OpenVPN setup on a pfSense to give me access to the private network. Everything works fine, I can connect and ping the VMs on the private network no problem; but when I try to request a web page (or anything else really) the packet comes…
GmodCake
  • 111
  • 5
1 2 3
54 55