Hey folks today we are gonna learn "How to setup a dedicated firewall " it can be used for Home network or Small Business or even for your Pen-testing Lab.
About pfSense : pfSense is a open source stateful firewall. A stateful firewall monitors the state of its each connection and makes decisions according to the information obtained. It is loaded with tons of features in it.
Features of pfSense :
- Stateful packet inspection
- Web Based GUI
- IPv4 & IPv6 support
- DHCP Server
- Package manager
- PPPoE Server
- Packet capture & Sniffer
- more can be found here
Requirements :
- CPU - 1Ghz or more
- RAM - 1GB
- Hardrive space - 1GB
- Bootable media (download iso according to your architecture form here)
- 2 network adapter (for WAN & internal network)
Sample architecture of our networks :
Note : Installing router before the firewall is always recommended as the router is faster in filtering the traffic as compared to the firewall. You can always add some rules to the router so that you can eliminate the unwanted packets form the internet.
 |
| 1 |
 |
| 2 |
 |
| 3 |
 |
| 4 |
Note : You can also install pfSense in virtual machine thus creating a simple lab for networking testing and penetration testing. As show in the figure below.
Procedure :
- Attach both the adapters to your machine. One will be for WAN(i.e. your internet cable) and other for our internal network cable. If making virtual machine add 2 adapters one as Bridge network and other for internal network like this.
- Now insert your bootable medium and let it boot up. After booting you will see something like this. Let it go through autoboot ,don't press any key during this process.
- After autoboot is completed it will show up all valid interface's connected. And then the setup will ask if you want to setup VLAN's, enter "n". Now the setup will ask for the WAN and LAN interfaces. Set le0 for WAN and le1 for LAN respectively.
- After you have setup WAN & LAN interface, the setup will show what changes you have made recheck them before moving forward. Then you will be asked if you want to proceed type "y".And you will be presented to the following screen.
- Now select "2" to assign IP address to our interfaces. Leave WAN as it is and press "2" again to assign IP to our LAN interface. I have entered 10.0.0.1 in my case you can also assign the same or your preferred IP and press enter. Next you will be asked to enter your subnet masks enter 24 . If you don't know what subnet mask is please consider researching about it.
- Now you will be asked whether you want to start DHCP server on LAN, press "y". Now enter the starting and ending range for IP address I have entered 10.0.0.2 and 10.0.0.10 ,so now our LAN can allow up to 9 different devices excluding our firewall. After entering the range of IP's for the LAN you will be asked whether you want to start HTTP webconfiguratio GUI enter "y".
All the configuration have been finished now lets install pfSense. Press 99 to start installation. The following images of the installation are self explanatory.
Now the installation is completed lets connect your Linux or Windows machine to the LAN port and open http://10.0.0.1/ with the following credentials.
By default your LAN machine will not have any internet connection. To turn on the internet connection go to Services>DHCP Server. Now there search for DNS Servers enter there 8.8.8.8 and 8.8.4.4 or your DNS server .
That's it now you have successfully installed pfSence for your network. In the Next tutorial I will show you how to configure pfSense.Sign up here with your email
- Now insert your bootable medium and let it boot up. After booting you will see something like this. Let it go through autoboot ,don't press any key during this process.
Next
« Prev Post
« Prev Post
Previous
Next Post »
Next Post »
ConversionConversion EmoticonEmoticon