Đang Tải...
10/04/2024
PfSense is an open-source tool based on FreeBSD, developed to function as a firewall within internal networks. Let's explore with TotHost how to install and configure the pfSense firewall router.
Mục lục
Mục lục
pfSense is an open-source tool based on FreeBSD, developed to function as a firewall in internal networks. Let's explore how to install and configure the pfSense firewall router with TotHost.
Every year, countless companies and users fall victim to data breaches caused by viruses like WannaCry, ZeroDays, or hacker groups exploiting operating system vulnerabilities for attacks. Establishing a security system worth thousands of dollars is unrealistic for small businesses and individual users. Instead, we can use tools to mitigate these vulnerabilities. One specific and fundamental tool, usable by network administrators, IT support personnel, or anyone providing assistance, is pfSense.
Pfsense is an open-source tool based on FreeBSD, developed to function as a firewall in internal networks.
Pfsense helps us centrally control various network interfaces within the local network. This tool also allows access to real-time information about what is happening in the system. As a result, we can identify entities that may affect security or information.
Some features of the Pfsense firewall include:
The ideal setup for using pfSense is to dedicate a system to it with the goal of monitoring the entire network, and these are the minimum requirements:
Step 1: The first step is to download the following link in ISO format with options such as:
Step 2: We can burn the ISO image onto CDs or DVDs or onto a bootable USB and configure the boot from it on the computer where it's being installed. When the installation process begins, you will see the following window:
Step 3: There, we enter the number 1. You will see the process of loading the pfSense installation components begin:
Step 4: Once completed, the following window will be displayed. Select <Accept these Settings> using the scroll arrows:
Step 5: Press Enter and select <Quick/Easy Install>:
Step 6: Press Enter. The following message will appear. Press OK:
Step 7: The pfSense installation process begins:
Step 8: After a while, the following message related to the application kernel will appear. Select the Standard Kernel line and press Enter:
Step 9: The pfSense configuration process ends, and you will see the message below. Here, we need to remove the installation media from the device and select the <Reboot> button to restart the device.
Step 1: When the system restarts, we will see the following window:
Step 2: In this case, enter the number 1 because we will first assign network interfaces. After pressing Enter, this will be the configuration we will see:
em0: WAN Interface
em1: LAN Interface
Step 3: Then, the system will ask if you want to display Vlan for its configuration. Here, enter the letter 'n' (no) and press Enter.
Step 4: Next, we need to enter the name of the WAN interface: em0 and press Enter.
Step 5: Enter the name of the LAN interface: em1 and press Enter again.
Step 6: After pressing Enter, we will see a summary of the interface configuration. If it's correct, enter the letter 'y' to confirm:
Step 7: We can see the changes being applied correctly:
Step 8: Return to the main menu of pfSense. This time, select option '2' to set the IP address on the LAN interface:
Step 9: By pressing Enter, the two configured interfaces will be displayed. Enter '2' to select the LAN interface, and we will assign the corresponding IP address not assigned to any other device, which could be the gateway for devices in the local network:
Step 10: After assigning the IP address, press Enter. We will assign the netmask in the displayed format, in this case, enter the number 24:
Step 11: The system will ask us if we want to assign an IPv4 address to the WAN interface. Since it's not necessary, press Enter to skip this step:
Step 12: Continue pressing Enter, and the IPv6 address configuration will be requested:
Step 13: The question about whether we want to enable DHCP on the LAN network. Enter the letter 'y' to configure it, where we will specify the initial and final IP range:
Step 14: The final optional question about whether to restore the HTTP protocol is not recommended because pfSense uses HTTPS protocol for better access security. Enter 'n' and press Enter. A summary will be displayed, where you can see how to use pfSense for corresponding management via the local network:
As mentioned, we can configure any IP address within the local network. To verify, we configure pfSense with the IP address 192.168.1.101 to access it through any computer on the local network.
Step 1: Go to any browser and in the address bar, we will enter:
Step 2: In the displayed window, there will be an insecure connection. To access it, click on the Advanced button. Then, we click on Add Exception:
Step 3: After adding the exception for this IP address, we will have access to the pfSense dashboard. There, enter the following information:
Step 4: Click on the Log in button and you will need to configure some parameters in the platform. First, we will see the welcome screen:
Step 5: Next, we will see the general information window where we can enter details such as server name, domain name, DNS server, etc.:
Step 6: Click Next. In the next window, you can configure the server's time zone:
Step 7: Configure the WAN interface with values such as:
Step 8: Once these values are configured, click Next, and now we can configure the LAN interface, the displayed values are already assigned in the pfSense configuration:
Step 9: Later, we can specify the password for the pfSense graphical interface:
Step 10: Finally, we will see the following window. Here, click on the Reload button to apply all changes:
Step 11: And this will be the result:
Step 1: Click on the line 'Click here to continue on to pfSense webConfigurator' and this will be the environment provided by pfSense:
Step 2: We can see details of available interfaces as well as real-time system information such as:
Step 3: We can observe that the pfSense structure contains several tabs where we can access various information such as:
System: It allows access to the following options:
Interfaces: Allows us to manage the WAN and LAN interfaces of pfSense.
Firewall: Includes the following options:
Services: Contains options such as:
VPN: Allows us to access VPN functions such as:
Status: Through this tab, we can see real-time status of parameters, such as:
Diagnostics: This option allows viewing detailed diagnostics of values, such as:
With pfSense, we have a valuable tool to protect and monitor all events in the Linux environment.
Source: Admininfo
TAG: IP
The default system language on Windows 10 is English. However, during use, you can switch to another language, such as Vietnamese, Chinese, etc., according to your preference. In this article, TotHost will guide you through the simplest and most detailed steps to change the language on Windows 10.
24/03/2025
Changing your password is an important measure to enhance security and prevent unwanted risks. Therefore, the first step to take after registering for a service is to change the password. Please follow the instructions from TotHost to change the password on your Linux server!
16/12/2024
When using VPS TOT K at TotHost, you will manage it through the Virt Fusion control panel. This article will guide you through operations with the Virt Fusion Panel.
21/10/2024
This article provides detailed instructions on how to register a VPS management account on the CloudGate portal (billing.tothost.vn) at TotHost.
01/10/2024
This article provides detailed instructions on how to upgrade the configuration of Cloud VPS TOT M and TOT D on the TotHost management page.
26/09/2024
Typically, your device will use DNS settings configured by your Internet Service Provider (ISP). However, you can proactively change these settings to optimize internet speed or bypass restrictions on certain websites. Check out this article from TotHost to learn how to check and change DNS settings on Linux and Windows servers!
11/09/2024
