How to Install and Configure pfSense Firewall Router on Linux

PfSense is an open-source tool based on FreeBSD, developed to function as a firewall within internal networks. Let's explore with TotHost how to install and configure the pfSense firewall router.

pfSense is an open-source tool based on FreeBSD, developed to function as a firewall in internal networks. Let's explore how to install and configure the pfSense firewall router with TotHost.

Every year, countless companies and users fall victim to data breaches caused by viruses like WannaCry, ZeroDays, or hacker groups exploiting operating system vulnerabilities for attacks. Establishing a security system worth thousands of dollars is unrealistic for small businesses and individual users. Instead, we can use tools to mitigate these vulnerabilities. One specific and fundamental tool, usable by network administrators, IT support personnel, or anyone providing assistance, is pfSense.

1. What is pfSense?

1.1. Definition of pfSense

Pfsense is an open-source tool based on FreeBSD, developed to function as a firewall in internal networks.

Pfsense helps us centrally control various network interfaces within the local network. This tool also allows access to real-time information about what is happening in the system. As a result, we can identify entities that may affect security or information.

1.2. Features of Pfsense

Some features of the Pfsense firewall include:

• Ability to filter IP addresses by source and destination or by TCP and UDP ports.
• You can limit multiple connections by creating rules.
• Pfsense uses p0f technology, an advanced passive OS fingerprinting, to filter operating systems upon login.
• For example, we can block all machines with macOS or Windows operating systems from logging in.
• Traffic logging can be enabled (or disabled) based on certain rules.
• Allows creating aliases to group IP addresses, ports, and networks.
• Simple process for disabling rules.
• Continuous monitoring of directives to obtain real-time data.
• pfSense also produces network devices such as SOHO networks, router-modem combos, among others.

2. Installing and Configuring pfSense on Linux

2.1. Requirements for installing pfSense

The ideal setup for using pfSense is to dedicate a system to it with the goal of monitoring the entire network, and these are the minimum requirements:

• CPU with a speed of 500 MHz, recommended 1 GHz.
• 1 GB of RAM.
• 4GB of hard drive storage capacity.
• Minimum of 2 network cards.

2.2. Downloading and Installing pfSense on Ubuntu 17

Step 1: The first step is to download the following link in ISO format with options such as:

• Select installation or update.
• Identify the device architecture (32 or 64 bit).
• Choose any download repository.

Step 2: We can burn the ISO image onto CDs or DVDs or onto a bootable USB and configure the boot from it on the computer where it's being installed. When the installation process begins, you will see the following window:

Step 3: There, we enter the number 1. You will see the process of loading the pfSense installation components begin:

Step 4: Once completed, the following window will be displayed. Select <Accept these Settings> using the scroll arrows:

Step 5: Press Enter and select <Quick/Easy Install>:

Step 6: Press Enter. The following message will appear. Press OK:

Step 7: The pfSense installation process begins:

Step 8: After a while, the following message related to the application kernel will appear. Select the Standard Kernel line and press Enter:

Step 9: The pfSense configuration process ends, and you will see the message below. Here, we need to remove the installation media from the device and select the <Reboot> button to restart the device.

3. Configuring pfSense on Ubuntu 17

Step 1: When the system restarts, we will see the following window:

Step 2: In this case, enter the number 1 because we will first assign network interfaces. After pressing Enter, this will be the configuration we will see:

em0: WAN Interface

em1: LAN Interface

Step 3: Then, the system will ask if you want to display Vlan for its configuration. Here, enter the letter 'n' (no) and press Enter.

Step 4: Next, we need to enter the name of the WAN interface: em0 and press Enter.

Step 5: Enter the name of the LAN interface: em1 and press Enter again.

Step 6: After pressing Enter, we will see a summary of the interface configuration. If it's correct, enter the letter 'y' to confirm:

Step 7: We can see the changes being applied correctly:

Step 8: Return to the main menu of pfSense. This time, select option '2' to set the IP address on the LAN interface:

Step 9: By pressing Enter, the two configured interfaces will be displayed. Enter '2' to select the LAN interface, and we will assign the corresponding IP address not assigned to any other device, which could be the gateway for devices in the local network:

Step 10: After assigning the IP address, press Enter. We will assign the netmask in the displayed format, in this case, enter the number 24:

Step 11: The system will ask us if we want to assign an IPv4 address to the WAN interface. Since it's not necessary, press Enter to skip this step:

Step 12: Continue pressing Enter, and the IPv6 address configuration will be requested:

Step 13: The question about whether we want to enable DHCP on the LAN network. Enter the letter 'y' to configure it, where we will specify the initial and final IP range:

Step 14: The final optional question about whether to restore the HTTP protocol is not recommended because pfSense uses HTTPS protocol for better access security. Enter 'n' and press Enter. A summary will be displayed, where you can see how to use pfSense for corresponding management via the local network:

4. Accessing pfSense on Ubuntu 17

As mentioned, we can configure any IP address within the local network. To verify, we configure pfSense with the IP address 192.168.1.101 to access it through any computer on the local network.

Step 1: Go to any browser and in the address bar, we will enter:

https://192.168.1.101

Step 2: In the displayed window, there will be an insecure connection. To access it, click on the Advanced button. Then, we click on Add Exception:

Step 3: After adding the exception for this IP address, we will have access to the pfSense dashboard. There, enter the following information:

• Username: admin
• Password: pfsense

Step 4: Click on the Log in button and you will need to configure some parameters in the platform. First, we will see the welcome screen:

Step 5: Next, we will see the general information window where we can enter details such as server name, domain name, DNS server, etc.:

Step 6: Click Next. In the next window, you can configure the server's time zone:

Step 7: Configure the WAN interface with values such as:

• Type (DHCP or Static)
• MAC Address
• MTU and MSS
• IP address, subnet mask, and Gateway in case of selecting the static option, etc.

Step 8: Once these values are configured, click Next, and now we can configure the LAN interface, the displayed values are already assigned in the pfSense configuration:

Step 9: Later, we can specify the password for the pfSense graphical interface:

Step 10: Finally, we will see the following window. Here, click on the Reload button to apply all changes:

Step 11: And this will be the result:

5. Environment of pfSense on Ubuntu 17

Step 1: Click on the line 'Click here to continue on to pfSense webConfigurator' and this will be the environment provided by pfSense:

Step 2: We can see details of available interfaces as well as real-time system information such as:

• Name
• System type
• BIOS data
• Platform
• Processor type
• Uptime
• DNS server, among others.

Step 3: We can observe that the pfSense structure contains several tabs where we can access various information such as:

System: It allows access to the following options:

• Advanced
• Certificates & Manage (certificate management)
• General settings
• Logout
• Package management
• Routing
• Wizard setup
• Updates (pfSense updates)
• User management

Interfaces: Allows us to manage the WAN and LAN interfaces of pfSense.

Firewall: Includes the following options:

• Aliases (Alias)
• NAT
• Rules
• Schedules
• Traffic shaper
• Virtual IPs (Allows you to manage virtual IP addresses).

Services: Contains options such as:

• DHCP Relay
• DHCP Server
• DNS Forwarder
• DNS Resolver
• Dynamic DNS
• NTP
• SNMP and others.

VPN: Allows us to access VPN functions such as:

• IPsec
• L2TP
• OpenVPN

Status: Through this tab, we can see real-time status of parameters, such as:

• Dashboard
• Reload filter
• Ports
• Interfaces
• IPsec
• Services
• Queues
• NTP, among others.

Diagnostics: This option allows viewing detailed diagnostics of values, such as:

• ARP table
• Authentication
• Backup and restore
• Command prompt
• DNS lookup
• Hang up system
• NDP
• Packet capture
• pfInfo
• pfTop (Top processes)
• Socket
• Activity summary
• Traffic graph
• Routing table and much more

With pfSense, we have a valuable tool to protect and monitor all events in the Linux environment.

Source: Admininfo