Preface
As computer networks become ubiquitous, it has become increasingly important to both secure and optimize our networks. pfSense, an open-source router/firewall, provides an easy, cost-effective way of achieving this – and this book explains how to install and configure pfSense in such a way that even a networking beginner can successfully deploy and use pfSense.This book begins by covering networking fundamentals, deployment scenarios, and hardware sizing guidelines, as well as how to install pfSense. The book then covers configuration of basic services such as DHCP, DNS, and captive portal and VLAN configuration. Careful consideration is given to the core firewall functionality of pfSense, and how to set up firewall rules and traffic shaping. Finally, the book covers the basics of VPNs, multi-WAN setups, routing and bridging, and how to perform diagnostics and troubleshooting on a network.
Who this book is for
This book is towards any network security professionals who want to get introduced to the world of firewalls and network configurations using Pfsense. No prior knowledge of PfSense is required.
What this book covers
Chapter 1, Getting Started with pfSense, discusses about a brief history of the pfSense project and the role it can play in a network and in the pfSense community
Chapter 2, Installing pfSense, discusses the role a pfSense router/firewall plays in a typical network considering the different deployment scenarios. The initial process is covered from the initial installion from either CD or USB memstick through the completion of the web GUI setup wizard
Chapter 3, Configuring pfSense, takes us through advanced options such as customizing the web GUI, SSH login, configuring additional interfaces, and IPv6 configuration along with how to back up, restore and update your pfSense system
Chapter 4, Captive Portal, describes how to set up a captive portal in pfSense, how to leverage the numerous options available, and how to implement different authentication options and how to use vouchers
Chapter 5, Additional pfSense Services, takes through services such as DNS, Dynamic DNS, NTP, and SNMP in detail along with their examples
Chapter 6, Firewall and NAT, covers using firewall rules to block and allow traffic, and how to use scheduling and aliases to make the process easier.
Chapter 7, Traffic Shaping, covers how to use traffic shaping, including traffic shaping using the wizard and manual configuration, as well as how to configure floating rules for traffic shaping, as well as options for deep packet inspection
Chapter 8, Virtual Private Networks, includes when and how to use virtual private networks (VPNs) to provide an encrypted tunnel. L2TP, IPsec and OpenVPN protocols are discussed, as well as how to set up both a peer-to-peer and client-server tunnel
Chapter 9, Multiple WANs, covers common scenarios for using multiple WANs, such as bandwidth aggregation and failover, and how to set up gateways and gateway groups in pfSense
Chapter 10, Routing and Bridging, discusses what routing and bridging are, when it is possible or necessary to employ them, as well as how to perform static and dynamic routing in pfSense
Chapter 11, Diagnostics and Troubleshooting, deals with what to do when pfSense does not function as expected. A step-by-step process for solving and documenting problems is outlined, common problems are enumerated, different diagnostic tools are discussed, and example problems are presented
To get the most out of this book
Some familiarity with Linux and/or BSD would be helpful, as well as access to a computer that is capable of running pfSense (any modern PC should do). The specifications for such a PC will be discussed in detail in the section regarding hardware sizing guidelines, but in brief, you will need a PC with a 64-bit, AES-NI-capable processor, 1 GB of RAM, and 1 GB of storage.
To get along with the book, you can find detailed technical requirement at the beginning of each chapter.
Conventions used
There are a number of text conventions used throughout this book.
CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "There is a packet with a source address of 192.168.2.1"
A block of code is set as follows:
html, body, #map {
height: 100%;
margin: 0;
padding: 0
}Any command-line input or output is written as follows:
ping: unknown host google.comBold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "To begin, navigate to Firewall | Rules."
Note
Warnings or important notes appear like this.
Note
Tips and tricks appear like this.
Get in touch
Feedback from our readers is always welcome.
General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Reviews
Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!
For more information about Packt, please visit packtpub.com.
