Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Mastering pfSense

You're reading from Mastering pfSense Manage, secure, and monitor your on-premise and cloud network with pfSense 2.4

Product type Paperback

Published in May 2018

Publisher

ISBN-13 9781788993173

Length 450 pages

Edition 2nd Edition

Tools

pfsense

Concepts

Networking

Author (1):

David Zientara

View More author details

Table of Contents (20) Chapters

Title Page

Dedication

Packt Upsell

Contributors

Preface

1. Revisiting pfSense Basics FREE CHAPTER

2. Advanced pfSense Configuration

3. VLANs

4. Using pfSense as a Firewall

5. Network Address Translation

6. Traffic Shaping

7. Virtual Private Networks

8. Redundancy and High Availability

9. Multiple WANs

10. Routing and Bridging

11. Extending pfSense with Packages

12. Diagnostics and Troubleshooting

1. Assessments

2. Another Book You May Enjoy

Leave a review - let other readers know what you think

Index

CARP configuration

Whereas pfSense's load balancing capabilities may leave something to be desired, pfSense's high availability capabilities are quite good, and pfSense offers an enterprise class CARP solution that provides for stateful failover. We will first consider a basic CARP group for firewall failover, but we will also consider other scenarios involving CARP, such as multi-WAN deployments.

Note

Version 2.4.3 added support for Point-to-Point Protocol over Ethernet (PPPoE) on CARP virtual IPs. The PPPoE connection will only be active on the master node.

Example 1 – CARP with two firewalls

This is probably the most common deployment scenario in which CARP is involved. There are two common deployment scenarios you could employ for a two firewall setup in which one firewall is designated as the failover. Both of them involve a single virtual IP for the LAN interface, separate actual IPs for each LAN interface, and the LAN interface on each firewall connecting to a switch on the LAN side...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Authors (1)

David Zientara

David Zientara

David Zientara is a software engineer living in northern New Jersey. He has over 20 years of experience in IT. In the mid-1990s, David became the lead software engineer for Oxberry LLC, a digital imaging company headquartered in New Jersey. In this capacity, he played a major role in developing a new software package for the company's equipment. In the mid-2000s, David took an interest in computer networking, an interest that led him to learn about m0n0wall and, eventually, pfSense. David currently is employed with the Prasad Corporation in a consulting position and is also the author of Learn pfSense 2.4 and Mastering pfSense 2.4, also available from Packt Publishing.

See other products by David Zientara

Other recommended products

Related to this chapter

pfSense 2.x Cookbook

pfSense 2.x Cookbook

pfSense is a FreeBSD-based firewall that provides a platform for flexible and powerful routing and firewalling. This book focuses on configuring essential and other commonly used pfSense services; such as traffic shaping, redundancy, high availability, static and dynamic routing, backup and restoration of pfSense, and diagnostic tools.

Dec 2018 9h 56m

Learn pfSense 2.4

Learn pfSense 2.4

This book covers everything the reader needs to know to get pfSense up and running, as well as how to configure core pfSense services to both secure and optimize their networks, third party packages that extend the functionality of pfSense, and the basics of diagnostics and troubleshooting networks.

Jul 2018 11h 32m

Network Security with pfSense

Network Security with pfSense

pfSense is the world's most trusted open source network security solution. In this book, you'll learn about pfSense, all of its key features, how you can install and deploy it, as well as the different tasks you can perform.

CCENT/CCNA: ICND1 100-105 Certification Guide

CCENT/CCNA: ICND1 100-105 Certification Guide

CCENT is the entry-level certification for those looking to venture into the networking world. This book is designed to help you prepare for the ICND Part 1 (100 – 105) exam, thus obtaining the CCENT certification. Apart from learning computer network essentials, you will be able to enhance your networking skills by learning switching and routing, troubleshooting, security, and more

Apr 2018 12h 4m

Implementing and Administering Cisco Solutions: 200-301 CCNA Exam Guide

Implementing and Administering Cisco Solutions: 200-301 CCNA Exam Guide

200-301 CCNA exam tests for skills required by a network engineer to design, implement, and troubleshoot enterprise network infrastructure. Implementing and Administering Cisco Solutions: 200-301 CCNA Exam Guide offers complete, up-to-date coverage of the 200-301 exam so you can take it with confidence, fully equipped to pass the first time.

Nov 2020 25h 28m

MCSA Windows Server 2016 Certification Guide: Exam 70-741

MCSA Windows Server 2016 Certification Guide: Exam 70-741

This practical certification guide covers the most important exam objectives in exam 70-741. Additionally, this certification guide will come in handy when preparing to take exam 70-743.

CompTIA Network+ Certification Guide

CompTIA Network+ Certification Guide

CompTIA Network+ Certification Guide makes the most complex Network+ concepts easy to understand despite having no prior knowledge. It offers exam tips in every chapter along with access to practical exercises and exam checklist that map to the exam objectives and it is the perfect study guide to help you pass CompTIA Network+ exam.

Dec 2018 14h 4m

Advanced Infrastructure Penetration Testing

Advanced Infrastructure Penetration Testing

This book is a hands-on experience and a comprehensive understanding of advanced penetration testing techniques and vulnerability assessment and management. It takes you far beyond common techniques to compromising complex network devices , modern operating systems and help you secure high security environments.

Feb 2018 13h 12m

CCNA Security 210-260 Certification Guide

CCNA Security 210-260 Certification Guide

With a CCNA Security certification, you can demonstrate the skills required to develop a security infrastructure, recognize threats to networks, and mitigate security threats. Geared towards Cisco Security, the practical aspects of this book will help you clear the CCNA Security Exam (210-260) by increasing your knowledge of Network Security.

Jun 2018 17h 16m

Implementing Cisco Networking Solutions

Implementing Cisco Networking Solutions

Most enterprises use Cisco networking equipment to design and implement their networks. However, some networks outperform networks in other enterprises in terms of performance and meeting new business demands, because they were designed for the present while keeping the future in mind. This book talks about how to design and implement enterprise networks for small to mid-size organizations efficiently and effectively, so that the network design can accommodate newer demands from the users in a seamless manner, ranging from adding more branches/ users to adding new services, and evaluating and implementing new technologies to optimize costs, or enhance the user experience.

Sep 2017 14h 32m

Learning VMware NSX

Learning VMware NSX

VMware NSX is a platform for the software-defined data center. The book allows you a thorough understanding of implementing Software defined networks using VMware's NSX. You will get a brief overview of the NSX Core Components NSX's basic architecture. Once you are familiar with everything, you will get to know how to deploy various NSX features. Furthermore, you will understand how to manage and monitor NSX and its associated services and features.

Aug 2017 8h 28m

Troubleshooting OpenVPN

Troubleshooting OpenVPN

Mar 2017 5h 56m

Personalised recommendations for you

Based on your interests and search pattern

Mastering Palo Alto Networks

Mastering Palo Alto Networks

Mastering Palo Alto Networks is a hands-on guide that helps you progress from a beginner to an expert in configuring Palo Alto firewalls. It covers setup, management, and optimization with real-world examples for both on-prem and cloud environments.

May 2025 21h 32m

Cloud Native Anti-Patterns

Cloud Native Anti-Patterns

Uncover and fix cloud native anti-patterns across strategy, culture, security, and operations. This book guides you through the practical steps to avoid common traps and shift your organization toward cloud-native best practices that drive lasting success.

Mar 2025 14h 44m

AWS for System Administrators

AWS for System Administrators

Master the art of designing, deploying, and managing AWS infrastructure with industry best practices. You'll learn to automate workflows, optimize costs, and implement robust disaster recovery strategies for scalable cloud success.

May 2025 14h 12m

Kubernetes for Generative AI Solutions

Kubernetes for Generative AI Solutions

Learn step by step how to design, optimize, and deploy Generative AI projects on Kubernetes. Covering networking, observability, security, scaling, and cost optimization strategies, this guide takes you from first deployment to production excellence.

Jun 2025 11h 8m

Azure Cloud Projects

Azure Cloud Projects

Azure Cloud Projects offers a hands-on introduction to Microsoft Azure, designed to help you build real-world cloud solutions, develop job-ready skills, and apply best practices that are widely used across the cloud computing industry.

May 2025 8h 28m

Sustainable Cloud Development

Sustainable Cloud Development

This book introduces best practices for developing and deploying high-performing, eco-friendly cloud applications, helping you meet sustainability goals while delivering efficient cloud solutions.

Mar 2025 9h 12m

SLIs and SLOs Demystified

SLIs and SLOs Demystified

This comprehensive guide to reliability engineering dives deep into SLIs, SLOs, observability, and incident management. It shows you how to optimize system reliability and make data-driven decisions to balance performance and business goals.

Apr 2025 10h 0m