Has PfSense been covered on an episode?

[G+_MrBryan092785]

Has PfSense been covered on an episode? I am ready to ditch the consumer grade router in order to gain better throughput and also learn some things about network administration. I have a good understanding of the basics but would like to learn about the vlaning ( putting each device on its own vlan for security was mentioned in a recent episode).

[G+_MrBryan092785]

with the amount of knowledge in you guys knowledge holes maybe you all have a better suggestion for an open sourse firewall/router?

[G+_Ben Reese]

Not sure what your Internet bandwidth is or home network setup, but increasing router throughput probably won't help too much. That said, learning more about routers and firewalls is probably worth the experience. I think I've seen PfSense on a Raspberry Pi even... Probably wouldn't increase the throughput at all, but definitely a learning opportunity with little upfront cost and low power consumption.

[G+_MrBryan092785]

maybe you can tell me this.. Why is it that clients on the Wlan side sometimes quit routing intermittently? The connections stay solid but sometimes they just hang... This is with a number of linksys consumer grade routers I have had on my network.

[G+_Travis Hershberger]

The most likely cause is interferance from other sources such as microwaves, telephones, etc.  If you have an Android device get Wifi Analyzer, and take a look when things start dropping.

 

PadreSJ setup his local network so everything is on separate VLANs, but his security model/use case is very different than most.  Doesn't stop me from wanting to try setting it up sometime!

 

Great learning experience in setting this up!  If you want to get really crazy you can always stick to iptables and command line changes.  That's a bit much if you're not already used to a Linux terminal environment tho.

[G+_MrBryan092785]

i think I will go as far as to do some iptables just to have the notch on my belt

[G+_Ben Tyger]

MrBryan092785 I'd play with pfSense before I play with iptables directly. Playing with iptables is like the C++ programing of the networking world. It great and it has great power... great power to hang yourself too.

 

I'd try installing pfSense on an old i386 box first. I used an only Pentium III and it ran great.

 

Installing pfSense on a RPi is still new (as well as arm support) and may not be very easy. Also with a RPi setup, there may less available packages (aka plugins) and human support because it is a newer less used deployment. Also the hardware limitations don't make it ideal for anything but the most basic routing situations.

[G+_Jason Perry]

I am not sure the good padre's setup is obtainable through the use of pfSense, Or at least alone. In a previous episode he spoke about his setup briefly and even mentioned that it took months for him to get it right. He mentioned the router he chose does not use the typical rules a Cisco router follows.

 

I am playing with IPFire myself and plan on introducing myself to pfSense in a while. But it is all for enjoyment purposes.

If you are having problems with your router and that is your concern I would spend my time figuring out what is wrong before moving on to something that could be plagued by the same problem.

 

If you just want to play and learn then by all means jump in. And if you are, check out the latest episode for some good Linux tips.

[G+_MrBryan092785]

i have a dell core2duo that was originally my NAS but I built a new one. I will probably use that but I also have an old compaque that's pentium 4 lying around. Do you think there will be a great deal of benefit using the core 2 duo over the pentium box? Ran is 512 I believe might be 256 in the compaque and 2gb in the dell. If it will be roughly the same operation I'll use the dell for a back up NAS.

[G+_MrBryan092785]

No my current router is a linksys ac router. It's new and performs fine except for the occasional hang up from mostly cellphones on the wlan side. The man thing is to learn and also take advantage of content filtering and more granular control. I love Linux and with freenas I've come to enjoy FreeBSD as well. I also use mac so a lot of the syntax is the same with FreeBSD.

[G+_Jason Perry]

Your biggest concern is putting a good NIC in it. I have been watching the usage graphs and CPU usage seems to be fairly low on my system (which is a Pentium). Biggest advice is build one with what you feel like giving to the project, find out where it sucks and make it better. But if you have money to blow get a nice NIC.

[G+_MrBryan092785]

I actually already got a used Intel dual gigabit nic on eBay. I'll stick to the dell because there's no expansion in the pentium haha.

[G+_MrBryan092785]

I want to learn about managing vlans. I think I'll put wireless traffic on it own vlan to start.

[G+_Jason Perry]

Thumbs up to that. I actually use an AP that will broadcast multiple SSID's one is for visitors, one is for devices that are mine.

[G+_Jason Perry]

I am thinking of making a NFC tag for access the guest network, just haven't got around to it yet.

[G+_MrBryan092785]

THis linksys ac router has the guest feature. I wonder if I can still use that with it in AP mode... I'll have to check into that. Currently I have the dual bands using different ssids. I just tagged the 5ghz band as _5ghz.

[G+_MrBryan092785]

Yea like padre was talking about. That is cool! I want to do that! Haha. NFC wifi for visitors is defiantly on the project list

[G+_MrBryan092785]

I understand that it can also be done with QR codes. This may be more iphone friendly, although the new iphone has nfc

[G+_MrBryan092785]

I understand that it can also be done with QR codes. This may be more iphone friendly, although the new iphone has nfc

[G+_Jason Perry]

Does the new iPhone's NFC actually do NFC or is it more or less just for Apple pay?

[G+_MrBryan092785]

I was just reading that it has been locked down from developers use. They will only allow apple pay for now but possibly open it up to developers in the future. What a drag haha

[G+_Jason Perry]

I am also not sure how the guest account works on a linksys router as long as you can put each on their own vLAN you are good