Follow-up (minor) on pfSense Firewall

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Just a little insight for any others that may have also looked at the  
pfSense firewall software:

1. I'm not versed in the latest incantations of Linux or any other Unix  
derivatives. It's been over 40 years since I actually used and programmed  
using Unix.  I had to purchase a "Linux Pocket Guide" so I could get around  
a bit better in the FreeBSD shell. Still don't know what I'm really doing  
but that?s par for the course when you're almost as old as dirt.... "Use it  
or lose it", as they say is really true....

2. pfSense states you don't need to know Linux or FreeBSD in order to  
implement their firewall - and they are right - so long as you don't have  
any problems.  I've had surprisingly few so far but I'm still on the upside  
of the learning curve. It is a challenge...

3. Once you have the hardware configured you use the browser interface for  
configuring the firewall settings from a different PC unless it's in a VM.  
The GUI is nicely done (it's ok) but has a kink or two like not being able  
to reconnect a WAN port after a reboot 100% of the time.  Have to unplug and  
plug the WAN port back in so it recaptures.  This may be my setup since I'm  
configured for using a non-routable address on the WAN side and have the  
option deselected to allow private addressing for my testing setup.

4. Hardware I'm repurposing is a Dell Inspiron 531 with an Athlon x64  
dual-core 4400 2.3GHz with soon to be 4GB of memory and a 120GB SSD I just  
installed.  I have the on-board NVidia nForce 10/100 interface for the WAN,  
a two port RealTek 100/1000 card for the LAN and a DMZ segments and another  
10/100 single port card for the wireless link.  All the hardware was on the  
FreeBSD compatibility list.  By all accounts this is overkill for a firewall  
but.....

The fun has started....  That Athlon CPU actually supports VM's and has the  
power (and soon the 4GB of memory) to do it.  I initially loaded up Win7 Pro  
x64 and VMWare Player with pfSense as the guest.  With only 1.5GB of memory  
it's not very responsive right now but will improve when the full boat of  
memory is installed.

So then I tried Ubuntu v14.x as the host and we sort of went down hill from  
there.. It found all the hardware but it would freeze up and was unstable in  
this hardware environment so I'll try looking for some other distro that  
supports VM's and see if that works.  There's plenty to chose from but I  
think Suse may be my next attempt and perhaps even try Xen as the  
virtualization software host.

To answer your question... No, I have no idea of why I want to run pfSense  
in a VM other than the fact that I like to maximize the use of the hardware  
if it makes sense.  Adding a few drives and some NAS software with ftp  
capability is one idea.  I still have one PCI slot open where another port  
or two could be added and used for a dedicated network segment that supports  
marketing displays in the showroom. And I'm sure my client (and friend) will  
also come up with a few wants and desires....

Yes... pfSense looks to be a decent firewall choice, there is a learning  
curve for non-Linux based users but if your hardware is supported, then  
you'll breeze right thru the initial installation.

Next is actually configuring some firewall rules and testing what I can in  
order to gain some confidence in it's capabilities.  The add-on packages  
such as Snort (intrusion prevention) loaded right up without any problems.  
I'll try some others as a work my way thru this new adventure.

If others have any questions I'll do my best but this is new to me also but  
I may be able to help with a few confusing points I've had to wrestle to the  
mat. And I know there's more.

Thanks to Pooh for the encouraging words.... and in a week I'll be blaming  
him for this whole mess if it doesn't pan out...

Bob S.  


Site Timeline