Presentation is loading. Please wait.

Presentation is loading. Please wait.

pfSense Presented at the MUUG General Meeting on 2012-Apr-10

Published byGerald Morgan Modified over 5 years ago

Similar presentations

Presentation on theme: "pfSense Presented at the MUUG General Meeting on 2012-Apr-10"— Presentation transcript:

1 Adam Thompson, athompso@athompso.net
pfSense Presented at the MUUG General Meeting on 2012-Apr-10 Adam Thompson,

2 pfSense: Who You want a dedicated firewall You want to run UNIX
You want/need the security of OpenBSD, but... You still want a GUI to manage it You don't want to (or can't) spend $10k

3 pfSense: What Software-based firewall Forked from m0n0wall 7 years ago
Based on FreeBSD Web-based management GUI Add-on packges Native IPv6 in next release (2.1), available now in beta

4 pfSense: Where Ordinary PCs High-end servers
Embedded systems (ALIX, PCEngines, etc.) VLAN'd, LAG'd networks Multi-WAN, multi-LAN Boots from CompactFlash, USB, ATA, SCSI, RAID, etc. Embedded edition doesn't need VGA or HDD

5 pfSense: When Install takes approx. 10 minutes
Can replace most routers Supports IDS/IPS via Snort Lacks on-the-wire anti-virus HA state synchronization Free: no additional licenses! Works with dissimilar hardware!

6 pfSense: Why BSD License FreeBSD kernel & userland
OpenBSD's pf(4) packet filtering engine Free, but commercial support available

7 pfSense: Variants LiveCD Installable ISO same image as LiveCD Embedded
dd(1) to CompactFlash card Serial console Memstick Boots from USB dd(1) to USB removable media may also work on other media

8 pfSense: Initial Setup
Boot from media Choose boot options, if needed Choose Install or Continue with LiveCD Set up VLANs, if needed Select WAN interface Select other interfaces, if needed Continue configuration with web-based GUI

9 pfSense: Demonstrate Installation
Demonstrate simple installation of pfSense

10 pfSense: HA / Clustering
HA support out-of-the-box, no license required Master / Slave only, NOT Active / Active Use Virtual IP of “CARP” type Be careful if you also run Cisco HSRP on the same LAN; they use the same Ethertype! Enter Slave IP & credentials on Master Settings are automatically synchronized ≤3sec fail-over, ≤2sec fail-back

11 pfSense: Demonstrate HA
Live demo of HA features (using VMs)

12 pfSense: Captive Portal
Create local user(s), Enable Captive Portal feature, Done.

13 pfSense: Captive Portal Demo
Attempt to demonstrate Captive Portal on the HA cluster, userids and settings are propagated automatically

14 pfSense: Competitors m0n0wall
The parent project; has diverged substantially with a large re-write two years ago OpenBSD No GUI, no integration, but near-perfect control and security. Untangle Linux-based, full-featured, but free version lacks features

15 pfSense: Links www.pfsense.org - main website
portal.pfsense.org – commercial support site - commercial support (by the project founders) - Canadian reseller of embedded systems (ALIX) that run pfSense well and silently

Download ppt "pfSense Presented at the MUUG General Meeting on 2012-Apr-10"

Similar presentations

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
Ming-Chang Cheng 鄭明彰 May 22 / May 29 , 2014

Ming-Chang Cheng 鄭明彰 May 22 / May 29 , 2014
Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.

Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco SB Summit Praha, 26.4.2012 Jan Křístek Tomáš Chott.

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco SB Summit Praha, Jan Křístek Tomáš Chott.
Windows Deployment Services WDS for Large Scale Enterprises and Small IT Shops Presented By: Ryan Drown Systems Administrator for Krannert.

Windows Deployment Services WDS for Large Scale Enterprises and Small IT Shops Presented By: Ryan Drown Systems Administrator for Krannert.
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—5-1 111 © 2003, Cisco Systems, Inc. All rights reserved.

© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0— © 2003, Cisco Systems, Inc. All rights reserved.
Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.

Firewall and Proxy Server Director: Dr. Mort Anvari Name: Anan Chen Date: Summer 2000.
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
Security SIG August 19, 2010 Justin C. Klein Keane

Security SIG August 19, 2010 Justin C. Klein Keane
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
Virtual IP Network Windows Server 2012 Windows 08 Dual Subnets.

Virtual IP Network Windows Server 2012 Windows 08 Dual Subnets.
Freeswitch on pfSense Prepared For: Toronto Asterisk User Group Presented by: David Donovan March 24, 2009.

Freeswitch on pfSense Prepared For: Toronto Asterisk User Group Presented by: David Donovan March 24, 2009.
Installing and maintaining clusters of FreeBSD servers using PXE and Rsync Cor Bosman XS4ALL

Installing and maintaining clusters of FreeBSD servers using PXE and Rsync Cor Bosman XS4ALL
Operating Systems Operating System

Operating Systems Operating System
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
Traffic Shaping By: Cole David Sam Littlefield Ronnie Julio.

Traffic Shaping By: Cole David Sam Littlefield Ronnie Julio.
Module 13: Configuring Availability of Network Resources and Content.

Module 13: Configuring Availability of Network Resources and Content.
So just what is the Sedona Framework? –The Framework is an embedded device programming and control environment with two major facets –Open Source Free.

So just what is the Sedona Framework? –The Framework is an embedded device programming and control environment with two major facets –Open Source Free.
Open Source Software: New and Noteworthy Presented September 30, 2004 SwANH InfoXChange Conference By Gregory C. Larkin.

Open Source Software: New and Noteworthy Presented September 30, 2004 SwANH InfoXChange Conference By Gregory C. Larkin.
DIY: Your First VMware Server. Introduction to ESXi, VMWare's free virtualization Operating System.

DIY: Your First VMware Server. Introduction to ESXi, VMWare's free virtualization Operating System.

Similar presentations

Ads by Google