pfSense
Post # 266 permalink Topic #263 by mreschke on 2011-10-07 13:28:29 (viewed 307 times)

Oh yeah, pfSense baby!


Fixme
http://www.polarcloud.com/tomato a different firmware for your wrt54g

Dont buy Wifi miniPCi cards at netgate.com, they are expensive, buy at http://www.roc-noc.com/wistron/minipci/radio/CM9.html or http://www.mini-box.com/miniPCI-and-mPCi-Express-cards_2

A great review of the ALIX from netgate http://xercestech.com/alix-single-board-computer.geek

Install on VirtublBox using pfSense-2.0-RELEASE-i386.iso in custom install mode took only a few minutes.

Just bought this http://store.netgate.com/ALIX2D2-Kit-Red-Unassembled-P1028C82.aspx

See all here http://store.netgate.com/Desktop-Kits-C82.aspx

Netgate pfSense 2.0 Installation[-][- -][++]

Install pfsense on the 2gb compact flash card for the Netgate ALIX2D2 Motherboard http://store.netgate.com/ALIX2D2-Kit-Red-Unassembled-P1028C82.aspx

Installation Documentation for the ALIX boards

  1. http://doc.pfsense.org/index.php/HOWTO_Install_pfSense

NOTE: I am doing this installation from a Ubuntu Server 10.04 computer

  1. Since I have a 2gb CF card I will download the 2g image without the _vga option (pfSense-2.0-RELEASE-2g-i386-nanobsd.img.gz)
  2. Connect your CF card reader to Ubuntu, put in your CF card, mine showed up as sdf
  3. Probably have to unmount the drive first, so sudo umount /dev/sdf1
  4. Find your downloaded pfSense gz file and as root, not sudo run: zcat pfSense-2.0-RELEASE-2g-i386-nanobsd.img.gz | dd of=/dev/sdf bs=16k (remember to change sdf to your drive, you can find it with sudo fdisk -l)
  5. Put the CF into the Netgate
  6. Plug a null modem serial cable into the netgate and your computer via com1 (I had to use a FreeBSD machine for this, not my ubuntu server anymore)
  7. Open a tty terminal (hyperterm for windows or see http://doc.pfsense.org/index.php/HOWTO_Install_pfSense), I use minicom.
    1. Minicom is a nice linux/freebsd tty terminal emulator. As root, run minicom -s and configure the speed to be 9600, then save as default (dfl). Also in freebsd my com1 was /dev/cuau0 which minicom defaulted too. Now exit the minicom -s settings. Then just run minicom as root
  8. When the terminal open on com1 8600 8N1 simply turn on the netgate, you should see it booting freebsd (pfsense)!!!
  9. From there its easy to get your specific network setup, WAN goes in WAN, LAN to LAN... also enable SSHD from the console, now you can ssh. And the WEB gui is enabled by default, so just visit the netgates LAN ip (default so 192.168.1.1) in your browser, default username/pass admin/pfsense.

Netgate Replace qserver[-][- -][++]

  1. Port forwarding, http://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense%3F
  2. Note about DNS
    1. I like to be able to ping all my internal computers. Pfsense does have a DNS server package TinyDNS but I do not need it becasue the built in DNS forwarder is all I need. From the forwarder I can add static IP's and set the 'Register DHCP leases in DNS forwarder' to register all DHCP leases with DNS. Thats it, now I can ping all computers by ip, even DHCP computers. So no need to install and configure TinyDNS. My clue was http://serverfault.com/questions/183904/can-i-use-pfsense-as-a-dns-server
      Code Snippet
      Yes, how depends on whether you're talking about an authoritative DNS server to host DNS for your domains (in which case, use the dns-server package), or whether you just want something to use as the DNS server on your internal hosts. In the latter case, the built in caching DNS forwarder is great for that.