Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Title Page Copyright and Credits
Mastering pfSense Second Edition
Dedication Packt Upsell
Why subscribe? PacktPub.com
Contributors
About the author About the reviewer Packt is searching for authors like you
Preface
Who this book is for What this book covers To get the most out of this book
Download the color images Conventions used
Get in touch
Reviews
Revisiting pfSense Basics
Technical requirements pfSense project overview Possible deployment scenarios Hardware requirements and sizing guidelines
Minimum hardware requirements
Hardware sizing guidelines The best practices for installation and configuration pfSense configuration
Configuration from the console Configuration from the web GUI
Configuring additional interfaces Additional WAN configuration General setup options
Summary Questions Further reading
Advanced pfSense Configuration
Technical requirements SSH login DHCP
DHCP configuration at the console DHCP configuration in the web GUI DHCPv6 configuration in the web GUI DHCP and DHCPv6 relay DHCP and DHCPv6 leases
DNS
DNS resolver
General Settings Enable DNSSEC support Host Overrides and Domain Overrides Access Lists
DNS forwarder DNS firewall rules
DDNS
DDNS updating RFC 2136 updating Troubleshooting DDNS
Captive portal
Implementing captive portal
User manager authentication Voucher authentication RADIUS authentication Other settings
Troubleshooting captive portal
NTP SNMP Summary Questions
VLANs
Technical requirements Basic VLAN concepts
Example 1 – developers and engineering Example 2 – IoT network Hardware, configuration, and security considerations
VLAN configuration at the console VLAN configuration in the web GUI
QinQ Link aggregation Add firewall rules for VLANs
Configuration at the switch
VLAN configuration example 1 – TL-SG108E VLAN configuration example 2 – Cisco switches
Static VLAN creation Dynamic Trunking Protocol VLAN Trunking Protocol
Troubleshooting VLANs
General troubleshooting tips Verifying switch configuration Verifying pfSense configuration
Summary Questions
Using pfSense as a Firewall
Technical requirements An example network Firewall fundamentals Firewall best practices
Best practices for ingress filtering Best practices for egress filtering
Creating and editing firewall rules
Floating rules Example rules
Example 1 – block a website Example 2 – block all traffic from other networks Example 3 – the default allow rule
Scheduling
An example schedule entry
Aliases
Creating aliases from a DNS lookup Bulk import
Virtual IPs Troubleshooting firewall rules Summary Questions
Network Address Translation
Technical requirements NAT essentials Outbound NAT
Example – filtering outbound NAT for a single network
1:1 NAT
Example – mapping a file server
Port forwarding
Example 1 – setting up DCC Example 2 – excluding a port Example 3 – setting up a personal web server
Network Prefix Translation
Example – mapping an IPv6 network
Troubleshooting  Summary Questions
Traffic Shaping
Technical requirements Traffic shaping essentials
Queuing policies
Priority queuing Class-based queuing Hierarchical Fair Service Curve
Configuring traffic shaping in pfSense
The Multiple LAN/WAN Configuration wizard The Dedicated Links wizard
Advanced traffic shaping configuration
Changes to queues
Limiters Layer 7 traffic shaping
Adding and changing traffic shaping rules
Example 1 – modifying the penalty box Example 2 – prioritizing EchoLink
Traffic shaping examples
Example 1 – adding limiters Example 2 – penalizing peer-to-peer traffic
Using Snort for traffic shaping
Installing  and configuring Snort
Troubleshooting traffic shaping Summary Questions Further reading
Virtual Private Networks
Technical requirements VPN fundamentals
IPsec L2TP OpenVPN
AES-NI
Choosing a VPN protocol
Configuring a VPN tunnel
IPsec 
IPsec peer/server configuration IPsec mobile client configuration Example 1 – Site-to-site IPsec configuration Example 2 – IPsec tunnel for remote access
L2TP OpenVPN
OpenVPN server configuration OpenVPN client configuration Client-specific overrides Server configuration with the wizard OpenVPN Client Export Utility Example – site-to-site OpenVPN configuration
Troubleshooting Summary Questions
Redundancy and High Availability
Technical requirements Basic concepts Server load balancing
Example – load balancer for a web server HAProxy – a brief overview
CARP configuration
Example 1 – CARP with two firewalls Example 2 – CARP with N firewalls
An example of both load balancing and CARP Troubleshooting Summary Questions Further reading
Multiple WANs
Technical requirements Basic concepts
Service Level Agreement 
Multi-WAN configuration
DNS considerations NAT considerations Third-party packages
Example – multi-WAN and CARP Troubleshooting Summary Questions
Routing and Bridging
Technical requirements Basic concepts
Bridging Routing
Routing
Static routes Public IP addresses behind a firewall Dynamic routing
RIP OpenBGPD Quagga OSPF FRRouting
Policy-based routing
Bridging
Bridging interfaces Special issues Bridging example
Troubleshooting Summary Questions
Extending pfSense with Packages
Technical requirements Basic considerations Installing packages Important packages
Squid
Issues with Squid Squid reverse proxy server
pfBlockerNG ntopng Nmap HAProxy
Example – load balancing a web server
Other packages
Snort
Example – using Snort to block social media sites
FRRouting Zabbix
Summary Questions Further reading
Diagnostics and Troubleshooting
Technical requirements Troubleshooting basics
Common networking problems
Wrong subnet mask or gateway Wrong DNS configuration Duplicate IP addresses Network loops Routing issues Port configuration Black holes Physical issues Wireless issues RADIUS issues
pfSense troubleshooting tools
System logs Dashboard Interfaces Services Monitoring Traffic graphs Firewall states
States States summary pfTop
tcpdump tcpflow ping, traceroute and netstat
ping traceroute netstat
Troubleshooting scenarios
VLAN configuration problem
Summary Questions
Assessments
Chapter 1 – Revisiting pfSense Basics Chapter 2 – Advanced pfSense Configuration Chapter 3 – VLANs Chapter 4 – Using pfSense as a Firewall Chapter 5 – Network Address Translation Chapter 6 – Traffic Shaping Chapter 7 – Virtual Private Networks Chapter 8 – Redundancy and High Availability Chapter 9 – Multiple WANs Chapter 10 – Routing and Bridging  Chapter 11 – Extending pfSense with Packages  Chapter 12 – Diagnostics and Troubleshooting 
Another Book You May Enjoy
Leave a review - let other readers know what you think
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion