Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - mrkool

Pages: [1] 2
General Questions / Re: pfSense as a remote filtering gateway?
« on: January 02, 2018, 05:03:00 pm »
from what you are trying to do you can just setup a vm with openvpn AS (it comes as a VM appliance ) and just vpn from your pc to it and than use opendns to filter traffic by categories or lists.

General Questions / Re: OpenDNS not blocking sites
« on: January 02, 2018, 02:55:01 pm »
did not work. I disabled the DNS Forwarder and enabled DNS Resolver with DNS forwarding option turned on and says I am not using opendns servers. There was a site that would tell me which DNS resolver I am using but I cant seem to find it.

On opendns site it mentioned disabling DNSSEC but that is an older post.

General Questions / Re: Justifying pfsense for home network
« on: January 02, 2018, 12:33:37 pm »
if I was you I would setup a computer or a vm host based pfsense before investing on a 3000. I was on the same boat 3 weeks ago but I had a Box that I converted to pfsense so the only money I paid was for a Dual port Intel NIC which was 35 bux. I did it because

I am still figuring things out but I went to pfsense
1. I wanted to add snort (but every time I enable this sucker it breaks lots of other stuff) so still have not figured this out yet but with Kids following youtube links to God Knows what I would feel safer if I had more protection than just a firewall and AV
2. I like to tinker around and packages that are available on pfsense will keep me busy for a while :) save me money in the long run
3. I want to better control my home network with lots of IOT in my house
4. I had a dedicated openvpn VM running that I have shutdown and am using pfsense now
5. If you don't like OpenDNS filtering (which I am using) you can setup filtering using the proxy packages and publically available blacklists but I am ok with using openDNS for now
6. I am on Verizon FIOS and didn't like the visibility they had on my network so I needed to replace their router any way and none of SOHO solutions are up to par on features of pfsense (not even close)
7. I use Aruba Campus APs for wireless so didn't need a router with wireless built in.

this is all I can think of for now :)

General Questions / Re: OpenDNS not blocking sites
« on: January 02, 2018, 12:20:52 pm »
thanks KOM this makes sense will try it out and report back

General Questions / Re: OpenDNS not blocking sites
« on: January 02, 2018, 10:43:06 am »
I read through the posts and the help section but I am not understanding where the resolution is coming from if you use resolver vs forwarder? pfsense only has the opendns servers as the DNS servers so if I choose resolver or forwarder my public IP (WAN) will be used to talk to the openDNS servers and that should send the block message.

I have disabled resolver and enabled forwarder but still no luck with blocking.

General Questions / OpenDNS not blocking sites
« on: January 01, 2018, 11:13:37 pm »
SO i have the pfsense setup to use opendns servers as DNS resolver and i do have a opendns account setup to block porn etc but it doesn't seem to be working. on the pfsense i get and than the on the clients all i get for dns is my pfsense ip addresss. everything local and on the internet is resolving just fine just no filtering.

General Questions / Re: best VPN service that is FREE
« on: January 01, 2018, 01:21:55 pm »
wind scribe often has lifetime membership options for 30 dollars its been pretty good for me.

Nvm It worked from outside dunno wot the issue was though but it works now.

I donít much care about accessing my website from the LAN which both the split DNS and NAT refers to. I just want the site to be public accessible but that is not working. So if any one connects to the WAN interface on port 80 I want them to be redirected to the internal web server on port 80 so a simple port forward should work but it is not.

right now i have a port forward rule but it is not working. if i try to go to my public ip address from the LAN it takes me to the pfsense and gives me an error that something funny might be going on. If i try to access my external ip via port 80 it keeps churning and doesn't go any where.

So is it possible to run the 80 redirecting to 443 on the LAN interface as i will never need to access pfsense from outside.

General Questions / Re: bandwidthd and darkstat not working
« on: December 30, 2017, 04:01:07 pm »
makes sense now that you have told me :) thanks Bud

General Questions / bandwidthd and darkstat not working
« on: December 30, 2017, 01:43:18 pm »
i am trying to get some logs or stats from what hosts on my network are using how much bandwidth or what kind of traffic are the host generating net flow type of info.

I enabled the bandwidthd on the WAN interface and checked the LAN underneath and i see the bandwidthd service is enabled under services but nothing shows up in the charts. Do i need to setup a postures DB in order to get info or is that optional?

I ran into lots of issues because of the following

1. Pfsense loves intel Nicís (not your issue just throwing it out there)
2. Clear the blacklisted ip addresses
3. (do u have snort enabled?) if yes what rules sources Are you using?

General Questions / Re: New pfsense user have couple of questions
« on: December 28, 2017, 12:32:22 pm »
I had to give up the pfsene project over the holidays as these network cards could not handle the load. So i have ordered an Intel dual port Nic the 4 port i have is either dead or is version 1.0 so it didn't work in my box. Any ho thanks for the link even though i thought i knew lots :) i did learn a lot from the posts very informative.

General Questions / New pfsense user have couple of questions
« on: December 23, 2017, 05:38:55 pm »
so i got the pfsense running on pretty decent hardware i7 with hyper threading at 3.4Ghz, 8 GB ram, 256GB ssd, one mini PCI Express Realtek NetExtreme Gigabit card with Broadcom chipset and one on board Gig nic. I am gonna get the intel nice after x mas.

I have enabled snort on the WAN port. Initially i had all the sources for rules enabled but than even facebook won't load so i went back to the first Snort VRT Rules.

Now sites load but they are not as fast as they were before. I ran couple of speed test using google and and i am getting about 4-500mbs down and 2-300mbps up. It should be close to 900down and 800up but i am thinking it could be the network cards. So i will hold my judgement till i get those.

My kids play Roblox and Minecraft etc and they had issues where their characters won't render till i cleared the block list in ips. It has not come back since but that kinda has me thinking what else is not working.

I also have OpenDNS account and i added it to dyndns but i am not getting blocked on the categories i am suppose to be blocked on. Not sure what the issue there is.

So far i have noticed that Logging leaves lots to be desired snort blocks the traffic but it won't tell me why?

firewall blocks rules which i am only guessing is because of the BOGON but it won't tell me which rule number in the firewall blocked the access.

Any one know if there is a splunk plugin for pfsense so it can make sense of logs? the raw logs are very hard to read and if you forward logs from pfsense it does not keep the pretty format unless i am missing something.

Pages: [1] 2