pfSense Gold Subscription

Author Topic: Newbie needs help - basic firewalling  (Read 2042 times)

0 Members and 1 Guest are viewing this topic.

Offline fred789

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Newbie needs help - basic firewalling
« on: May 13, 2007, 01:02:42 pm »
Hi everyone,
I've just build my pfSense system and I have some difficulties configurating it.
setup:
Code: [Select]
internet ----> wan ----> lan -----> switch ----> PCs I've just switch from a D-Link DFL-200 hardware firewall and I tried to take over the basic firewall rules on the pfSense unit. Unfortunalty to this point I can't even connect to the internet. ;D

Here's where I get confuse: in order to connect to ther internet I thought I needed I a rule like "LAN->WAN policy,  NAT enabled" so in pfSense i tried the following:
Code: [Select]
/firewall/rules/
LAN:
Proto  Source  Port  Destination  Port  Gateway  Description
TCP  LAN address  WAN address  80 (HTTP)           tcp  80
Do I need to do the same thing for the WAN section? (tried and it didn't work)
What am I missing?
Perhaps one last information: in pfSense I can ping lan ip as well as google.com

Any help would be greatly appreciated

Thanks,

Fred

Offline Snailer

  • Jr. Member
  • **
  • Posts: 31
  • Karma: +0/-0
  • Still learning - everyday (who isn't?)
    • View Profile
Re: Newbie needs help - basic firewalling
« Reply #1 on: May 13, 2007, 03:18:16 pm »
If you don't have any special behind the firewall running, the setup wizard at the gui would kickstart everything nicely. That is at my place anyway. :) So what rules do u want to copy into PfSence? What do you have running at your lan and/or dmz?

Offline fred789

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Newbie needs help - basic firewalling
« Reply #2 on: May 13, 2007, 04:21:48 pm »
Thanks for your answer Snailer.
I did a reset and I am now online  :D
I'm still confuse though. As I understand pfSense blocks all ports by default, where is then the http serice enabled?
One last thing. Let's say I want to use a torrent client, do I have to configure anything in "firewall: rules" or do I only have configure "Firewall: NAT: Port Forward".

Thanks again for your help
 

Offline Snailer

  • Jr. Member
  • **
  • Posts: 31
  • Karma: +0/-0
  • Still learning - everyday (who isn't?)
    • View Profile
Re: Newbie needs help - basic firewalling
« Reply #3 on: May 13, 2007, 04:32:41 pm »
From what I have understood, a lot of rules and pre-configuration is already taken place at the background of pfsense,
which isn't show at the gui, to make us newbies live easier. :) (A small downside is that is could add some confusing for us noobs) ;)

Furthermore i would like to say: 'shoot those bears of the road you are seeing!' :D
Try first if your app's will run out-of-the-box; then u can look and ask around if u need a rule applied into pfsense.
btw: there is a upnp package available. I didn't had to use it so far.

Offline cmb

  • Administrator
  • Hero Member
  • *****
  • Posts: 6333
  • Karma: +0/-0
    • LinkedIn
    • Twitter
    • View Profile
    • Chris Buechler
Re: Newbie needs help - basic firewalling
« Reply #4 on: May 13, 2007, 09:41:02 pm »
The default configuration is everything coming in from the Internet is blocked. Everything going out from the LAN is allowed.

To restrict your LAN outbound access, change the rules on the LAN interface.

Offline fred789

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
Re: Newbie needs help - basic firewalling
« Reply #5 on: May 14, 2007, 01:26:42 pm »
Thanks for clearing this up.