Hey guys just some reference material, I highly suggest you watch the two videos I created on BGP using MikroTik for better understanding. Please also use the documentation as always. pfSense Docs: docs.netgate.com/pfsense/en/latest/packages/frr/bgp/required-info.html# MikroTik BGP vids: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-M5UypwXmIFQ.html ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-cMNx2PSZ_6Q.html
@3:33 what you mean you will prefer a router? is pfsense not used as a router? I mean just beef up your hardware and handle more and then what is point of s pure router when one can have firewall that can route and still better performance with enough hardware resources?
Thanks for covering this. It's great to see subjects like this being covered. It's also explained clearly. I will come back to your channel more often.
Awesome, been using FRR on Opnsense together with MetalLB for quite some time now, it's great, although I'd rather use vtysh and configure the daemon myself. But with a nice simple GUI I guess it's much nicer and faster to setup
Great Video I Have Learnt Alot, I Have a Question If I Have Two WAN IP Addresses (Primary Fiber Link On WAN On WAN1 Port (ix3) And WAN 2 On WAN2 Port (ix0) Wireless Uplink From Same ISP) How Do I Advertise The BGP Networks To Both WAN IPS?
thank you. Some sites are filtered for my country. I am going to connect my pfsense to external vpn service that I have on a server in America, and the traffic of sites that are filtered will pass through this way. how can i do ? please ...
First you need import the ca into your certs manager Then goto vpn > openvpn > clients Create a new client with the configuration provided by your vpn supplier needed to connect to the vp. server. Typically found in an openvpn configuration file Then goto firewall > Nat > manual outbound rule generation. Then click "Add a mapping based of this rule" and change the interface to your openvpn interface. Make sure to save and apply Repeat for all 6-7 default Nat rules. Then goto status > vpn and check your connected. Lawrencesystems has a video on this. With setting up private Internet access. I've also set this up before. Hope this helped. You may also want to check if the vpn ip range is blocked too as this won't work if it is.(has happened to me)
I have this setup slightly differently but am having an issue. I have 2 neighbors setup in BGP and the first is getting BGP routes coming back and is advertising the routes specified outbound to the 1st neighbor. The 2nd connection/neighbor is advertising BGP routes back to my pfsense BUT the pfsense is NOT advertising routes to this 2nd neighbor. How can I get pfsense to advertise routes to more than 1 neighbor? For reference, I have P2P network connections so there is no internet connectivity to the pfsense. Any thoughts?
Yes the MikroTik and pfSense is in the same network. I could still get internet access because I was receiving a default route out via BGP from the MikroTik I was learning a 0.0.0.0/0 route from it.