CAPS LOCK GUY HERE TO THANK YOU FOR CREATING INCREDIBLY EDUCATIONAL AND HIGH QUALITY CONTENT FOR THESE YEARS. I AM SURE THAT I'M THE ONLY ONE WHOSE INTEREST AND/OR CAREER HAS BEEN KICK STARTED THANKS TO YOU. HERE'S TO YOU , TOM.
I got to say this video and the other one from 2018 have been the single best source for me setting up pfsense for the first time! I had to go over it several times and even slow it down to 3/4 speed to keep up. I was coming fro a large background with consumer routers and some corporate Microsoft training from the mid 90's. Yeah, what a long strange trip it has been! Thanks so much for what you do. This channel is my go to source for pfsense.
Long time listener, first time caller. Moving to an apartment in about a month with symmetrical 1gbps in a month and finally updating from OpenWrt to pfSense so this could not come at a better time. Thanks for the great videos, Tom!
Tom. Through your older videos. And your forum I have become and avid user and lover of PFsense. So while I don't need THIS video. I am glad it exists. You are a resource and a treasure.
Thanks for the detailed video. 10 mins into it and I’ve realized that, as a lamen consumer who’s trying to protect my families data, this is way too technically involved and time consuming to go the pfsense route. I guess I’m stuck with just using a VPN and anonymizing traffic rather than a VPN + security. If I ever have time to learn all of this I’ll be sure to refer back to your channel (I’ve saved the video). The community should be grateful for the time you take to walk everyone through tedious setups.
Take care on the VPN, if things need to be marketed and are cheaper than the competition, usually that means they collect your data to sell. A lot of VPNs also have been bought up buy corporations too. Tons of new data coming out that VPN's aren't typically as secure as believed. It may be too technical, but it's like buying a helmet with for a motorcycle, you don't need a $5,000 helmet, a $20 helmet would work, but $400-500 helmet will offer the protections, comfort, and sometime additional safety features. How much is your brain worth? Same thing here, how much do you value your security and privacy?
This is a really well done video and thanks for taking the time to put it together. It’s nice you not only show how to do things, but you explain why, and then even show how to test what you’ve just done which is especially important when it comes to network security. This video nicely combines a lot of what users need in one video and it does it using 2.4 which has some new differences. Pfsense doesn’t do major updates very often and it’s great you’ve been so prompt in getting 2.4 content out. Please keep up the impressive work!
Wow, i'm new to this channel.. but what an incredibly active audience! like, wow... i work in network security, surveillance and automation. It's a pleasure to join you nerds. Thanks for a great video
You're a wonderful teacher, Tom! This guide made my day! 2022 is off to a great start! You kick ass, and I appreciate your content, teaching style and sense of humor so much! Thank you!!
Hi Tom, This video is wonderful! I am running pfsense on an Hp-T620 Plus with a 4-port intel card. I have gone back and watched this video and your video on pfblockerng, a couple of times to help me configure the router. I joined to say thank you!
Thank you for taking the time to put these videos together. I have This, the snort, and PFblockerNG setup videos saved to my library. I show your channel to any of my friends interested in doing the same thing with their networks.
Hairpin is a first time i have heard that term. Most routers label it as "NAT Loopback" Also just pinging the gateway work. Won't lie I picked the PERFECT time to get into PFSense a day after you posted this! haha trying to find cheaper alternatives for my clients. In one of the few cases where i have VLans setup neither one will want to talk to each other. I blocked them both from talking to each other on my test rig and i wasn't even able to ping the gateway after enabling the rule (Using 192.168.1 and 100 for test lans)
Thanks for another bang-up video. You guys have the best coverage of pfSense. One point I think people should think about (not starting sh*t) when it comes to the console password. Your point is valid, but there's a second concern that I always bring up when people talk about whether to password protect a console port on anything. The point you make is true. If someone has physical access, it's game over. However, most methods of getting information, access, or elevation will require a reboot of the device, and that's going to most likely draw some attention. If free console access is open, it's possible for someone to make small non-disruptive config changes that could go unnoticed in some environments. As you are aware, not all environments are the same, so it's just something that people should consider.
I am interested in using smart devices for lights and fans to automate stuff. I want to keep it all local. Watching these videos has shown me the safest way to go about creating a safe home network for all those things.
Just wanted to say thanks for this Tom, using PPPPPPoEEE over in the UK, got the basics working very quickly, a bit shocking that. Have Draytek 130 modem set in the bridge mode you mentioned. 👍
excellent video. I have just built my pfsense router but wanted to understand pfsense more before I started using it.. this video has been perfect for me to upstanding the fundamentals of what it can go!
Another excellent video, thank you. I have just setup a pfsense router with a unifi POW Gen2 24 port switch and 2x nano HDs. I setup 5 VLANS to segregate traffic (with one VLAN solely for VPN) and this video (along with your other videos on OpenVPN) for reference had me done and dusted in no time. Pfsense and unify is a great combination - inspiration for that also came from this channel.
Great video, I’m setting up my first custom build pfSense firewall today, so I’m thankful to have a bit of guidance, only thing I would say bro is I wish you changed the theme first, white burns my eyes out on these LED backlight screens 😅
What I do for my guest network, is just setup a block rule on the guest VLAN to all RFC1918 networks, and a allow rule to the gateway above that, with a block rule with the firewall admin ports above that. Bulletproof!
Another great use of FreeRadius on PfSense. Point your Ubiquiti controller at it and you can rock WPA-Enterprise 802.1X authentication. You can even do dynamic VLAN assignment at UBNT AP's and Switch Ports.
I know that this is an older video but I've watched a ton of your vids and have learned a ton! I'm currently setting up my home lab on a Z800 with ESXi and a virtualized psfense instance. You've helped in the proper setup of pfsense and I thank you! Sub'd
I wanted to thank you for all of this great content you have been putting out ! Very appreciated 😉 my freenas and pfsense been rocking for couple years now without any hick up.
Thanks that worked, I had to watch far to many videos with the virtual kiddies. I am behind a ISP router and running on a separate box for the firewall, and your setup worked fine. Leave the wan on DHCP. And reboot with the machines cables unplugged after configuring the LAN on the firewall. Especially if you have a linux pc it will not drop the old ip, have to reboot. I think there is a command for that too.
I work in industrial controls and deal a lot with water and wastewater systems, pfsense is becoming increasingly more common. Just wanted to mention this in case anyone doubts it's capabilities in commercial or industrial systems.
i'm about to set up pfsense for the first time, very helpful video. I configured a firewall manually using linux before for my home network but this seems not only simpler but more secure as well - creating iptables rules via the command line is not exactly my forte!
I just got the Netgate 4100 because of your videos and came back to this one to configure it and following your video helped so much! Thank you for your time in making this and helping us with these wonderful machines!
Tom.... MY CAPS-LOCK IS ON TO YELL YOU, A BIG MAHALO BROTHER 🤙🏽 THANKS FOR ALL THE AWESOME EASY TO DIGEST INFORMATION YOU GIVE TO US MERE MORTALS.... 😀 [caps-lock is now off ]
Awesome job, Tom! Been using pfSense for years. I always learn something new on your pfSense videos. I have that exact Supermicro server you used today for my pfSense firewall and it just works flawlessly. I initially tried ESXi on it and was testing different firewall builds in a virtual environment (pfSense, Sophos UTM, OPNsense) just to see how those work and I always end up going back to pfSense.
@@daniel_2 Sophos is losing me as a customer. Their on prem, ans now is EOL for obvious reasons, so I am moving to something different. Crowdstrike is an option also...
Thanks for this video Tom a really great indepth tutorial; for a newbie like me to the system. Ive just set one up on an old IGEL Workspace IGEL-H820C with an internal 2 port network card and its golden.
Great video. I am running pfsense VM inside Proxmox with zero issues on a Dell R710. It works great as long as you pass-through the network PCI device (Broadcom). I have also tested it successfully as a VM in an R720 with an Intel network device. It saves me $64/year versus running my old standalone Optiplex pfsense machine :)
I recently had a WISP require PPPoE here in south texas, pfSense worked fine. I usually unblock RFC1918 IPs on the WAN for Spectrum Modems since sometimes you need to access the modem via its private IP (ie 192.168.100.1:8080) ; even if the modem is in bridge mode and providing a public ip address to pfsense's WAN interface.
Would love to see you guys do a vlog series on OPNsense, as you did with PFSense. You guys make fantastic videos, that are not only educational, but fun to watch. Keep up the great work!
PFSENSE WORKS GREAT VIRTUALIZED WHAT ARE YOU TALKING ABOUT. JK it took me about 2 days to actually get it configured and going in ESXI. Great tutorial subscribed.
I've watched a ton of your videos and your thorough knowledge of your subjects is outstanding, not to mention your obvious brilliance is awe inspiring. Hope your "smart" genes passed on to your children.
A great video - i use pfsense along long time - at home and at the my mother's practice (internist/cardiologist) and it works very well - even the medical technician who set up the practice system was impressed with this software/router, especially that it is "open"^^ And yes the device is 1000x safer than this weird DGN boxing - the cool thing is. The technician has switched the entire Ameos clinic to pfsense after div test :)
YOUR VIDEOS ARE VERY USEFUL I came across your channel while looking for Ubiquiti edgerouterX and USG. I have the edgerouter X and a nice device to learn at the moment. thanks for clarifying about raspberry pi :) I was also thinking of a similar thing however I think it doesn't have a lot processing power or networking/USB bandwidth for optimum high-speed use. Also I haven't been able to find the 4 port intel card in my nation though
I used to use PFSense. It was way beyond my capability. I really like the idea that it has all kinds of packages you can use, like squid server. I was never sure if the squid was working properly or not. I would recommend you take a network course first and then try to figure out PFSense. It's great technology but you need to know a fair bit about networking first in my opinion, unless you just want to use it's defaults.
Its June 2, 2021 - With more and more ISP's switching to CGNAT without the use of VPN's and other relay servers, the only way I have found to get direct inbound connections into my network is via IPV6. So we are going to be seeing a lot more dual stack setups. Can you please do a series on IPV6 - An in depth dive into IPV6, its setup and usage on pfSense and in your LAN in general. Yes, I find it to be a bit of a paradigm shift - especially for people used to ipv4. I personally find any use of NAT to be a complete headache, and I hate it with a passion. However we all still tend to think in terms of "private" ip addresses and NAT networks. Having some general and good information out there explaining the alternative would go a long way to making it more understood in the industry.
I love my custom pfsense server. Running on a dell r320 1unit server using lagg. I have save soo much data on my bandwith using squid cache. And using a 4port lagg lacp setup.
