88 replies to this topic

[texasPI]

What (in your opinion) are must have packages? I just setup a new pfsense installation (first one) and so far I have snort and the antivirus package (can't recall name). Any other useful tips or tricks?

[ikon]

My most important pfSense package is.................., wait for it, Untangle

Seriously, is the AV you're asking about Clam by any chance?

[texasPI]

Ha! Actually, I blew away my untangle installation to install pfsense. I think that's it (clam). Are you running pfsense and untangle? In a VM by any chance?

[ikon]

No. I thought about it, but Untangle has worked so well for me I decided to leave it alone (OK, I was lazy too)

[texasPI]

I had been running untangle, almost a year. I ran into a strange problem that I was not able to fix. My wireless access point quit working out of the blue so I swapped it with a known good one. Still no dice. I then tried a third and it would still not get an Internet connection. I tried everything, including a fresh install of untangle, to no avail. Checked switches, cables, etc. to no avail.

I then ran pfsense from a live cd and I was back up and running. So I just installed to hard disk and I'm running that for now.

I've have a VMware box running VMs of pfsense and untangle so I may go live with it later this week when I have a chance and see how they play with each other.


Erik

Sent from my iPhone using Tapatalk

[geek-accountant]

I like untangle, but like you ran into some strange issues. pfSense has run rock solid for me for a long time now. The packages I run are ( I am on v1.2.3):

• Country Block
• Dashboard
• IP-Blocklist
• RRD Summary (don't really care about this one)
• Rate

I ran Snort and HAVP antivirus for a while, but IMO Claim is a weak AV and Snort takes some tweaking to get it running correctly. I have also run bandwidthd, darkstat, ntop, Squid, Lightsquid and squidGuard, but none of those are running at the moment. I need to decide if I am going to bring untangle back in the mix as a transparent bridge for filtering, or just beef up pfSense. I just have to make sure it doesn't screw with the broadcasting of my podcast and just have not had time to test it.

[texasPI]

I like untangle, but like you ran into some strange issues. pfSense has run rock solid for me for a long time now. The packages I run are ( I am on v1.2.3):

• Country Block
• Dashboard
• IP-Blocklist
• RRD Summary (don't really care about this one)
• Rate

I ran Snort and HAVP antivirus for a while, but IMO Claim is a weak AV and Snort takes some tweaking to get it running correctly. I have also run bandwidthd, darkstat, ntop, Squid, Lightsquid and squidGuard, but none of those are running at the moment. I need to decide if I am going to bring untangle back in the mix as a transparent bridge for filtering, or just beef up pfSense. I just have to make sure it doesn't screw with the broadcasting of my podcast and just have not had time to test it.

Thanks for confirming that I'm not neurotic! I really liked untangle but the problem I experienced was so weird. It just quit working out of the blue. I spent a whole day trying to fix it before nuking it and installing pfSense. There is a steeper learning curve but I got it mostly tweaked the way I want it.

Aren't you running a paid anti-virus on pfSense? I seem to recall you mentioning that on here or maybe one of the podcasts.

[ikon]

I had been running untangle, almost a year. I ran into a strange problem that I was not able to fix. My wireless access point quit working out of the blue so I swapped it with a known good one. Still no dice. I then tried a third and it would still not get an Internet connection. I tried everything, including a fresh install of untangle, to no avail. Checked switches, cables, etc. to no avail.

I then ran pfsense from a live cd and I was back up and running. So I just installed to hard disk and I'm running that for now.

I've have a VMware box running VMs of pfsense and untangle so I may go live with it later this week when I have a chance and see how they play with each other.


Erik

Sent from my iPhone using Tapatalk

This is a standalone wireless AP that's just connected to a switch on your network?

[texasPI]

This is a standalone wireless AP that's just connected to a switch on your network?

Yeah. It's the router I was using prior to decommissioning it in favor of untangle. I actually had Untangle's internal network cable connected to a LAN port on the access point. That configuration worked fine for almost a year and then it just abruptly stopped working. The AP was still broadcasting a signal and devices could connect but it was not getting access to the internet. I disabled firewalls, intrusion detection, etc in Untangle but nothing worked. I even swapped the dual NIC card with another known good one to no avail.

I'm not sure what happened. The same hardware is working fine with pfSense.

[ikon]

Yeah. It's the router I was using prior to decommissioning it in favor of untangle. I actually had Untangle's internal network cable connected to a LAN port on the access point. That configuration worked fine for almost a year and then it just abruptly stopped working. The AP was still broadcasting a signal and devices could connect but it was not getting access to the internet. I disabled firewalls, intrusion detection, etc in Untangle but nothing worked. I even swapped the dual NIC card with another known good one to no avail.

I'm not sure what happened. The same hardware is working fine with pfSense.

I'm wondering if UT somehow filtered the MAC address of your router or of the clients.

[mattd390]

I am about to take the plunge into Pfsense again.. I just got the Supermicro X7SPE-HF-D525 motherboard to put it on. Looks like a nice setup. Servethehome.com has a great write up on it and it really encouraged me to get it. I was hoping to hear some more about the setup on the podcast this past week but oh well . I cant wait to try out IPMI 2.0 too. I have a 2u rack case to put it into. I will post my results. I still need to post my new laptop on here when I get a second too lol. I think I need to give my bank account a rest for a few weeks lol.

[ikon]

I am about to take the plunge into Pfsense again.. I just got the Supermicro X7SPE-HF-D525 motherboard to put it on. Looks like a nice setup. Servethehome.com has a great write up on it and it really encouraged me to get it. I was hoping to hear some more about the setup on the podcast this past week but oh well . I cant wait to try out IPMI 2.0 too. I have a 2u rack case to put it into. I will post my results. I still need to post my new laptop on here when I get a second too lol. I think I need to give my bank account a rest for a few weeks lol.

I'm interested in seeing how IPMI works out for you. It looks like a very interesting technology.

[geek-accountant]

The paid AV I was running was on untangle and I really liked it. I have been thinking of bringing it back at some point. In my case, I used it in the combination I termed "Super Router". That is with pfSense as the router and Untangle as a UTM (filter).

I was having some speed issues, that I think is hardware and Xenserver related. I was also having some strange issues with 1 of my 3 Tivo's. For some reason the other two would get their programming without a problem. The 3rd was getting it fine for months then all of a sudden it stopped getting updates without me manually making it get the update MANY MANY times. I never thought about it be related to Untangle because nothing had changed with that setup and the other Tivo's worked fine. I spent HOURS on the phone with Tivo trying to work something out. Then one day I needed to do some maintence on the Xenserver running pfSense/Untangle and when I booted it back up, decided to just run pfSense for a while and what do you know, the Tivo got updates no problem. I never rebooting the Untangle VM and the Tivo has never had an issue again. That was over 6 months ago.

[mattd390]

I'm interested in seeing how IPMI works out for you. It looks like a very interesting technology.

I will share my results! I really like the thought of being able to remote into it and reboot Pfsense incase there is an issue. My roommate isn't a really techy kind of guy, so this is priceless in my situation. The fact that I will never have to connect anything but an ethernet cord and a power cord is pretty cool too .

[ikon]

I will share my results! I really like the thought of being able to remote into it and reboot Pfsense incase there is an issue. My roommate isn't a really techy kind of guy, so this is priceless in my situation. The fact that I will never have to connect anything but an ethernet cord and a power cord is pretty cool too .

Thanks. I think IPMI makes headless servers much more viable. I was frustrated by my Acer H340 on several occaisions because I couldn't get into the BIOS or monitor the bootup process.

[Mr Fixit]

My most important pfSense package is.................., wait for it, Untangle

Seriously, is the AV you're asking about Clam by any chance?

Hi ikon, what makes Untangle better then pfSense? I have been running pfSense for sometime now but the geek in me is thinking to try Untangle, Does Untangle do uPnP? I need that because of multible XBoxes in the house and its been the only way I have been able to get open NAT. Thanks.

Edited by Mr Fixit, 26 August 2012 - 08:42 AM.

[no-control]

No it does not

[ikon]

As no-control said, Untangle does not do uPnP, which is one of the reasons I like it. It's not a problem for me because I don't have any Xboxes. I'm not sure if there are ways to get around the uPnP requirement with Xbox or not but, if there are, I would pursue them. AFAIC, uPnP is one of the worst security holes there is.

[geek-accountant]

Of course you don't have to turn UPNP on when running pfSense. Untangle does have better filtering and the Kaspersky paid AV is much better than the free one offered on either pfSense or Untangle. With that said, I still much prefer pfSense over Untangle. I like to know what is happening with the network, how much bandwidth is being uploaded and downloaded and by which machine. Has helped me track down issues several times, of course it was always one of the kids so I have a pretty small list of potential offenders.

While I am not a security expert, I am not to worried about letting only the Xbox's use UPNP.

[ikon]

From what I've seen, Untangle no longer offers Kaspersky AV, which is a shame.

I'm just not interested in monitoring my network that much anymore; I just want it to work. I've just been monitoring networks and stuff so long that I'm tired of it.

As far as uPnP is concerned, holes opened by uPnP can be exploited for other purposes; they aren't restricted to the xBoxes. That's why I prefer to manually control which ports are open, and where they can go. That said, I do understand that it can be difficult to do with multiple xBoxes.