Jump to content
RESET Forums (homeservershow.com)
texasPI

Must have pfSense packages?

Recommended Posts

mattd390

I am about to take the plunge into Pfsense again.. I just got the Supermicro X7SPE-HF-D525 motherboard to put it on. Looks like a nice setup. Servethehome.com has a great write up on it and it really encouraged me to get it. I was hoping to hear some more about the setup on the podcast this past week but oh well :). I cant wait to try out IPMI 2.0 too. I have a 2u rack case to put it into. I will post my results. I still need to post my new laptop on here when I get a second too lol. I think I need to give my bank account a rest for a few weeks lol.

Share this post


Link to post
Share on other sites
ikon

I am about to take the plunge into Pfsense again.. I just got the Supermicro X7SPE-HF-D525 motherboard to put it on. Looks like a nice setup. Servethehome.com has a great write up on it and it really encouraged me to get it. I was hoping to hear some more about the setup on the podcast this past week but oh well :). I cant wait to try out IPMI 2.0 too. I have a 2u rack case to put it into. I will post my results. I still need to post my new laptop on here when I get a second too lol. I think I need to give my bank account a rest for a few weeks lol.

 

I'm interested in seeing how IPMI works out for you. It looks like a very interesting technology.

Share this post


Link to post
Share on other sites
geek-accountant

The paid AV I was running was on untangle and I really liked it. I have been thinking of bringing it back at some point. In my case, I used it in the combination I termed "Super Router". That is with pfSense as the router and Untangle as a UTM (filter).

 

I was having some speed issues, that I think is hardware and Xenserver related. I was also having some strange issues with 1 of my 3 Tivo's. For some reason the other two would get their programming without a problem. The 3rd was getting it fine for months then all of a sudden it stopped getting updates without me manually making it get the update MANY MANY times. I never thought about it be related to Untangle because nothing had changed with that setup and the other Tivo's worked fine. I spent HOURS on the phone with Tivo trying to work something out. Then one day I needed to do some maintence on the Xenserver running pfSense/Untangle and when I booted it back up, decided to just run pfSense for a while and what do you know, the Tivo got updates no problem. I never rebooting the Untangle VM and the Tivo has never had an issue again. That was over 6 months ago.

Share this post


Link to post
Share on other sites
mattd390

I'm interested in seeing how IPMI works out for you. It looks like a very interesting technology.

 

I will share my results! I really like the thought of being able to remote into it and reboot Pfsense incase there is an issue. My roommate isn't a really techy kind of guy, so this is priceless in my situation. The fact that I will never have to connect anything but an ethernet cord and a power cord is pretty cool too :).

Share this post


Link to post
Share on other sites
ikon

I will share my results! I really like the thought of being able to remote into it and reboot Pfsense incase there is an issue. My roommate isn't a really techy kind of guy, so this is priceless in my situation. The fact that I will never have to connect anything but an ethernet cord and a power cord is pretty cool too :).

 

Thanks. I think IPMI makes headless servers much more viable. I was frustrated by my Acer H340 on several occaisions because I couldn't get into the BIOS or monitor the bootup process.

Share this post


Link to post
Share on other sites
itGeeks

My most important pfSense package is.................., wait for it, Untangle :D

 

Seriously, is the AV you're asking about Clam by any chance?

Hi ikon, what makes Untangle better then pfSense? I have been running pfSense for sometime now but the geek in me is thinking to try Untangle, Does Untangle do uPnP? I need that because of multible XBoxes in the house and its been the only way I have been able to get open NAT. Thanks. Edited by Mr Fixit

Share this post


Link to post
Share on other sites
ikon

As no-control said, Untangle does not do uPnP, which is one of the reasons I like it. It's not a problem for me because I don't have any Xboxes. I'm not sure if there are ways to get around the uPnP requirement with Xbox or not but, if there are, I would pursue them. AFAIC, uPnP is one of the worst security holes there is.

Share this post


Link to post
Share on other sites
geek-accountant

Of course you don't have to turn UPNP on when running pfSense. Untangle does have better filtering and the Kaspersky paid AV is much better than the free one offered on either pfSense or Untangle. With that said, I still much prefer pfSense over Untangle. I like to know what is happening with the network, how much bandwidth is being uploaded and downloaded and by which machine. Has helped me track down issues several times, of course it was always one of the kids so I have a pretty small list of potential offenders.

 

While I am not a security expert, I am not to worried about letting only the Xbox's use UPNP.

Share this post


Link to post
Share on other sites
ikon

From what I've seen, Untangle no longer offers Kaspersky AV, which is a shame.

 

I'm just not interested in monitoring my network that much anymore; I just want it to work. I've just been monitoring networks and stuff so long that I'm tired of it.

 

As far as uPnP is concerned, holes opened by uPnP can be exploited for other purposes; they aren't restricted to the xBoxes. That's why I prefer to manually control which ports are open, and where they can go. That said, I do understand that it can be difficult to do with multiple xBoxes.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • JROrtiz
      By JROrtiz
      I've been banging my head for a few days now trying to figure this out and I've run out of ideas. Hoping the very intelligent crew here can help me out.
       
      I have a Drobo 5N and a Synology RS816 on my network, both of which have been working without issue for quite some time now. I've always connected to both via Windows Explorer by simply going to the network address i.e., \\N5 and \\SYN (sample names). 
       
      I recently got a new desktop which is where the issues are coming up. When I try to go to \\N5, it results in a message saying it cannot find that location. However, \\SYN works just fine. What's strange is that I can see and manage the Drobo through the Drobo Dashboard software. What could be preventing Windows from seeing the Drobo on the network? 
       
      I've already enabled the SMB 1.x protocol, ensured the workgroup names are the same, rebooted both the machine and the Drobo, made sure network sharing is enabled, and even did a fresh install to ensure that some program I installed didn't cause the issue. Every other machine I have can access the Drobo without issue. It's just this new desktop, and everything is running Windows 10.
       
      Another strange phenomenon that I discovered is that if I go to "\\DROBO" (verbatim, not a sample name) it leads me to the Synology. Where is Windows getting the mapping from that it is directing that address to the Synology?
       
      This is driving me nuts so any advice would be greatly appreciated.
    • Jason
      By Jason
      Have been running a Windows DHCP server on home WSE12R2 box for quite some time behind my Sophos UTM firewall. Also allowed me to seamlessly run Windows Deployment Services at home. WDS just worked.
       
      But if I needed to make a particular LAN IP address exception on the firewall, I had to 1.) create a Windows DHCP server reservations AND 2.) create a network definition for that IP on the Sophos UTM box. 2 steps. Not very efficient; was sure I was doing something incorrectly...
       
      Tried to migrate to Sophos UTM running the DHCP Server, but now WDS doesn't work. LAN devices can no longer PXE boot. Seems possible. Many guides. None have proven especially successful.
       
      Is it possible to run a Windows DHCP server and have Sophos UTM import DHCP reservations instead of maintaining 2 unique entries for each IP reservation (one in Windows DHCP, another on Sophos UTM box)?
       
      What is best practice?
       
       
      Sent from my iPhone using Tapatalk
    • donschmidt
      By donschmidt
      Good morning.  I've just  purchased a home still under construction and plan to have CAT6 installed throughout the living areas. I'm hoping that someone can advise me as to the specific quality/specs of cable that I should use.
      Thanks and Happy New Year.
    • Joe_Miner
      By Joe_Miner
      I've been looking at the Intel Compute Stick BOXSTK1AW32SC and was wondering if anyone here has experience with that and if the Intel AC 7265 built into it is backwardly compatible with older N and A,B wifi?
    • heavy21
      By heavy21
      I want to optimize the performance and security of my home network of servers, PCs, laptops printers, smartphones, TVs, etc.  Current network appliances include layer 2 and 3 switches (Cisco small business) and Linksys router.  I’m looking to replace the Linksys with a security (pfSense) router appliance (w/OpenVPN).  I will also be adding security cameras and a NVR to the network.
       
      The gigabit network is straightforward in structure with all Ethernet connections hanging off the24 port switch connected to the cable modem and router except a cascaded 8 port switch in a room to provide 4 Ethernet connections in a room with only one data port.  Wireless connections presently come off the Linksys but will eventually come off the to-be-purchased security/router appliance with a wireless card.  I don’t see more than 100 devices in total for the whole network.  No VLANS and no sub-netting.  All hardware supports IPv6.
       
      Hardware line up is:
      Dual Zeon server w/RAID 10 of 24 TB of storage, 64GB memory
      Cisco managed switches layer 2 and 3
      HPEX495 server
      Workstations, Desktops, Laptops, Tablets, iPads
      Printers
       
      Software line up is:
      Windows Server Essentials 2012 R2, single domain controller, storage and file server duties
      Windows 10 Pro all non-server Intel computing devices
      PLEX server for streaming audio and video to display units
      Office 365
       
      From what I’ve read so far, it appears that I need to incorporate an IP addressing scheme for clients and servers on the network.  It would also appear that I need to implement VLANS and/or sub-netting to protect access to certain files and security footage, provide guest networking with future consideration for electronic door locks and some sort of server based media distribution to various display devices,
      What are best practices on assigning client and server devices to IP ranges, fixed or dynamic IP addresses?  Do I need to assign clients or servers to IP ranges?  What are the considerations in establishing sub-nets over VLANS or vice versa?  I’m pretty sure I want to restrict access to cameras and their security footage and personal files on my workstation.
       
      Thanks for any resources and advice provided.
       


×
×
  • Create New...