If you’re looking to replace your home router with something that offers more control, features, and performance pfSense is an excellent choice. pfSense can act as both a router and firewall offering lots of features for free that are often only found in pricey commercial routers.
What is pfSense?
pfSense is a custom open source distribution of FreeBSD. pfSense is a fork of the m0n0wall project focused on running on a complete computer instead of an embedded system.
Some interesting uses for pfSense
Configure a DNS blacklist to block unwanted web sites on your network.
Setup a transparent squid proxy to improve internet performance and monitor usage.
Build a dual WAN router to combine the bandwidth of multiple internet connections.
Things you need
- An old computer (minimum requirements)
- Second network card
- pfSense LiveCD(download the ISO from the mirrors page then burn to a blank disc)
The computer running pfSense must have at least two network cards. One of the interfaces will be used for the LAN (connecting to your switch) and the second will be the WAN interface that connects to your cable or DSL modem.
If you don’t have a dedicated network switch but your existing router has a built in switch you can use it instead. Make sure you disable the built in DHCP server since pfSense will be handing DHCP. Also don’t connect anything to the WAN port.
(Do not connect any network cables yet)
After getting the PC setup you’re going to use the first thing you’ll need to do is boot off of the pfSense liveCD you created. After the liveCD finishes booting you will be presented with the pfSense console setup menu. From this menu select option 99 ‘Install pfSense to hard drive’
For the rest of the installation processes as a general rule you can select the default options. When choosing the kernel select the ‘multiprocessing’ kernel if the system your using has a 2 or more CPU cores, otherwise select ‘uni-processor’.
Screen shots for the installation process can be found here.
Once the installation process is complete remove the CD and reboot the computer. You’ll want the system to boot from the internal hard drive you installed pfSense onto at this point so adjust your bios settings as needed.
When your pfSense system boots up for the first time you’ll be asked if you want to configure VLAN’s, just say no.
Next you’ll be prompted to “Enter your LAN interface name or ‘a’ for auto-detection”. Auto detect is the easiest way to go here, once your in auto detect mode all you have to do is plug in the ethernet cable in the port you’ll be using for LAN (this should connect to your switch), once pfSense detects link on that interface it has been configured. Follow the same procedure to configure your WAN interface. If you want to set up any additional interfaces do so now, for example you might have a third interface if you plan on making a dual WAN router or a DMZ.
At this point you should be back at the main pfSEnse console menu.
Select option 2 ‘Set LAN IP Address’ and enter the IP address and mask you want to set for your pfSense box for most people 192.168.1.1/24 works just fine. I would also recommend enabling the DHCP server when prompted.
At this point your router is up and running! You can configure further settings through the web interface. To access the web interface point your browser to http://192.168.1.1 or whatever you set the LAN IP address to in the previous step.
Default username: admin
Default password: pfsense
The web GUI isn’t loading (https://192.168.1.1)
Make sure you can ping the IP address first (eg: ping 192.168.1.1)
If you can’t make sure you connected the LAN interface to your switch and not your modem. You can always go back to the pfSense console and re assign the interfaces again. Also make sure the computer your using has obtained a valid IP address from the DHCP server you can set a static IP such as 192.168.1.2 for troubleshooting if needed.
The internet isn’t working
If you can pull up the web GUI but the internet doesn’t seem to be working check to see if your WAN interface has an IP address. http://192.168.10.254/status_interfaces.php If it doesn’t check the cable going to your cable or DSL modem. You may need to power cycle your modem in order for the router to be able to obtain a valid IP address.