SlideShare a Scribd company logo

Pfsense%20%20note

HARRY CHAN PUTRA
HARRY CHAN PUTRA

PfSense is an open source firewall software that provides features similar to commercial firewalls. It can be installed on Hacom hardware, which typically have Realtek or Intel network interfaces. To set up PfSense, connect a monitor and keyboard during initial boot up to configure the network interfaces. The web administration interface can then be accessed through the LAN IP address. Firmware updates are also described. Technical support is available from Hacom.

Related slideshows

Introduction to-cisco-routers
Introduction to-cisco-routersIntroduction to-cisco-routers
Introduction to-cisco-routers
 
Ciscointro
CiscointroCiscointro
Ciscointro
 
Bioscmos, post, boot
Bioscmos, post, bootBioscmos, post, boot
Bioscmos, post, boot
 
1 of 2
Download to read offline
Hacom pfSense Setup and Configuration PfSense (http://www.pfsense.org/) is a complete, embedded firewall software package that provides all the important features of commercial firewall boxes (including ease of use). Please refer to the on-line Quick-Start Guide and the Deployment Guide for additional information beyond the scope of this document. On-Line Documentation ● The M0n0 Users Manual (http://m0n0.ch/wall/docbook/) ● M0n0wall Quick Start Guide (http://m0n0.ch/wall/quickstart/) ● pfSense FAQ (http://faq.pfsense.com/) ● pfSense tutorial (http://www.pfsense.com/index.php?id=36) ● Hacom pfSense Quick-Start Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense %20Quick-Start%20Guide.pdf) ● Hacom pfSense Deployment Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense %20Deployment%20Guide.pdf) Requirements to Access to pfSense's Console. You will need a keyboard and a monitor to access the console of Hacom's pfSense. Serial console is available on certain models. Input/Output Phoenix Mercury Mars Systemboard ES466B CV700A CV700A CV763A CI852A Monitor VGA Keyboard USB USB or PS/2 Optional (Required Optional Serial Console hardware (Required a serial-console enabled BIOS update) modification at factory!) Setup Using pfSense Console When the system is booted up, a Grub screen is shown. There is a five (5) seconds delay for user to access Grub directly. At the first boot up, pfSense was not configured. User will see a setup screen asking for network interface configuration. Follow the direction on the screen to set up and to configure at least the first two (2) interfaces: LAN and WAN. Hacom systems typically have at least three (3) network interfaces. Depending on the systems, they are typically based on the Realtek chipset and will be detected by pfSense as: rl0: first Realtek 10M/100M Ethernet adapter rl1: second Realtek 10M/100M Ethernet adapter rl2: third Realtek 10M/100M Ethernet adapter rl4: (optional) fourth Realtek 10M/100M Ethernet adapter For the Intel Gigabit Ethernet systems, pfSense will detect the following network interfaces, instead: em0: first Intel Gigabit 10M/100M/1G Ethernet adapter em1: second Intel Gigabit 10M/100M/1G Ethernet adapter em2: third Intel Gigabit 10M/100M/1G Ethernet adapter em3: (optional) fourth Intel Gigabit 10M/100M/1G Ethernet adapter Once the network interfaces are set up, pfSense is ready and the console menu is shown as in the following.
Web Administration The web administration is accessible through the LAN IP. For example, if the LAN IP is 192.168.1.1, go to http://192.168.1.1/. By default, username is “admin”, password is “pfsense”. Firmware Update There are several ways to update the firmware. 1. For Hacom systems prior to pfSense version 1.2.1, it is recommended: (a) to back up the configuration, (b) to flash the new firmware., and (c) to restore the configuration. 2. Starting from version 1.2.1, firmware can be updated reliably on-line. Important notes: ● Hacom pfSense systems are based on the full firmware, including headless systems. When updating the firmware, use the full-update version. The “embedded” version will disable the display and keyboard access to the console. ● The compact flash (CF) based systems require the platform information to be changed from “embedded” to “pfSense” before the updating process. It should be changed back to “embedded” after the update. ● The DOM based platforms are “pfSense” and ready to use just like a solid state drive. Maximum Firewall States It is recommended to change the maximum firewall state from the default 10,000 to at least 100,000 for systems with 256MB RAM memory, or 200,000 for systems with more than 512MB RAM, or 400,000 for systems with more than 1GB RAM. Each state uses about 1k of RAM memory. Sometimes, the maximum number of firewall states is also referred as maximum number of concurrent connections. From the Web Administration, go to System → Advanced, and scroll all the way to the bottom to see the option. Technical Support Contact If there are any questions, please contact us at support@hacom.net or 714-564-9932.

More Related Content

Pfsense%20%20note

  • 1. Hacom pfSense Setup and Configuration PfSense (http://www.pfsense.org/) is a complete, embedded firewall software package that provides all the important features of commercial firewall boxes (including ease of use). Please refer to the on-line Quick-Start Guide and the Deployment Guide for additional information beyond the scope of this document. On-Line Documentation ● The M0n0 Users Manual (http://m0n0.ch/wall/docbook/) ● M0n0wall Quick Start Guide (http://m0n0.ch/wall/quickstart/) ● pfSense FAQ (http://faq.pfsense.com/) ● pfSense tutorial (http://www.pfsense.com/index.php?id=36) ● Hacom pfSense Quick-Start Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense %20Quick-Start%20Guide.pdf) ● Hacom pfSense Deployment Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense %20Deployment%20Guide.pdf) Requirements to Access to pfSense's Console. You will need a keyboard and a monitor to access the console of Hacom's pfSense. Serial console is available on certain models. Input/Output Phoenix Mercury Mars Systemboard ES466B CV700A CV700A CV763A CI852A Monitor VGA Keyboard USB USB or PS/2 Optional (Required Optional Serial Console hardware (Required a serial-console enabled BIOS update) modification at factory!) Setup Using pfSense Console When the system is booted up, a Grub screen is shown. There is a five (5) seconds delay for user to access Grub directly. At the first boot up, pfSense was not configured. User will see a setup screen asking for network interface configuration. Follow the direction on the screen to set up and to configure at least the first two (2) interfaces: LAN and WAN. Hacom systems typically have at least three (3) network interfaces. Depending on the systems, they are typically based on the Realtek chipset and will be detected by pfSense as: rl0: first Realtek 10M/100M Ethernet adapter rl1: second Realtek 10M/100M Ethernet adapter rl2: third Realtek 10M/100M Ethernet adapter rl4: (optional) fourth Realtek 10M/100M Ethernet adapter For the Intel Gigabit Ethernet systems, pfSense will detect the following network interfaces, instead: em0: first Intel Gigabit 10M/100M/1G Ethernet adapter em1: second Intel Gigabit 10M/100M/1G Ethernet adapter em2: third Intel Gigabit 10M/100M/1G Ethernet adapter em3: (optional) fourth Intel Gigabit 10M/100M/1G Ethernet adapter Once the network interfaces are set up, pfSense is ready and the console menu is shown as in the following.
  • 2. Web Administration The web administration is accessible through the LAN IP. For example, if the LAN IP is 192.168.1.1, go to http://192.168.1.1/. By default, username is “admin”, password is “pfsense”. Firmware Update There are several ways to update the firmware. 1. For Hacom systems prior to pfSense version 1.2.1, it is recommended: (a) to back up the configuration, (b) to flash the new firmware., and (c) to restore the configuration. 2. Starting from version 1.2.1, firmware can be updated reliably on-line. Important notes: ● Hacom pfSense systems are based on the full firmware, including headless systems. When updating the firmware, use the full-update version. The “embedded” version will disable the display and keyboard access to the console. ● The compact flash (CF) based systems require the platform information to be changed from “embedded” to “pfSense” before the updating process. It should be changed back to “embedded” after the update. ● The DOM based platforms are “pfSense” and ready to use just like a solid state drive. Maximum Firewall States It is recommended to change the maximum firewall state from the default 10,000 to at least 100,000 for systems with 256MB RAM memory, or 200,000 for systems with more than 512MB RAM, or 400,000 for systems with more than 1GB RAM. Each state uses about 1k of RAM memory. Sometimes, the maximum number of firewall states is also referred as maximum number of concurrent connections. From the Web Administration, go to System → Advanced, and scroll all the way to the bottom to see the option. Technical Support Contact If there are any questions, please contact us at support@hacom.net or 714-564-9932.