Not sure if this already exists but i couldn't see a topic about this new levlel1 video so here it is.
Might give this a go with an old laptop, i'm hoping the built in battery allows it to operate as if it was connected to a UPS.
With a laptop you are limited to the single built in NIC.
Using an old laptop should work fine but most laptop only have 1 Ethernet port and you need at least two for pfSense to function, one for the WAN and the other for LAN.
There are workarounds for this but they may not be perfect in implementation. The easier way is to use a USB3 to Ethernet adaptor but from what I hear this doesn't work very well, the other way, which is the most recommended is to get a Managed Switch and setup separate VLANs for the WAN and LAN.
It is also worth mentioning that internal wireless cards can work on pfSense but support for them is very poor so I would recommend setting up your currently router in Access Point mode if it is supported (or disable DHCP, etc if not) and connect that to another VLAN for wireless traffic.
No. But you will need a VLAN capable switch. My pfSense setup at work (in producrtion for 3+ years) is an old Dell system with a Q9300 and 4GB RAM, and a 250GB hard drive. I have it attached with just the 1 built in gigabit network port to my SG300-52 switch. I have VLANs setup for 3 WANs, LAN, Printers, 2 Guest networks, and test networks. It's fantastic. However, as we get more bandwidth, I might exced the routing capability of the bandwidth a single gigabit interface can provide. That being said, we are OK for now with a 20/200Mbps connection, and 2x DSL connections of 768Kbps/7.5Mbps.
That being said, for my home, I just ordered a UP Squared SBC. Won't be here until April, but I'ts going to be small and power efficient. 2 Built in gigabit network connections. Here is my post about it:
1 Like
I did mention that in my second paragraph:
@01SAF If you do go this route and need a fairly cheap managed switch I use a 8 port NETGEAR ProSafe GS108E and it works great. You can also get a 5 port version that is a little cheaper.
Why not use ClearOS or Untangle? Untangle is built on Debian.
I had a headstart.
Installed; next step is assigning interfaces and then gonna look at snort and other plugins. Have a 24-port switch for later. So, I've taken the first step in wiring my house : )
3 Likes
The thread is referring to the latest Level1Techs video which talked about using PFSense.
I'm sure you could use Untangle or ClearOS, but if you're using a laptop you'd still need to solve for only having one NIC.
Is it possible to use PFsense as modem as well?
My current Router, Wifi and Modem is combined into a single unit (Zyxel VMG8924-B10A), so would be nicer if i didn't have pass everything trough that, and then over to the pfsense, if i was to setup a PFsense box.
no; it's not a modem. you should be able to set up your current modem+router as a passthrough, though (essentially, turning off the "router" part). It's not bad for them to be separate.
I have been thinking about doing this for the longest time.
I have some super old PC's I could use, but the IDE drives would somewhat defeat the purpose of me taking advantage of my fiber connection.
Others have shared my desire to do this with an old laptop, but unless that puppy has two ethernet ports, its a futile endeavor.
I'm eager to see more videos like this one because it has really lit a fire under my ass to actually build one of these.
Your Zyxel modem has a bridging mode that disables the routing functionality, use that.
You'll have to setup PPPoE in PFSense to make it work with your ISP.
As @Just.Oblivious said, just disable routing functionality and wire the WAN to the active port in modem mode. The router supplied by my ISP is a DOCSIS3 modem/router and this works well.
You may be able to get pfSense working as a modem but imo it is way more trouble than it is worth as you'd need either an ADSL PCI card or DOCSIS PCIe card (Not sure if they even make these) that will work in pfSense which is doubtful.
This ADSL card has support for Linux/BSD but I have no idea how it'll work in practice on pfSense.
Hey! I've been waiting for a video like this for a long time now! It was the routor video from years ago that the Tek made that got me into the Tek community in the first place and I am glad that L1 is pushing to get back into that line of tech robustness. I have very little networking experience, but I do have a bit of spare parts laying around, so I think I'm going to give this a shot.
I have a question though. I live in a situation where I do not have much control over the internet hardware that we use in the household. We currently have subsidiary of Comcast as our ISP, and for that we have a comcast modem/router combo bullshit deals. I'm in no authoritative position to change or replace it (even though we all know it is for the good of mankind to do so), so I am wondering if there is a way to split the cable input between the commicast router and a PFSense box.
Now that I am thinking of it, is there any good to having a PFSense connected to the existing router and telling the router to allow all connections to the PFSense box? I feel like that should do pretty much what could be done if it were just the modem connected to PFsense, but with a useless link in the chain. Correct me if I am wrong though.
Sorry for all the questions. :P
1 Like
Here are some cheap low power options.
https://netgate.com/products/sg-1000.html
http://www.mini-box.com/ALIX-APU-2C4-AMD-G-Series-GX-421TC?sc=8&category=1361
One would cost more to outfit. the other would bee less powerful.
What one would you go with?
Why not ipfire, or just manage your packet filter manually?
Because pfSense is pretty easy to use.
1 Like
When you say you're not in a position to change or replace the modem, do you mean you're not the one paying the bill? As stated before, as long as you have access you should be able to set up the Comcast Modem/Router combo to be in bridge mode. From there you could set up your new router to handle the routing.
I'm on Comcast as well, and you should be able to replace the modem with whatever you like (or rather, who ever is paying the bill should be able to). I bought a Surfboard 6141 Modem a few years ago and it's been working great. Iirc, you should be able to just swap it out and when you attempt to access the internet you'd be prompted to log into your Comcast account to link the modem to your account. If that doesn't work i'm sure their friendly customer service should be able to help you >.>
I initially started out with a Archer C5 Router / AP behind the modem, and then on a random weekend threw together a server out of spare parts i had laying around. I had everything but a case so I used a plastic container (something along the lines of this) and a dremel. Next thing i knew i had my own router running PFSense.
Since then, I've been slowly upgrading hardware. New NICs, an actual case, etc.
2 Likes
I don't pay the bill. Currently living with my girlfriend's family until we can get our footing. They're being a stickler with the whole router matter lol. I'll look into setting up bridge mode and see how that goes, though it would be nice to leave the current router and it's functionality intact.
Thanks though! :)
(EDIT: oops with the comment delete thing)
1 Like
Putting a modem/router in bridge mode will also disable the wireless functionality so unless you have another router or access point your pretty stuck if anyone uses wireless. The single biggest issue I had moving to pfSense was that I needed the wireless function of my modem/router combo device and since they were tied to a single device I couldn't use one without the other.
I eventually got a Unifi AP AC Lite, set it up on my older router while I worked on pfSense and at the time of deployment It took me 5 minutes to hook pfSense up and everything on the network pretty much worked as it did before.
1 Like
Somewhat off topic, but how do you like the Unifi AP? I've been eyeballing them (and other Ubiquiti products) but have been hesitant on an actual purchase because they look like they have their own ecosystem you have to use.
1 Like