Sturdy Questions About pfSense!

You will have to set up pfsense for whatever type of internet connection you have, so it'll be the same as your current router. If you're using ADSL then you put the modem in to bridge mode, connect it to the WAN interface on pfsense and set up the interface in PPPoE mode, using the settings and login that your ISP gave you. I'm not really sure about other types of connections because i've only ever used ADSL.

I'm not really sure what's wrong with your access points. Are you on the same subnet as them? If it's different then you won't be able to connect to them, just change your ip address manually so it's on the same subnet and then you should be able to connect to them. Otherwise maybe try hard resetting them and setting them and setting them up again.

The anti virus slowed my connection down too much so I stopped using it, plus I only got false positives with it anyway and it was kind of annoying. And caching is pretty much useless unless you have a whole bunch of users, your browser already has it's own cache. If anything it would just slow your browsing down and won't really save you any bandwidth. But if you want to set it up anyway then that hard drive will work fine.

How do you get into the modem? Is it easy to put the modem back out of bridge mode? At the moment we have a stand alone netcom modem that then goes into a Dlink router via ethernet instead of having them both in one box. So the ip for the APs are 192.168.0.50 for the 700ap and the 1150 is http://dlinkap. How do I change my IP? and will it effect anything? Will I have to put it back to the old IP afterwards? Why do you think my IP 'changed' from last time I accessed them? How could my IP have changed? So many questions haha, but thanks for sticking around for so long! It's been very very helpful!

What is your IP? If it's on the same subnet (192.168.0.0) then you don't have to change it, but if it's different then that's what the problem is, just change it, get in to your access point, change their IPs to something in your subnet then change yours back.

It's 192.168.1.103 What's a subnet again?

I have no idea of finding out what the 1150's one is though

That's the problem then. You can either change your IP to something in the 192.168.0.0 subnet, login to the access points and change them to something in 192.168.1.0 subnet. Or you could log in to your router and change it to something in 192.168.0.0 and make sure it's DHCP server is set the same, then reboot everything and then it should all be on the same subnet.

Basicly your IP address is divided in to two parts, the subnet and the host address, the subnet is the first part which identifies the network and the host address is the last part which identifies the host. All IP addresses on a certain network will start with the same subnet but have different host addresses. Where the IP address is divided is determined by the subnet mask. So for example, if your IP is 192.168.0.100 and your subnet mask is 255.255.255.0 then the 192.168.0 part is the subnet and the 100 is the host address. If it's 10.0.0.100 and your subnet mask is 255.0.0.0 then the 10 is the subnet and the 0.0.100 is the host address. That's a pretty basic explanation but it gives you the idea, at least for simple networks.

Ok cool! I've actually managed to get into the 700ap, Will my PC still work the exact same on the internet if i change the subnet?

When I tired this at home however, it didn't work, I plugged in the AP at school and then type 192.168.0.50 and then it suddenly worked, how could it have changed by itself?

Also, for example, if I changed my subnet to 178.165.0.1 then do I have to make the AP be 178.165.0, but the 4th lot of digits will be different because it's the personal address for the connection to the subnet? So for example, if I was 178.165.0.45 and the AP was 178.165.0.78 i'd stll be able to connect to it? It's just the first lot of number (xxx.xxx.x) that have to be the same? What happens if my subnet is different to the router/modem's?

Also, would this card work? http://www.trademe.co.nz/computers/networking-modems/wireless-networking/adaptors/auction-741936040.htm It's atheros which is their preferred chip and it's PCI not PCIe so it'll fit with my mobo.

You can't  use that subnet for a private network. Just change your computers ip from 192.168.1.103 to 192.168.0.103, then you can get in to the access point. The reason it worked at your school is because your school's network must use the 192.168.0.0 subnet. When you change it you probably won't be able to get on the internet until you change it back because you will be on a different subnet to your router. Just change it so you can change the access points then change it back. You need to have everything on the same subnet or they won't be able to talk to each other. 

I don't know, it all depends if pfsense has the drivers for it. You can have a look on the pfsense website but like I said wifi is hit or miss with pfsense and you're much better off using an access point. 

Hello Behemoth,

as much as I love PfSense, I see no big advantages of using it in a residential (private) environment (here come the haters...). Let me explain, I did try most of the things you're asking about myself a couple of months ago, I might relieve you from a short suffering.

Most of the info you can find online points towards PfSense in a business environment, even if not explicitly stated. In a "modern world" home network, you'd simply want to distribute internet access to all your devices and not fiddle with it too much if you don't have to. Why? Because there are no big advantages.

I have been running a PfSense box with an SSD on a "high-end" Intel Atom with two Intel gigabit network cards and 8gb of DDR3 memory (yep, it's is a dual-wan custom router test build, made for caching stuff). That means that it all comes down to the software and my internet connection, there shouldn't be any hardware bottlenecks. I know that my connection is really bad (6mbit/s) that's why I wanted to cache as much as possible. Turns out, there is not so much stuff that actually needs caching. Most of today's websites are dynamic and change often. True, you could cache them as well, but then you lose that dynamic aspect (think of looking at a 5 hour old Facebook timeline, even after you refresh the page for example).
Another thing you could try is to cache are advertisements, but these also switch around quite often. Another obstacle you will run into is that PfSense does not cache data being transmitted over SSL.

LEt me show you some scenarios where PfSense will excel any other (affordable!!!) router out there. Imagine you're a landlord of a 5 storey building and you're renting out apartments with a hardwired internet connection. In that case you'd put a PfSense box in the cellar and have it manage and distribute the available bandwidth around all tenants, depending on their current needs. This is called traffic shaping. PfSense does an amazing job with that.
Another example would be in an business environment, where you'd have to ensure a good connection for any sort of VIOP (voice over IP - Internet phones) client. In this case, PfSense can be configured to prefer any traffic coming from such a client, and in extreme cases, drop other traffic completely.

Coming back to to the you-as-landlord example: PfSense can help you cache large, static files. Windows updates for example. I heard that it should be possible to cache YouTube videos as well, but have fun configuring this.

PfSense is also great if you want to bundle two internet connections (for example from 2 different providers) and route traffic according to some of your custom rules. Browsing only through provider "A", FTP, VOIP and all other traffic through provider "B".
PfSense can also sense if one connection is experiencing problems and reroute all traffic to still guarantee a usable (albeit much slower) service.

Or, and that's where PfSense is originally originating from, you could build a super safe firewall with custom rules. However, this firewall will only make sure that intrusions won't happen. You'd still be vulnerable to some malware, as well a government privacy intrusions which occur later in the connection.

If you don't see yourself wanting to accomplish any of the examples in the scenarios, I would not touch PfSense for any other thing than curiosity.

I also experienced hardware incompatibilities with my motherboards fan controller, so that I had a pretty loud PfSense box.

MY TIP: Get a good DD-WRT router and spend a bit more money on that. The time you'll save will pay off (remember: Time is Money). But if you're still interested in networking as such, use that old computer and build yourself a small linux (Ubuntu) server (after you installed the DD-WRT). You can (yourself) have it do everything PfSense can do, but you'd be building and configuring the software yourself, from scratch. That means, you will pretty quick get a grasp and understanding of what's really going on.
Why Ubuntu? because you can find amazing documentation on the internet about anything you want to accomplish... routing, firwewalls, VPNs, proxies, caches... everything. Learning by doing. It's amazing.

@Dexter Kane: I'll nominate you for THE most patient man (or women) on the internet. You should be rewarded with an alcoholic beverage of your choice for explaining all this in detail.

I totally agree with you. It's fun to play around with pfsense but at the end of the day if all you're doing is connecting one network to one internet connection you're much better off with a $100 router rather than using an old PC which is going to use 200 watts of power, compared to something which uses less than 10w. DD-WRT or openwrt are great to play around with too and really they have a lot of the same functionality, just running on lower specs. But for a simple home network you don't need much performance.

 

And thanks, I never get to talk about this sort of stuff with anyone I know so it's no problem for me, but I'll take that drink though :P

Hmm, well I've thought about this for a little while now and after factoring power consumption into the equation I've decided to get a dd-wrt supported router. Thanks for all of the help though Dexter Kane, it's been uber helpful and it has sparked my interest in networking. Even though I won't be using pfSense now, I may do in the future or something similar, especially if I take a career in networking. So once again, thanks! What could I use this old PC for then? Any suggestions?

Also OT but on the other thread I had about NAS. What would be the actual benefits of having a dedicated NAS over using my main rig to hold the drives and have the access to them being there? I would have room for Intel nics and hard drives and stuff too.