Install pfSense Qemu Guest Agent

February 24, 2023 by Rumi

Software Versions

The following software versions were used in this post.

pfSense Community Edition – 2.6.0
QEMU Guest Agent – 5.0.1

Install the qemu-guest-agent package.

pkg install -y qemu-guest-agent

Once installed, there is a note on how to setup the agent.

Modify your `/etc/rc.conf` by adding these settings

qemu_guest_agent_enable="YES"
qemu_guest_agent_flags="-d -v -l /var/log/qemu-ga.log"

and run Continue reading “Install pfSense Qemu Guest Agent” »

Extreme slow internet speed pfsense over proxmox

February 16, 2023 by Rumi

For a qemu proxmox guest PFSense acts weriedly with the network speed- it gets extremely slow. So her goes the little tweaks that worked for me-

First, I chose Intel E1000 Interfaces instead VirtIO.

Second, in the PFSense webconsole-

In pfSense GUI, System > Advanced > Networking > Tick on-

Disable hardware checksum offload
Disable hardware TCP segmentation offload
Disable hardware large receive offload

pfSense firewall rules for WhatsApp

January 28, 2023 by Rumi

For simplicity, you can also follow the step by step instructions from your pfSense WebGUI below:

1. Create a PORT alias:

Firewall -> Aliases -> Ports -> + AddName: WhatsAppPortsTCP
Port: 443
-> + Add PortPort: 5222
Save (bottom) -> Apply Changes (top right)

2. Create a URL alias:

Firewall -> Aliases – URLs -> + AddName: WhatsAppIPv4_URL
Type: URL Table (IPs)
URL Table (IPs): https://adamnetworks.dev/pub/fwaliases/raw/master/ips/whatsapp.txt /(update frequency): 1
Save (bottom) -> Apply Changes (top right) Continue reading “pfSense firewall rules for WhatsApp” »

Mount CDROM to Pfsense

November 19, 2022 by Rumi

Go to a shell.
Make a directory to mount the CD at:
mkdir /tmp/cdrom
Mount the CD:
mount_cd9660 /dev/acd0 /tmp/cdrom or mount_cd9660 /dev/cd0 /tmp/cdrom
CD is now mounted at /tmp/cdrom. When finished unmount:
umount /tmp/cdrom

* Note: If your cdrom device is not acd0, check the bootup messages for the proper device.

Running pfSense in a XenServer with xenguest

November 19, 2022 by Rumi

If you deploy pfSense on a XenServer, you may be shocked at the performance loss-specially on interface speed! But wait, there are some tweaks to make this usable.

Installing pfSense

Go ahead and setup pfSense like normal, and when you are done, perform the following tweaks. (the day till it’s tested on pfsense version 2.5.2 and xen on scp-ng 8.1)

XenServer tweaks

Find UUID for the pfSense VM you just installed.

xe vm-list

You should get something like the following

uuid ( RO) : b435d920-eb22-b45d-5058-091619ed427f
name-label ( RW): pfSense
power-state ( RO): running

uuid ( RO) : 42626f69-6185-4aa6-a125-839700f96828
name-label ( RW): Control domain on host: xenserver-000
power-state ( RO): running

We want the UUID of the instance running pfSense, b435d920-eb22-b45d-5058-091619ed427f in this case. Continue reading “Running pfSense in a XenServer with xenguest” »

Set Up a Radius Server on pfSense

November 2, 2022 by Rumi

Installing the Package

The pfSense 2.X package manager includes both FreeRadius and FreeRadius2 as installation options. For this example, I’m going to be using FreeRadius2 since it has some additional features not found in the previous version.

Only one version of radius can be installed on pfSense at a time. If you previously installed any radius packages, go ahead and remove them first.

The package installation will briefly interrupt traffic passing through the router as the service starts, so be careful when running the installation on a production system.

Open the package manager in the system menu of the web interface.
Click the plus symbol next to FreeRadius2 to begin the installation.
Click ‘Ok’ to confirm the package installation.

You cannot run both FreeRadius and FreeRadius2 on the same pfSense system. Make sure to remove one before installing the other. The setup process will automatically download and install the radius package along with all of its dependencies. The installation normally takes a couple of minutes to complete.

After it’s finished, there will be a new menu item for the package in the services menu. The FreeRadius installation normally takes a couple minutes to complete. Continue reading “Set Up a Radius Server on pfSense” »

PFSense SNMP Configuration

September 9, 2022 by Rumi

Open a browser software, enter the IP address of your Pfsense firewall and access web interface. In our example, the following URL was entered in the Browser:

https://192.168.15.11

The Pfsense web interface should be presented. After a successful login, you will be sent to the Pfsense Dashboard.

Access the Pfsense Services menu and select the SNMP option. Continue reading “PFSense SNMP Configuration” »

Allow Ping on PFSense WAN interface

September 9, 2022 by Rumi

This article shows you how to allow ##ping## on the WAN side of your pfSense firewall. By default, ping to WAN address is disabled on pfSense for security reason. However, you may want to allow ping for different reasons, here is how:

# Login to pfSense
# Open Firewall > Rules.

# Change Interface to wAN.
# Change Protocol to ICMP. Continue reading “Allow Ping on PFSense WAN interface” »

Build PPPoE server using PfSense

June 29, 2022 by Rumi

Before building a PPoE system, it is estimated to assume that we’re building it on the following principal and prerequisite conditions-

It’ll be a NAT PPPoE router
At least 2 Interface we’ll be needing- 1 for WAN/Internet/Uplink and the other for LAN/PPoE user.
A reserved LAN IP for PPPoE server itself (other than the LAN IP)
Disable DHCP service if it’s running
Prefereably disable DNS Resolver and enable DNS forwarder
As of this pfsense/Netgate tutorial is being written the version is 2.6
A

For easy understanding here goes my mockup instace WAN and LAN IP-

WAN IP- 114.130.95.196/27, 114.130.95.193
LAN IP- 192.168.1.1/24
PPoE Reserved IP- 172.16.16.1
DNS- 8.8.8.8
LAN port is connected to the LAN switch or alternativey you can connect it to your PC
Assuming you have an operting pfsense using static IP endpoint and you can use internet using static gateway configuration.

So here goes the steps-

Step 1: Create and Configure PPPoE Server:

Go to services > PPoE Server section and click on ADD
On the PPPoE Server Configuration page do the followings-

Continue reading “Build PPPoE server using PfSense” »

Testing Freeradius of Pfsense

April 4, 2016 by Rumi

FreeRADIUS offers an easy to use command line tool to check if the server is running and listening to incoming requests. Aninterface, a NAS/Client and a user must all be configured:

Add a User with the following configuration:Username: testuser
Password: testpassword
Add a Client/NAS with the following configuration:IP-Address: 127.0.0.1
Shared Secret: testing123
Add an interface with the following configuration:IP-Address: 127.0.0.1
Interface-Type: Auth
Port: 1812
SSH to the pfSense firewall and type in the following on the command line while FreeRADIUS is running (check before in System Log):
radtest testuser testpassword 127.0.0.1:1812 0 testing123

The following output should appear if everything was setup correctly: Continue reading “Testing Freeradius of Pfsense” »

Bots!

Brain's Workbench

Tag Archives: pfsense