Build PPPoE server using PfSense

Before building a PPoE system, it is estimated to assume that we’re building it on the following principal and prerequisite conditions-

  1. It’ll be a NAT PPPoE router
  2. At least 2 Interface we’ll be needing- 1 for WAN/Internet/Uplink and the other for LAN/PPoE user.
  3. A reserved LAN IP for PPPoE server itself (other than the LAN IP)
  4. Disable DHCP service if it’s running
  5. Prefereably disable DNS Resolver and enable DNS forwarder
  6. As of this pfsense/Netgate tutorial is being written the version is 2.6
  7. A

For easy understanding here goes my mockup instace WAN and LAN IP-

  1. WAN IP- 114.130.95.196/27, 114.130.95.193
  2. LAN IP- 192.168.1.1/24
  3. PPoE Reserved IP- 172.16.16.1
  4. DNS- 8.8.8.8
  5. LAN port is connected to the LAN switch or alternativey you can connect it to your PC
  6. Assuming you have an operting pfsense using static IP endpoint and you can use internet using static gateway configuration.

So here goes the steps-

Step 1: Create and Configure PPPoE Server:

  1. Go to services > PPoE Server section and click on ADD
  2. On the PPPoE Server Configuration page do the followings-

Continue reading “Build PPPoE server using PfSense” »

Share

Testing Freeradius of Pfsense

FreeRADIUS offers an easy to use command line tool to check if the server is running and listening to incoming requests. Aninterface, a NAS/Client and a user must all be configured:

  • Add a User with the following configuration:Username: testuser
    Password: testpassword
  • Add a Client/NAS with the following configuration:IP-Address: 127.0.0.1
    Shared Secret: testing123
  • Add an interface with the following configuration:IP-Address: 127.0.0.1
    Interface-Type: Auth
    Port: 1812
  • SSH to the pfSense firewall and type in the following on the command line while FreeRADIUS is running (check before in System Log):
    radtest testuser testpassword 127.0.0.1:1812 0 testing123

The following output should appear if everything was setup correctly: Continue reading “Testing Freeradius of Pfsense” »

Share

Remote Administering pfsense

To open the firewall GUI up completely, create a firewall rule to allow remote firewall administration – do not create a port forward or any other NAT configuration.

Example Firewall Rule Setup

  • Firewall > Rules, WAN Tab
  • Action: pass
  • Interface: WAN
  • Protocol: TCP
  • Source: Any (or restrict by IP/subnet)
  • Destination: WAN Address
  • Destination port range: HTTPS (Or the custom port)
  • Description: Allow remote management from anywhere (Dangerous!)

Continue reading “Remote Administering pfsense” »

Share

Creating PPTP on Pfsense 2.2.4

If you want to build a PPTP server graphically build using pfsense nice looking interface, then please do follow the steps below. Here I assume, a proper NAT firewall is already running in the pfsense configuration.

Step-1

  1. Go to VPN > PPTP from top menu
  2. Under “Configuration” tab-
    1. PPTP redirection > Enable PPTP server
    2. Define “No of user”
    3. Server Address- type 1.2.3.4 (trust me, it works no matter whatever your WAN or LAN IP is!)
    4. Remote Address Range- <your LAN IP>
    5. PPTP DNS Server- I used- 114.130.5.5 and 8.8.8.8
    6. Place a ‘tick’ “Require 128-bit encryption”
    7. Save
    8. Continue reading “Creating PPTP on Pfsense 2.2.4” »

Share

1:1 NAT firewall using pfsense

Assuming you are planning to setup your server infrastructure behind firewall- pfsense. You have a Public IP- 114.130.56.x to be pointed to your private lan server with 192.168.14.x.

Let’s begin-

Step-1

Adding public IP to the WAN interface “Firewall > Virtual IPs ” as below-

1-1-Nat-1

Step-2

Now move on the “Firewall > NAT > 1:1” menu as below- Continue reading “1:1 NAT firewall using pfsense” »

Share