Overview of pfSense Firewall
The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality. pfSense software, with the help of the package system, is able to provide the same functionality or more of common commercial firewalls, without any of the artificial limitations. It has successfully replaced every big name commercial firewall you can imagine in numerous installations around the world, including Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and more.
pfSense software includes a web interface for the configuration of all included components. There is no need for any UNIX knowledge, no need to use the command line for anything, and no need to ever manually edit any rule sets. Users familiar with commercial firewalls catch on to the web interface quickly, though there can be a learning curve for users not familiar with commercial-grade firewalls.
pfSense Core Features:
- Stateful firewall with granular rules (time-based, connection limits, GeoIP blocking, NAT)
- Routing (static routes, RIP, OSPF, BGP)
- Multi-interface support with load balancing and WAN failover
- Traffic shaping wizard
- VPN client/server
- Site-to-site and remote access
- L2TP/IPsec/OpenVPN
- Split tunnel
- Multiple tunnels
- VPN tunnel failover
- Automatic or custom routing
- Integrated services
- Local user authentication or RADIUS/LDAP
- DHCP client/server
- DNS forwarder with Dynamic DNS support
- NTP client/server
- Captive portal
- Customizable dashboard
- Easy encrypted configuration backup/restore
- Extensible packaging system
- Multi-language support
Tutorial Download & Instalasi pfSense di Platform perangkat IDNetWALL
- Download pfSense disini.
- Version: Available latest version (Contoh instalasi versi 2.4.4 p3)
- Architecture: AMD64 (64-bit)
- Installer: USB Memstick Installer
- Console: VGA (Contoh instalasi menggunakan VGA/HDMI monitor)
- Anda perlu “Extract” file extension .GZ menggunakan aplikasi winzip atau 7zip untuk mendapatkan file ekstensi .IMG yang akan diburning nantinya ke Flashdisk.
- Download aplikasi Rufus untuk create bootable USB versi portable disini.
- Create bootable Software pfSense ke flashdisk menggunakan aplikasi Rufus dengan langkah-langkah berikut:
- Hasil bootable software pfSense:
- Verifikasi BIOS mode adalah: EUFI only
- Pastikan perangkat dalam keadaan Power-Off.
- Koneksikan perangkat ke Monitor.
- Koneksikan perangkat dengan USB Keyboard.
- Power-On perangkat. Saat awal perangkat Power-On, tekan tombol “DEL” secara berulang-ulang untuk masuk ke BIOS.
- Jika sudah masuk ke BIOS, maka Anda perlu memastikan BIOS mode di Menu “Advanced > CSM Configuration > Boot option filter“. Pilih EUFI only.
- Save Changes and Exit.
- Koneksikan bootable Flashdisk Software pfSense ke port USB perangkat.
- Power-On perangkat. Saat Awal booting perangkat, tekan “F11” untuk masuk ke opsi Boot BIOS. Kemudian pilih “EUFI: FlashDisk-Name, Partition 1”
- Initial boot software installation
- Accept
- Install (Install pfSense) > OK
- Continue with default keymap > Select
- Auto (UFS) – Guided Disk Setup > OK
- Partition > Entire Disk > Confirmation > Yes
- Partition Scheme > GPT (GUID Partition Table) > OK
- Partition Editor > ada0 > Finish > Commit
- Proses instalasi software pfSense
- Manual Configuration > No
- Installation Complete. Remove Flashdisk dari perangkat, kemudian Reboot.
- Pada percobaan instalasi, kami mengkoneksikan perangkat dengan 2 kabel LAN
- LAN 1 > sebagai WAN connection
- LAN 2 > sebagai LAN connection
- Console CLI pfSense dan testing ping ke internet (DNS Google IP: 8.8.8.8).
- Web Console Admin pfSense ke IP LAN https://192.168.1.1 dengan default credential login
- Username: admin
- Password: pfsense
- Error self-sign certificate:
- Login
- Initial Config
- Dashboard. Pada tahap ini, instalasi software pfSense telah berhasil dilakukan.
