Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NOOB HELP. Setup with networking + pfsense

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 521 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yoyoSE156d
      last edited by

      Hi. I'm planning this setup right here. I am a total noob so critique away!
      I currently have 3 pcs and am wondering how to have the pfsense+network setup. There are some concerns I have about security and how a NAS should be implemented.

      • PC#1 My main pc
      • PC#2 Shared pc that has editors/designers remote desktop
      • PC#3 Backup PC for backing up files to the cloud
        Questions:
      1. How should I set up my PC#3? Should I use my backup PC as a NAS to share files with my main + editor? and at the same time back up to the cloud?
      2. How can I access the NAS while decreasing risk or breach after a hack of PC#1. How can I limit access to the NAS?
      3. Is there a way to protect PC#1 and PC#3 if I give access to my NAS to my editors on PC#2?

      URL: https://imgur.com/56KmQKd

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        With a simple setup like that most people would just put them on one subnet and rely on filtering on the hosts to restrict access.

        If you have them all connected to different pfSense interfaces you can setup firewall rules to filter traffic however you want but it will also make transferring data between hosts more complex.

        Y 1 Reply Last reply Reply Quote 0
        • Y
          yoyoSE156d @stephenw10
          last edited by

          @stephenw10 thanks for your reply! i will prob have to mix in physical and digital security methods. Possibly will be disconnecting ethernet cables on PCs not needed to be connected, such as pc for monthly backups.

          in regards to what you said, yes i was thinking about firewall rules, but others were still saying there are still risks. do you know of other ways to protect besides firewall rules? its a very minimal setup but i am a total noob at this!

          Austin 0A 1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            You can run Snort or Suricata to look for suspicious traffic. But I would not recommend doing that at least until you have the basic setup completed and traffic is flowing as you intended. Many new users make the mistake or trying to enable everything at once and then get stuck troubleshooting everything at once! 😉

            1 Reply Last reply Reply Quote 0
            • Austin 0A
              Austin 0 @yoyoSE156d
              last edited by

              @yoyoSE156d I mean if the NAS is not accessible externally (from the internet), and you filter traffic from the other devices to the NAS you are off to a good start. Other than that make sure to keep things up to date, and use good passwords. Unless you have some reason to think that you would be directly targeted I think that would pretty much be enough.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.