Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How much setup to reach critical mass equivalent of a COTS router?

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    5 Posts 4 Posters 981 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      FeeNiX_Rising
      last edited by

      I was just wondering how much beyond the default install is needed to bring a pfSense install to the security equivalent of a COTS (Commercial off the shelf) home router? There are many things I'd like to explore of course, but I'm trying to get a general idea of what NEEDs to be done to have security comparable to what I currently have before I make the switch.

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Nothing to do - by default all incoming connections on WAN (or any other new interface you add) are blocked. Connections originating from devices on LAN are allowed. This is what "home routers" normally do by default.

        Then you can restrict what LAN clients can do (if you care), make a VPN server so you can connect in securely remotely (if you have a public IP) and whatever other stuff you want/need.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • F
          FeeNiX_Rising
          last edited by

          Thanks! I appreciate the help!

          1 Reply Last reply Reply Quote 0
          • X
            xman111
            last edited by

            it starts off just as good but where you can go from there is where the fun begins.  I have 5 or 6 Vlans,  full time VPN running to Airvpn as well as VPN server to get in from work.  The possibilities are endless.

            1 Reply Last reply Reply Quote 0
            • V
              Velcro
              last edited by

              ditto with xma111's comments….from there you can add geo blocking, malware IP blocking, ad blocking, open source with transparent code demanding updates when needed, IPS.

              Pretty rich...

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.