PfSense Installtion
-
All my time is wasted at format and install. I cannot upgrade my IT skills anymore because of this matter. BEEP Malaysia ISP.
I suspicious my ISP hacked. I know this is unbelievable but this is a true story.
I don't know the reasons. From the output of trend micro, someone has connected to your network, then display the ip address of my router.My router is suck because is not statefull firewall. My router is Zyxel-p334WT.
I hope you can help me out.
****NOTE: Edited by Admin. please keep the conversation civil.****
-
As an IT student you sure have fellow students around that can help you setup your network correctly.
Private subnets and netmasks seem to be a good starting point in your case.
And there are lectures about basic networking you should attend… -
This is a home network but i need to make as secure as corporate network because i 'm IT student from Malaysia and i would like to learn.
Besides that, the evidence of being hacked is the iptables firewall is being deleted. I used Fedora 7.
File which deleted
1. proc/net/ipv4/
2. /etc/sysconfig/iptables-config
3. IPtables contrack lib file
4. All the rules have been deleted.I don't know how the intruder can gain root access.
What services are you exposing to the Internet/untrusted networks (eg, web server)? I'm certain that one of those is the source of your problem, which as I've said elsewhere changing you firewall won't help.
I'll also second jahnoix's comments in his post above.
-
I don't have the resources(Money) to attend the class. Internet is the basic method where i can gain variety of resources.
I think i should put my knee in the floor to bag for help. We know that UNIX is a difficult job but you can guide me through such as links or book and step by step set up.
Thanks for your help.
Your help is greatly appreciated by me and others.
-
If you want to study online then this could be a start - among lots of other sources.
http://en.wikipedia.org/wiki/IP_address
http://en.wikipedia.org/wiki/Subnetwork
http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf (White paper about IP addressing)The links within the wikipedia articles might be worth visiting as well.
-
Thanks for your help.
By the way, i cannot even connect to webGUI. Therefore, i get limited or no connectivity.
I hope you can help me.
Please.
Please.
Please. -
I can get the ip from pfsense during live compact disc without connect the wide area network.
Why after installation i no longer can connect to the LAN interfaces and WebGUI ?
The xp saying limited or no connectivity.
I hope you all can help me.
Thanks
-
Generally "limited or no connectivity" in XP means I can't get an IP address.
So did you setup the DHCP server? if not you either need to set it up or assign your XP PC an IP manualy
PfSense is great but it is probably not a "My first firewall" type thing.
Setting up a good firewall badly won't help you not get hacked. -
You seem to be able to surf the net. Fine.
Go and read about IP networks, private subnets and netmasks way before trying to configure your firewall.Once you do this you will find that all your equipment has to be in the same private subnet with the same netmask. Then you can surf with your XP PC as well. There were at least half a dozen hints in this thread alone you didn't get…
Read and understand basic networking FIRST!
-
Do i need the DHCP server ? I worried this will weaken the firewall and outside can connect to my network.
I can connect to the internet without pfsense. This is a home network.
Thanks for your help.
Your help is greatly appreciated by me and others.
-
Do i need the DHCP server ?
No you can manually assign IPs to every box on the network
@Peter_APIIT:I worried this will weaken the firewall and outside can connect to my network.
Not if you don't break the normal setup. Your DHCP server will only respond on the interface you enable it on eg LAN
@Peter_APIIT:I can connect to the internet without pfsense. This is a home network.
Yes!!! use any home network router you can buy. Most have a firewall and default rules that will work and a support line for you to call and are used to answering the basic questions you keep asking.
Please read all the howstuffworks.com etc stuff on networking it will help (start here http://computer.howstuffworks.com/home-network1.htm )
-
Is it possible for me don't set up the dhcp server in pfsense and let the router do the job for me ?
The network diagram is as below:
Modem->Pfsense->Router->PC && Laptop.If i set up the dhcp in pfsense, i need to disable the dhcp server in router, then the problem is how can assign for the laptop ?
Any official pfsense guide to set up dhco server ?
-
It's become very apparent that you know little to nothing about networking. I would strongly suggest you learn that first, then come back and play with pfSense.
In your diagram each "->" is a separate network, with separate IP ranges. You can run DHCP on each without affecting the other (hint, your pfSense box already gets it's WAN address via DHCP).
As for pfSense related documentation on setting up DHCP servers - if you know basic networking then configuring DHCP is obvious.
-
I have configure the dhcp server through the pfsense box but still get limited or no connectivity.
I cannot click the system setup wizard during the pfsense live cd.
When i move down, pfsense display different menu.Please guide me to solve this problem.
Thanks for your help.
Your help is greatly appreciated by me and others.
-
I have configure the dhcp server through the pfsense box but still get limited or no connectivity.
Then you need to work out the cause. Without the full picture nobody can help you. If you want help you need to:
- Provide an accurate diagram showing how every device is connected
- List the network addresses, including subnet, for every network segment
- List the host addresses for every interface of every device
If you can't answer any of these questions then you're in far over your head.
I cannot click the system setup wizard during the pfsense live cd.
When i move down, pfsense display different menu.There is a well documented problem with using IE with pfSense - use Firefox. Heck, learn how to use the search function of this forum, which is far less complicated than pfSense.
-
Modem(IP:192.168.100, Gateway:192.168.1.254->pfsense - WAN(DHCP), LAN(10.0.0.1) Subnet Mask:255.0.0.0 -> Router(IP:192.168.1.33, Gateway:192.168.1.1) Subnet Mask:255.255.255.0 -> PC && Laptop.
Do i need to create the /etc/dhcpd.conf ? I think i have start the service.
- List the host addresses for every interface of every device.
What u mean here ?
Thanks cry. Your help is greatly appreciated by me and others.
-
I using Mozilla Firefox in windows box.
-
I get a tutorial from
http://www.brennan.id.au/10-DHCP_Server.html
# DHCP Server Config File
ddns-update-style none;
ignore client-updates;lease-file-name "/var/lib/dhcpd/dhcpd.leases";
authoritative;option domain-name "example.com";
default-lease-time 86400; # 24 hours
max-lease-time 172800; # 48 hourssubnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name-servers 192.168.1.1;
option ntp-servers 192.168.1.1;
option netbios-name-servers 192.168.1.1;
option netbios-node-type 8;
range 192.168.1.101 192.168.1.200;
}I don't have the example.com. DO i need a domain name ? Sorry for stupidity.
Thanks for your help.
-
Why i need a domain name because i did not hosting any web server?
Thanks for your help.
-
Modem(IP:192.168.100, Gateway:192.168.1.254->pfsense - WAN(DHCP), LAN(10.0.0.1) Subnet Mask:255.0.0.0 -> Router(IP:192.168.1.33, Gateway:192.168.1.1) Subnet Mask:255.255.255.0 -> PC && Laptop.
Right, it's pretty obvious you've no clue as to basic networking. I will say once more - learn networking first.
Hint - you're never going to get this working if you make the WAN address of the internal router on a different network from the LAN address of the pfSense host.
Do i need to create the /etc/dhcpd.conf ? I think i have start the service.
Configure the service using the GUI. If you're using the command line you're just causing yourself even more problems than you already have.
- List the host addresses for every interface of every device.
What u mean here ?
As I said, if you can't answer these questions then you're in too far beyond your current level of knowledge.
I get a tutorial from
http://www.brennan.id.au/10-DHCP_Server.html
<–-SNIP--->
I don't have the example.com. DO i need a domain name ? Sorry for stupidity.Thanks for your help.
Copying a configuration file without knowing what you're doing isn't going to help you. If you want to follow such tutorials then install a standard operating system (BSD, Linux - your choice) and work with that. pfSense is designed to be managed via the GUI only.
I'm going to stop responding to this thread now.