Installing on a Firebox X700
-
pfSense is secure by default. ;)
In order to make it as secure as possible you should use rules that only open ports and interfaces you need. For example you should use, source: LANnet (or equivalent interface), in your rules to restrict what machines are allowed out.
You can restrict this further but only allowing ports you need, http, ssh, pop3 etc. Though it's easy to overlook something and end up blocking your own traffic.Steve
-
just got a e series firebox upon receiving it doing research on pfsense and it said special tools required to get pfsense working is that correct?
-
Yes you need to do a workaround in the bios to make it boot a CF card larger than 512MB. In order to do that you can either make up cables to connect a monitor and keyboard or reflash the bios with one that allows console redirect.
See:
http://forum.pfsense.org/index.php/topic,20095.msg190456.html#msg190456Which e series model do you have?
Steve
-
i got x750e 1250e and some peak models. I plan on listing the x750e since i got a lot for a great price.
-
Nice! :)
The peak-e models are actually less good for pfSense as the CPU is not correctly picked up by the speedstep driver and hence they run much hotter. The Core-e has a Celeron which doesn't have speedstep but can be replaced by a pentium-m for very little.Steve
-
Hello,
Does anyone know what 512 sticks of ram will work in these boxes, some people say they get it to work and others don't. I am currently looking at the ones on newegg and see they have three brands to choose from and they're all double sided dimms, any suggestions or specific models that are known to work?
Thanks,
Nico -
You mean the X700 series?
They seem to be very fussy, so much so that I'm just sticking with 256MB. ::)
The best person to comment on this would be Brak since he has upgraded many of these boxes.Steve
-
Hello,
Does anyone know what 512 sticks of ram will work in these boxes, some people say they get it to work and others don't. I am currently looking at the ones on newegg and see they have three brands to choose from and they're all double sided dimms, any suggestions or specific models that are known to work?
Thanks,
NicoPurchased this memory module "Kingston KVR133X64C3/512 512mb SDRAM 133 MHz 168pin" from ebay and it works fine in the X700
Sleeps
-
Trying to get another pfsense box up and running but cant get it to install say "Found compressed image file
Write error after 0 bytes (8192)." tried 3 diffrent files anyone know whats wrong? -
Where are you seeing that error? When writing the image to the CF card? Using what?
Steve
-
Yes
-
tried physdiskwrite
-
It can't write to the card for some reason.
The card is read only? The CF adapter is faulty or not installed correctly? The card is faulty? Some other reason….
You could try using Win32diskimager instead: https://launchpad.net/win32-image-writerSteve
-
Would you be able to help me nat (Newbie here trying to do a 1:1 NAT and having trouble. All I am trying to do is NAT a single host to one of my 10 public IPS and cant seem to get it to work. I am able to RDP from and diffrent lan but cant see it outside the lan or even get to the internet from that machine but can RDP into it. Any help would be great
Thanks
-
Would you be able to help me nat (Newbie here trying to do a 1:1 NAT and having trouble.
This doen't see to have anything to do with pfSense installation or Fireboxes so please start a new topic in a more appropriate forum (perhaps General)/
In the new post it would be helpful to add some configuration information and clarify a few points:
@GOBIGRED:I am able to RDP from and diffrent lan but cant see it outside the lan
This seems contradictory: how can you RDP into it a different lan if it can't be seen outside tha lan? (Guess it depends on which LAN you are talking about. A diagram identifying the differents lans would be helpful.)
or even get to the internet from that machine but can RDP into it.
Is a firewall rule on the adjacent pfSense interface could be blocking internet access. Is there a relevant entry in the firewall log?
-
Sorry about that i posted int he wrong section
Now on tho the nat 1:1 nat
public address 106.57.4.107
Lan host wanting to be seen public 10.8.16.100From another lan in my network i can access the 10.8.16.100 (the server from a rdp connection)
but cant see it public
Hope this helps
-
Did you setup a virtual IP on your WAN for the external address?
Like Wallabybob said, this would be better in a new thread.
Steve
-
Nice! :)
The peak-e models are actually less good for pfSense as the CPU is not correctly picked up by the speedstep driver and hence they run much hotter. The Core-e has a Celeron which doesn't have speedstep but can be replaced by a pentium-m for very little.Steve
Hi
My First Post… @stephenw10 I just purchased a e750x and you are say that the Celeron should be replaced with the Pentium-m. I don't know much about this but can you post which pentium-m model number so I can purchase it on ebay. I would like to have the speedstep feature like you mention....thanks in advance
-
Hi, welcome. :)
The CPUs that are directly supported by the est(4) driver (and hence powerd for Speedstep) are the 400MHz FSB Pentium-M.
The Dothan core uses less power and has more on board cache:
http://en.wikipedia.org/wiki/List_of_Intel_Pentium_M_microprocessors#.22Dothan.22_.2890_nm.29The 735 and 745 can be had cheaply and the 725 and 715 are extremely cheap! All are faster and cooler than the Celeron.
Here's what I've actually tried:
http://forum.pfsense.org/index.php/topic,20095.msg177606.html#msg177606Steve
