Pfsense and Iot devices
-
Hey all, I wanted to see if anyone on here had experience configuring their IoT devices with pfsense and how the process went for you? I am looking to dive into home automation and I wanted to make sure that the gear I have at home and the setup I already have configured. I will most likely spend a lot of time on my own attempting to figure it out but I wanted to see if anyone had run into any issues trying to have their pfsense and IoT devices co-exist.
-
At a loss to why you think the networking on an iot device would be anything different than any other networking device that is not considered iot.
Does the device use tcp/ip - then it will work with pfsense.
Are you asking more how to secure these devices from the rest of your network via putting them on their own network/vlan? And what firewall rules you might want to put in place for them talking to the rest of your network or the internet?
-
Thanks for replying Johnpoz, and sorry if I didn't make that more clear.
These devices will ideally make use of tcp/ip protocol, as most Iot devices do so it should work fine. I was more interested in how to effectively secure the devices from the rest of the network due to many of the security vulnerabilities that some of these IoT devices have. I should have outlined that much better so sorry for the newbie mistake on that.
-
Yes isolate them to their own vlans.. Limit what they can do into your other networks, limit what they can do outbound to the internet. And most likely not allow any unsolicited inbound.. For example if you have camera's and you want to to view them while your remote.. VPN into pfsense and view them that way.
You most likely will also want to log any outbound traffic they might be doing and you allow. Or even what you are blocking - why is that camera trying to talk to an IP in china for example.
You may want to create different vlans for different types of iot devices, etc.. Comes down to what exact iot devices your installing.. And what their connectivity needs are. If you wanting say camera's to upload video to the cloud - prob want to lock that down to only allow them access to the official networks for that, etc.
Pfsense is great for doing this.. But you will most likely want vlan capable switches and wifi so that you can isolate both wired devices and wifi devices to their own vlans.
-
Yes isolate them to their own vlans.. Limit what they can do into your other networks, limit what they can do outbound to the internet. And most likely not allow any unsolicited inbound.. For example if you have camera's and you want to to view them while your remote.. VPN into pfsense and view them that way.
You most likely will also want to log any outbound traffic they might be doing and you allow. Or even what you are blocking - why is that camera trying to talk to an IP in china for example.
You may want to create different vlans for different types of iot devices, etc.. Comes down to what exact iot devices your installing.. And what their connectivity needs are. If you wanting say camera's to upload video to the cloud - prob want to lock that down to only allow them access to the official networks for that, etc.
Pfsense is great for doing this.. But you will most likely want vlan capable switches and wifi so that you can isolate both wired devices and wifi devices to their own vlans.
Thanks for the detailed response Johnpoz! Echoed a few things I had heard and read, which I will be applying. I will post an update of the set up once I get all the devices figured out. Like you pointed out it all comes down tot he exact devices being installed, so i'm going to finalize those first but my security cameras are the ones I want to pay the most attention to, especially because of some of their default plug and play features.
