How much setup to reach critical mass equivalent of a COTS router?

  • I was just wondering how much beyond the default install is needed to bring a pfSense install to the security equivalent of a COTS (Commercial off the shelf) home router? There are many things I'd like to explore of course, but I'm trying to get a general idea of what NEEDs to be done to have security comparable to what I currently have before I make the switch.

  • Nothing to do - by default all incoming connections on WAN (or any other new interface you add) are blocked. Connections originating from devices on LAN are allowed. This is what "home routers" normally do by default.

    Then you can restrict what LAN clients can do (if you care), make a VPN server so you can connect in securely remotely (if you have a public IP) and whatever other stuff you want/need.

  • Thanks! I appreciate the help!

  • it starts off just as good but where you can go from there is where the fun begins.  I have 5 or 6 Vlans,  full time VPN running to Airvpn as well as VPN server to get in from work.  The possibilities are endless.

  • ditto with xma111's comments….from there you can add geo blocking, malware IP blocking, ad blocking, open source with transparent code demanding updates when needed, IPS.

    Pretty rich...

Log in to reply