Best practices to configure pfsense?
-
Hi guys,
Is there any book or document explaining best practices to configure pfsense? Like the things you should never do, etc.
I have been using pfsense since many years but I learned everything by trial and error so it is not the most efficient. I know it is pretty secure by default but still.
I already looked at the official pfsense book and it is more a reference book.
Thanks
-
Best practices in networking and or firewalls is not specific to pfsense..
Are you talking something like your typical Hierarchical network design? Your not going to be using access, distribution and core layers in your home network ;)
Or are you talking about basic principles in security like least privilege?
To be honest for stable working pfsense would be leave it at default, unless you actually need to change something and you understand what your doing... And don't go adding every available package because you think you should be running an IPS on your home network, etc. etc.. ;)
-
@johnpoz said in Best practices to configure pfsense?:
To be honest for stable working pfsense would be leave it at default, unless you actually need to change something and you understand what your doing...
Agree with that!
Also, to the OP, something you should NEVER do is open port forwards to the "general internet" for servers or services on your internal network(s). Some hacker/cracker will eventually find it and exploit it, guaranteed. If you have internal stuff you want to access from the outside, use a VPN provider/service and remote into your network that way instead.
Also, if you do need/want to create firewall rules to move traffic around your network, it's best to add them 1 at a time and test to make sure stuff works. If it does, you're good. If it doesn't, start looking for answers. Lots of info is on the web and here in the forums.
Jeff
-
This post is deleted! -
This post is deleted! -
This post is deleted!
