New to pfSense
-
Hello,
I'm totally new to pfSense.
I wonder if pfSense is suitable for home users.
I have 5 users each user has many devices (mobile, Tablet, PC, PS4)My objectives are:-
Traffic Quota Control
I have a monthly internet subscription with monthly total traffic of 250 GB- Can I use pfSense to give each user 50 GB monthly that can be used on multiple devices?
- Can each user control his daily usage by setting a daily limit?
- Can each user monitor his own usage and the remaining quota ?
- Can each user manage his own profile and change his password?
I start playing with Captive Portal but I found the following issues:-
- each time I restart pfSense and go to captive portal status, When I hover the mouse over a user name, I got a tooltip showing zero bytes send and zero bytes received
- When a user login in to captive portal from multiple devices, I'm expecting to have a dashboard showing the total traffic for each user, but the captive portal status shows a separate record for each device, so I don't have a total traffic for each user.
Monitoring and Reporting
Can I monitor the browsing history of my children and configure browsing filters?I give a try to ntopng, and I find it useful for realtime monitoring.
- I'm unable to customize timeseries to show traffic within certain period. it only have fixed times frames (30m, 1h, 1d, 1M, 1Y)
- Can I create a custom timeframe (for example a monthly report that starts from Jan 14th to Feb 13th, because my ADSL subscription starts at 14th each month)
- ntopng eats cpu, it's always above 80%
I believe that I need to learn psSense in a better way, so I appreciate any hints pointing me the right direction of learning psSense concepts
Thanks in advance
-
@malhabibi said in New to pfSense:
I wonder if pfSense is suitable for home users.
"home users" as a group ?
Hard to say. Some say it's to complicated, others want more - most don't quiet understand what they are using.
For me it's just perfect. @home and @work. Up to you to see if it fits your needs.@malhabibi said in New to pfSense:
Can I use pfSense to give each user 50 GB monthly that can be used on multiple devices?
Although pfSense is a router/firewall and not some kind of 'local traffic cop' it could be used to quantify traffic.
I've got good results using the captive portal, which uses the FreeRaduis package, that checks for daily, weekly or monthly traffic quotas.@malhabibi said in New to pfSense:
Can each user monitor his own usage and the remaining quota ?
Noop.
The info exists of course. It's a file that contains the number of bytes used for each user.But wait : give the access to pfSense, and have them access the Status > System Logs > System > General
The FreeRadius sub system hailstorms that log with line likeApr 27 14:11:48 root FreeRADIUS: User cuisine has used 8 MB of 3096 MB daily allotted traffic. The login request was accepted. Apr 27 14:11:05 root FreeRADIUS: User x has used 0 MB of 2048 MB daily allotted traffic. The login request was accepted.
@malhabibi said in New to pfSense:
each time I restart pfSense and go to captive portal status, When I hover the mouse over a user name, I got a tooltip showing zero bytes send and zero bytes received
Known issue.
Install de Patch package, use this patch " https://github.com/pfsense/pfsense/compare/RELENG_2_4_4...Augustin-FL:fix-reconfig-for-2-4-4.diff " as mentionned many times in the Captive portal sub forum.There s no need to restart pfSense. You can keep it running for weeks or months. I wouldn't say "years" because updating is often consolidated after the reboot. But some leave it up for years - if the UPS works that long ^^
@malhabibi said in New to pfSense:
Can I monitor the browsing history of my children and configure browsing filters?
That's where the package Squid comes in.
Although : "Squid" and "Captive portal" is, from what I know, mutual exclusive.
Consider using OpenDNS, or the package pfBlockerng-devel.Btw : using Squid needs some knowledge that out-passes standard "home usage". The admin needs training to master such a package.
@malhabibi said in New to pfSense:
I believe that I need to learn psSense in a better way
pfSense, globally, is just a router/firewall as there are already thousands of others available on the market, not to be mixed up with certain facilities that can be added by using packages.
The strong point - and weak at the same time, is the fact that it can 'do' so much things for your network. Still, the golden rule still applies : it's as good as the admin managing it, never better ;)@malhabibi said in New to pfSense:
ntopng eats cpu, it's always above 80%
Yep. These byte count tools (big packages) eat resources.
edit : after all : pfSense is probably better for small/middle size companies, Less for places that involves "kids".
-
@Gertjan Thank you very much for your reply.
To make sure I understand your post
- First step for traffic control is to use captive portal + FreeRaduis package
- I'll use system logs for monitoring
Am I correctly understand ?
I forgot to mention that I'm using pfSense version 2.5.0-DEVELOPMENT (amd64), built on Thu Apr 23 15:13:14 EDT 2020
Can I install the patch you mentioned to solve captive portal problem ?
-
@malhabibi said in New to pfSense:
I'm totally new to pfSense.
I wonder if pfSense is suitable for home users.I believe 90% of the community users are home users or SOHO which includes myself.
-
@Gertjan Great reply it is indeed!