A Road Warrior pfSense Laptop

NollipfSense

Has anyone setup a road warrior laptop using pfSense firewall for traveling? My thoughts are installing pfSense on say VirtualBox with the laptop's WIFI as WAN. So, one would be routing traffic going through the physical laptop to the virtual network then back to the physical laptop. What are your thoughts and how would you achieve this? I doubt I would install any packages, but if possible, it would be Suricata or Snort.

akuma1x

I'm curious, what would be the point of running IDS/IPS on a traveling network connection? Are you dragging along (maybe on the laptop itself) servers while you travel?

Jeff

NollipfSense

@akuma1x said in A Road Warrior pfSense Laptop:

I'm curious, what would be the point of running IDS/IPS on a traveling network connection? Are you dragging along (maybe on the laptop itself) servers while you travel?

Jeff

Jeff, the laptop would be just like going to the coffee shop and accessing the WIFI. Still not sure whether I would have IDS/IPS as memory is limited. For sure, I would want a floating rule blocking in direction. So far, I have installed it on VirtualBox and trying to configure it but having difficulty access LAN. I have enabled two network adapters on VirtualBox but thinking I need to enable three network adapters.

riften

I had thought about it, but then thought better of it. Instead I setup openvpn. When I am out with the laptop or tablet, I just launch the VPN. It requires a TLS key to initiate the connection, a certificate+username and password to authenticate, and by not allowing a split tunnel, all my internet must go through the tunnel and into my home network, then out the PFSense router using all my rules, PFBlocker and Snort. I also loaded up the VPN on my cell phone so can even surf with that encrypted on a public wifi. The goal for me is not to have someone sniffing what I am doing, and I think this fits the need.

noplan

use case ?

install openVPN (no splitt tunnel allowed)
fire it up @ starbucks and noone can sniff your traffic cuz all is goin over the vpn

works fine her for years
br NP

chpalmer

I followed this when I did it.. https://youtu.be/7rQ-Tgt3L18

noplan

@chpalmer
always a very good channel for pfS related stuff
yes and it works ;)

pi

@NollipfSense

Were you able to get this to work? I’d be interested in the results

noplan

@pi

of course is openVPN here running
with the topping of notification via mail when user was on the system
without prolblems

NollipfSense

Thanks guys for chiming in and suggesting VPN; however, the idea isn't about connecting to one's home network ... the idea assumes that one doesn't have a home network at all ... the only assumptions are that one has a laptop and one is traveling as well as the laptop has limited RAM (16 or less).

One avenue that looks very promising is pfSense cloud and I will look into it this week: https://www.netgate.com/solutions/pfsense/index.html#cloud