Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to monitor LAN traffic, without pfSense yet.

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 524 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      darkcorner
      last edited by

      To better evaluate the existing situation and decide which pfSense configuration to activate, I wanted to monitor the current traffic because, in my opinion, there are (unidentified) PCs that use the Internet improperly.
      For this reason my idea was to install a small pfsense without any rules with the LAN card connected to the LAN switch and the WAN port connected to the LAN port of the current firewall.
      On pfSense I would only install packages to monitor traffic.

      What is your opinion?
      What kind of configuration to put? Which packages?

      Or do you have a different proposal?
      For example with a small PC with two network ports, Debian or Ubuntu, and some tools.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You could do that with pfSense.

        If you don't want to change the subnet on one side though you would have to use two bridged interfaces in the connection.

        Then use one of the traffic monitoring packages depending on what you want to see:
        https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/bandwidth-usage.html

        Steve

        1 Reply Last reply Reply Quote 0
        • D
          darkcorner
          last edited by

          I was too hasty because my idea has a big flaw: I would find myself having LAN and WAN on the same network.
          At this moment I cannot change the configuration of the current firewall or even of the existing servers.
          The firewall creates a LAN 192.168.1.0 on which all PCs and servers are now located.
          If I put pfSense in this LAN (downstream of the firewall) I will have an address of its WAN card in the same network, for example 192.168.1.100.
          However, to keep the current connections between PC and server I would always have to configure his LAN with 192.168.1.0 and this would conflict with his WAN.

          Perhaps the solution is to insert a PC with tools to monitor traffic instead. What do you recommend?

          stephenw10S 1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator @darkcorner
            last edited by

            @darkcorner said in How to monitor LAN traffic, without pfSense yet.:

            my idea has a big flaw: I would find myself having LAN and WAN on the same network.

            That's why you would need to use bridged interfaces for the link. Then they are in the same subnet.
            You can use a separate interface for management if you want. It can also be on the bridge but it's much more difficult to setup. Very easy to shut yourself out.

            Steve

            1 Reply Last reply Reply Quote 0
            • ?
              A Former User
              last edited by

              MRTG on RaspBerry PI

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.