New installation suggestions please



  • Hi everyone

    Im new to pfsense and would like to get some guidelines and ideas for my installation. I am currently using ipcop, but I'm afraid this is soon to change.

    My current setup is as follows

    1. DSL line with a dynamic IP Address, no option of getting a static IP without it costing us lots of money
    2. Netgear DG834 DSL router set up in bridged mode
    3. IPCop firewall, 1st NIC (red i/f) connected to netgear router and 2nd NIC (green i/f) connected to Cisco 2950 switch. Wireless AP also connected to Cisco switch.
    4. IPCop does PPOE connection through red i/f and registers with DYNDNS
    5. Win SBS 2003 Premium server for dhcp, dns, mail and a few other LAN apps (through POP connector) connected to Cisco switch
    6. A Couple of Win XP desktops (connected to LAN) and a few notebooks (connected to wireless AP)

    We now have a problem where somone is burning a lot of bandwidth and we dont know who. The wireless is secure and I'm the only one with the key and passphrase.

    I need to have the following enabled. This should be straight forward NAT / port forward

    1. RDP to my server from the internet (TCP 3389)
    2. RPC over HTTP from mail from the internet (TCP 443)
    3. Access to the firewall from the internet (TCP 443)
    4. VPN

    My big question is now (and my ideas), what packages do I need to install to

    1. Setup a proxy server with white / blacklists and AD authentication (squid + squidgaurd)
    2. Spam filter (spamd)
    3. Anti-Virus (HAVP antivirus)
    4. Bandwidth monitoring per device / IP (bandwidthd or darkstat with ntop)
    5. VPN (IPSEC or OpenVPN)

    Is this the ideal setup for my scenario or does anyone have any suggestions please, it will be greatly appreciated


Log in to reply