Hide isp ip

doomsday

what i want to know is how to have pfsense to hide the giveing ip from the isp i got verizon and i want to hide the internet ip givein by the isp to the routher they gave me.

so this is how its set up now  router>internet>pc>internet>router

this is want i want  pfsense>routher from isp>internet>pc>internet>pfsense

i this so when you go to like ipchicken and it show your ip it wont show the isp giveing ip in this wont get info of your town and city and state and stuff

jahonix

How is this supposed to work?
The IP you get from your ISP is your address onthe internet, so to say.
To change that you would have to spoof something in front of that - and that is at your ISP's site or further down the route.

The only thing that could be done is to use some kind of external anonymiser/proxy you're surfing through.

Cry Havok

Short version - you can't hide on the Internet.

You could route, as jahonix said, all your traffic (or just your chosen traffic, but that's more risky) through some form of proxy or anonymiser (such as tor).  However if you use a single proxy or anonymiser then the owners of that will know exactly who you are and where you're going.  Only with something as distributed as tor have you any chance of hiding, and even then there are no shortage of ways for you to be tracked.

doomsday

is it not the job of the firewall to keep the bad and good people out of your network so there forth there have to be a way to put the ip given from the isp behind pfsense to give a fake address

now if you use the gateway the ip that is given by the isp in to pfsense and use that for your gateway you cant get online even

but they give you two diff ip's this is from verizon my ips i have a internet ip and interget gatway ip can i use one of them to plug in to pfsense for my gateway and will pfsense then let me online if i use one from the ips cuz right now my gateway tho pfsense is 192.168.1.3

Cry Havok

I am afraid that your post is hard to understand.  However, two comments:

• The job of the firewall is to apply the policies you write.  Nothing more.  It can't tell the difference between "good" and "bad" people, only packets that it should pass and those it shouldn't.

• You can't use a "fake address" to connect to the Internet.  Think of it like giving everybody a fake phone number because you don't want them to know your real phone number.  How are they supposed to call you?  Or giving your friends a fake address then being surprised when they don't come to your party.

If you're worried then read up on Tor and once you understand what it can, and can't, do for you decide if it helps you resolve your concerns.  It doesn't magically stop you being tracked though, just means that people can't trivially identify your IP address.

doomsday

yes i know all this. but there have to be a way to lock down pfsense

Cry Havok

If by "lock down" you mean "secure everything on the network" you're missing the point.

The firewall is just one part of the security jigsaw.  As well as firewall policies that only allow the traffic inbound you require you need to:

• Implement application layer proxies or relays (eg, Squid, EMail server, DNS server etc) so that the relevant outbound traffic content is under your control

• Limit outbound traffic to only those ports that you require - if you've implemented application layer proxies then there may be no outbound ports required

• Patch all your systems

• Keep all the software (including browser plugins) updated

• Install, and keep updated, anti-malware products on all computers

• Consider firewalls on all desktops to manage outbound connections

Firewalls know nothing about content, just ports IP addresses and (network) protocols.  They aren't a magic solution you can push buttons on and secure networks.

doomsday

i'm running vmpfsense and vmsmoothwall both are hooked in to my two nic's with both gateways and ip's for both vm's in the advance tab in network settings. i know theres a way but dont know how to. to make the vmsmoothwall kick in when if some one is apple to knoke out the vmpfsense. how would you set that up or is it jut fine to run both right off the nic's

Cry Havok

Unfortunately your posts are still very hard to understand - what do you mean by "make the vmsmoothwall kick in" and "some one is apple"?  If English isn't your native language then I'd suggest you try a forum with a language you're more experienced with.

Can you provide a picture showing how the logical connectivity works and simply and clearly what you are trying to achieve.

doomsday

man your an god damn idiot you know that do you just respond cuz you feel like it or cuz your that big of a moron

Cry Havok

I'm trying to help you, but your posts are hard to understand (hint, how many other people are posting in this thread).  If you feel like being abusive rather than trying to work with me then I'm happy to not help you.

cmb

Congrats doomsday, you've gotten yourself banned. It's rather obvious you have absolutely no idea what you're talking about, and not the slightest clue about networking. Then you attack someone who is trying to help you and clearly knows what he's doing from his 1400+ posts here.