Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hide isp ip

    Scheduled Pinned Locked Moved Virtualization
    12 Posts 4 Posters 10.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      doomsday
      last edited by

      what i want to know is how to have pfsense to hide the giveing ip from the isp i got verizon and i want to hide the internet ip givein by the isp to the routher they gave me.

      so this is how its set up now  router>internet>pc>internet>router

      this is want i want  pfsense>routher from isp>internet>pc>internet>pfsense

      i this so when you go to like ipchicken and it show your ip it wont show the isp giveing ip in this wont get info of your town and city and state and stuff

      1 Reply Last reply Reply Quote 0
      • jahonixJ
        jahonix
        last edited by

        How is this supposed to work?
        The IP you get from your ISP is your address onthe internet, so to say.
        To change that you would have to spoof something in front of that - and that is at your ISP's site or further down the route.

        The only thing that could be done is to use some kind of external anonymiser/proxy you're surfing through.

        1 Reply Last reply Reply Quote 0
        • Cry HavokC
          Cry Havok
          last edited by

          Short version - you can't hide on the Internet.

          You could route, as jahonix said, all your traffic (or just your chosen traffic, but that's more risky) through some form of proxy or anonymiser (such as tor).  However if you use a single proxy or anonymiser then the owners of that will know exactly who you are and where you're going.  Only with something as distributed as tor have you any chance of hiding, and even then there are no shortage of ways for you to be tracked.

          1 Reply Last reply Reply Quote 1
          • D
            doomsday
            last edited by

            is it not the job of the firewall to keep the bad and good people out of your network so there forth there have to be a way to put the ip given from the isp behind pfsense to give a fake address

            now if you use the gateway the ip that is given by the isp in to pfsense and use that for your gateway you cant get online even

            but they give you two diff ip's this is from verizon my ips i have a internet ip and interget gatway ip can i use one of them to plug in to pfsense for my gateway and will pfsense then let me online if i use one from the ips cuz right now my gateway tho pfsense is 192.168.1.3

            1 Reply Last reply Reply Quote 0
            • Cry HavokC
              Cry Havok
              last edited by

              I am afraid that your post is hard to understand.  However, two comments:

              • The job of the firewall is to apply the policies you write.  Nothing more.  It can't tell the difference between "good" and "bad" people, only packets that it should pass and those it shouldn't.

              • You can't use a "fake address" to connect to the Internet.  Think of it like giving everybody a fake phone number because you don't want them to know your real phone number.  How are they supposed to call you?  Or giving your friends a fake address then being surprised when they don't come to your party.

              If you're worried then read up on Tor and once you understand what it can, and can't, do for you decide if it helps you resolve your concerns.  It doesn't magically stop you being tracked though, just means that people can't trivially identify your IP address.

              1 Reply Last reply Reply Quote 1
              • D
                doomsday
                last edited by

                yes i know all this. but there have to be a way to lock down pfsense

                1 Reply Last reply Reply Quote 0
                • Cry HavokC
                  Cry Havok
                  last edited by

                  If by "lock down" you mean "secure everything on the network" you're missing the point.

                  The firewall is just one part of the security jigsaw.  As well as firewall policies that only allow the traffic inbound you require you need to:

                  • Implement application layer proxies or relays (eg, Squid, EMail server, DNS server etc) so that the relevant outbound traffic content is under your control

                  • Limit outbound traffic to only those ports that you require - if you've implemented application layer proxies then there may be no outbound ports required

                  • Patch all your systems

                  • Keep all the software (including browser plugins) updated

                  • Install, and keep updated, anti-malware products on all computers

                  • Consider firewalls on all desktops to manage outbound connections

                  Firewalls know nothing about content, just ports IP addresses and (network) protocols.  They aren't a magic solution you can push buttons on and secure networks.

                  1 Reply Last reply Reply Quote 1
                  • D
                    doomsday
                    last edited by

                    i'm running vmpfsense and vmsmoothwall both are hooked in to my two nic's with both gateways and ip's for both vm's in the advance tab in network settings. i know theres a way but dont know how to. to make the vmsmoothwall kick in when if some one is apple to knoke out the vmpfsense. how would you set that up or is it jut fine to run both right off the nic's

                    1 Reply Last reply Reply Quote 0
                    • Cry HavokC
                      Cry Havok
                      last edited by

                      Unfortunately your posts are still very hard to understand - what do you mean by "make the vmsmoothwall kick in" and "some one is apple"?  If English isn't your native language then I'd suggest you try a forum with a language you're more experienced with.

                      Can you provide a picture showing how the logical connectivity works and simply and clearly what you are trying to achieve.

                      1 Reply Last reply Reply Quote 1
                      • D
                        doomsday
                        last edited by

                        man your an god damn idiot you know that do you just respond cuz you feel like it or cuz your that big of a moron

                        1 Reply Last reply Reply Quote 0
                        • Cry HavokC
                          Cry Havok
                          last edited by

                          I'm trying to help you, but your posts are hard to understand (hint, how many other people are posting in this thread).  If you feel like being abusive rather than trying to work with me then I'm happy to not help you.

                          1 Reply Last reply Reply Quote 1
                          • C
                            cmb
                            last edited by

                            Congrats doomsday, you've gotten yourself banned. It's rather obvious you have absolutely no idea what you're talking about, and not the slightest clue about networking. Then you attack someone who is trying to help you and clearly knows what he's doing from his 1400+ posts here.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.