Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hide isp ip

    Scheduled Pinned Locked Moved Virtualization
    12 Posts 4 Posters 10.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Cry HavokC Offline
      Cry Havok
      last edited by

      Short version - you can't hide on the Internet.

      You could route, as jahonix said, all your traffic (or just your chosen traffic, but that's more risky) through some form of proxy or anonymiser (such as tor).  However if you use a single proxy or anonymiser then the owners of that will know exactly who you are and where you're going.  Only with something as distributed as tor have you any chance of hiding, and even then there are no shortage of ways for you to be tracked.

      1 Reply Last reply Reply Quote 1
      • D Offline
        doomsday
        last edited by

        is it not the job of the firewall to keep the bad and good people out of your network so there forth there have to be a way to put the ip given from the isp behind pfsense to give a fake address

        now if you use the gateway the ip that is given by the isp in to pfsense and use that for your gateway you cant get online even

        but they give you two diff ip's this is from verizon my ips i have a internet ip and interget gatway ip can i use one of them to plug in to pfsense for my gateway and will pfsense then let me online if i use one from the ips cuz right now my gateway tho pfsense is 192.168.1.3

        1 Reply Last reply Reply Quote 0
        • Cry HavokC Offline
          Cry Havok
          last edited by

          I am afraid that your post is hard to understand.  However, two comments:

          • The job of the firewall is to apply the policies you write.  Nothing more.  It can't tell the difference between "good" and "bad" people, only packets that it should pass and those it shouldn't.

          • You can't use a "fake address" to connect to the Internet.  Think of it like giving everybody a fake phone number because you don't want them to know your real phone number.  How are they supposed to call you?  Or giving your friends a fake address then being surprised when they don't come to your party.

          If you're worried then read up on Tor and once you understand what it can, and can't, do for you decide if it helps you resolve your concerns.  It doesn't magically stop you being tracked though, just means that people can't trivially identify your IP address.

          1 Reply Last reply Reply Quote 1
          • D Offline
            doomsday
            last edited by

            yes i know all this. but there have to be a way to lock down pfsense

            1 Reply Last reply Reply Quote 0
            • Cry HavokC Offline
              Cry Havok
              last edited by

              If by "lock down" you mean "secure everything on the network" you're missing the point.

              The firewall is just one part of the security jigsaw.  As well as firewall policies that only allow the traffic inbound you require you need to:

              • Implement application layer proxies or relays (eg, Squid, EMail server, DNS server etc) so that the relevant outbound traffic content is under your control

              • Limit outbound traffic to only those ports that you require - if you've implemented application layer proxies then there may be no outbound ports required

              • Patch all your systems

              • Keep all the software (including browser plugins) updated

              • Install, and keep updated, anti-malware products on all computers

              • Consider firewalls on all desktops to manage outbound connections

              Firewalls know nothing about content, just ports IP addresses and (network) protocols.  They aren't a magic solution you can push buttons on and secure networks.

              1 Reply Last reply Reply Quote 1
              • D Offline
                doomsday
                last edited by

                i'm running vmpfsense and vmsmoothwall both are hooked in to my two nic's with both gateways and ip's for both vm's in the advance tab in network settings. i know theres a way but dont know how to. to make the vmsmoothwall kick in when if some one is apple to knoke out the vmpfsense. how would you set that up or is it jut fine to run both right off the nic's

                1 Reply Last reply Reply Quote 0
                • Cry HavokC Offline
                  Cry Havok
                  last edited by

                  Unfortunately your posts are still very hard to understand - what do you mean by "make the vmsmoothwall kick in" and "some one is apple"?  If English isn't your native language then I'd suggest you try a forum with a language you're more experienced with.

                  Can you provide a picture showing how the logical connectivity works and simply and clearly what you are trying to achieve.

                  1 Reply Last reply Reply Quote 1
                  • D Offline
                    doomsday
                    last edited by

                    man your an god damn idiot you know that do you just respond cuz you feel like it or cuz your that big of a moron

                    1 Reply Last reply Reply Quote 0
                    • Cry HavokC Offline
                      Cry Havok
                      last edited by

                      I'm trying to help you, but your posts are hard to understand (hint, how many other people are posting in this thread).  If you feel like being abusive rather than trying to work with me then I'm happy to not help you.

                      1 Reply Last reply Reply Quote 1
                      • C Offline
                        cmb
                        last edited by

                        Congrats doomsday, you've gotten yourself banned. It's rather obvious you have absolutely no idea what you're talking about, and not the slightest clue about networking. Then you attack someone who is trying to help you and clearly knows what he's doing from his 1400+ posts here.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.