* * * FIRST TIME INSTALLER & NEWBEE ISSUES

j8TfzTcRopF

Hee haw,

I am a newbee. I want to install pfSense as a firewall (atleast) on my Old PC (Athlon-p3/500MHz/256MB/10GB HD).

Here is a brief depiction:

((INTERNET))–--->ISP--->DSL Modem–--[[b]old pc with pfSense installed having 2 Ethernet cards by LinkSis]–-> New Computer with WinXP (or LiveCD of Linux Mint or Ubuntu]

Here is what happens:
1. When I plug in as shown above, I can see that pfSense is able to acquire and update DHCP IP addresses from the DSL modem side (the WAN side).

2. From my New PC (WinXP) trying to use Firefox or IE8 fails to connect to the pfSense in order to do a WEBCONFIGUATION. (the LAN side)

3. By switching the Ethernet around, I know that all physical devices are in working conditions.

4. I have used both 2.0rc1 and 1.2.3, but want touse 2.0rc1 installed on HD.

My question is: WHY AM I NOT ABLE TO CONENCT WITH NEW PC into pfSense/Old PC?

I spent nearly 4 days to understand the basics, but miserably failed.

Can someone guide me? Thanks in advance, I appreciate very much.

Cry Havok

As you aren't using a switch between the pfSense host and the PC, are you remembering to use a cross-over cable?

j8TfzTcRopF

@Cry:

As you aren't using a switch between the pfSense host and the PC, are you remembering to use a cross-over cable?

No. What is that?  I have Windows PC-to-PC cable. Is it called Cross Over Cable? Is it a USB-to-USB? (I'm Sorry for lack of IT knowledge). I probably need to buy this…could you give part number for an example on Amazon

Cry Havok

Save yourself some trouble and buy a switch, it will cost a bit more, but be far less trouble. Search Amazon for FS105NA for an example - if you buy something else look for the phrase Auto Uplink or Auto MDI/MDI-X.

j8TfzTcRopF

@Cry:

Save yourself some trouble and buy a switch, it will cost a bit more, but be far less trouble. Search Amazon for FS105NA for an example - if you buy something else look for the phrase Auto Uplink or Auto MDI/MDI-X.

Hi Cry Havok,

Is 5-Port Workgroup Hub ( LinkSys EW5PCISK ) equivalent to the Switch you are talking of? Thanks for your guidance.

dreamslacker

@j8TfzTcRopF:

Hi Cry Havok,

Is 5-Port Workgroup Hub ( LinkSys EW5PCISK ) equivalent to the Switch you are talking of? Thanks for your guidance.

That is a 10 base hub.  Not worth the pain (packet collisions and the likes of).

Buy a switch (sometimes known as a switching hub) that is at least 'Fast Ethernet' or 100BaseT(x).  I highly recommend the MicroTik RB250GS which is a 5 port Gigabit switch with VLAN features.
It will come in handy in future once you get the hang of pfSense and want to dabble with more advanced features.  For now, just use it as a dumb switch.

Otherwise, any cheap 10/100 switch will do.

j8TfzTcRopF

@dreamslacker:

@j8TfzTcRopF:

Hi Cry Havok,

Is 5-Port Workgroup Hub ( LinkSys EW5PCISK ) equivalent to the Switch you are talking of? Thanks for your guidance.

That is a 10 base hub.  Not worth the pain (packet collisions and the likes of).

Buy a switch (sometimes known as a switching hub) that is at least 'Fast Ethernet' or 100BaseT(x).  I highly recommend the MicroTik RB250GS which is a 5 port Gigabit switch with VLAN features.
It will come in handy in future once you get the hang of pfSense and want to dabble with more advanced features.  For now, just use it as a dumb switch.

Otherwise, any cheap 10/100 switch will do.

Hi all,

Thanks for great advice for this new bee. Well, I did try out the cross-over ethernet cable (24AWG; Cat#UL72M807OR9FBX; CAT6; 550MHz UTP Stranded) and it worked out great so far as I  was able to use the pfSense in Firewall.

There are 3 questions at this point, if someone can guide me with step-by-step, or to some innard documentations..
(1) On my Vista PC, some time I get two Network Locations: (i) Public Network (ii) unknown network.
My pfSense OC filters out a lot of TCP from 221.x.y.z. and 222.x.y.z, occassionally 58.98.y.z with remote port 12200 and local ports 27977; 1080;8080; 80; 3127, 443 etc…I think these sare the same ports that my ZoneAlarm was filtering--all of the from China.
(2) How to filter out the outgoing/egress traffic.
(3) How to add new modules to pfSense?

Currently I am using pfSense2.0RC1. On the webGUI it shows a April 13th update is available, but twice it failed to download. Then When I tried to install, it gave me warning of malicious Certificate of Authority. However the SHA256 of "140c06018bec3d5adb86f844f28cdca5705af3aed37d2272d8d84488f5c97404" matches with SHA256 published. Another wierdness is that the "pfSense-Full-Update-2.0-RC1-i386-20110413-0509.tgz.gz" file is actually a pfSense-Full-Update-2.0-RC1-i386-20110413-0509.tgz.txt" file. Why such discrepancy in labeling? I am not understanding.
Thus, I did not update PF2.0RC1 with 04/13/2011 update.

Last question is could I add a filtering proxy like privoxy? This could be asked somewhere more approriate, but I did not know where as I do not get enough time to study the setup.
Cry Havok, pal thanks you for your valuable hints. I really, really appreciate.

Cry Havok

1. Vista network locations depend on what you have installed, eg if you have VMWare or another virtual machine system installed then that'll add interfaces.
2. Create firewall rules to filter traffic according to your requirements - the documentation covers the basics well
3. Packages? Again see the documentation and the packages forum

The certificate warning is normal, as you'll see from a forum search.

As for proxy service, again see the packages forum. If there is an existing package (such as Squid with SquidGuard) you'll find it easier.

verylife78

newbee here also.
I tried to setup pfsense 1.3
my configuration follow this
ISP(internet) –> Cisco router 3750 --> Cisco switch 2960 --> more than one pc
ISP(internet) --> Cisco router 3750 --> pfsense 2.0-RC1 (i386) –> Cisco switch 2960 --> more than one pc
Setup was ok
Lan card is xl0 and is connected to the cisco switch through network and has 10.169.92.30
Wan card is sis0 and is LINK DONW state.
Setup the gateway at 10.169.92.1 my range is 10.169.92.1/22 meaning 10.169.92.xxx - 10.169.95.xxx
DHCP is disable since there is a DHCP server on the network
I tried to connect with the router with normal UTP cable and with an crossover, nothing worked on both cases.
What am I doing wrong???
If anyone can help me please

Cry Havok

Please don't post unrelated questions in somebody else's topic - start your own topic and it'll be easier to help you without confusion.

When you do that, don't forget to give us more information. All you've said is that "nothing worked" - but not what you mean by that. Knowing all the IP ranges in use would be helpful too.