Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    New to firewalling

    Firewalling
    3
    7
    2527
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      diadicic last edited by

      Hello all,

      I am new to firewalling, I switched from a Clark connect box which setup the firewall rules for me.  It sucked, caused too many problems to list.  I love how this system just run and the web interface is just the best I've seen, I have look at every **nix based firewall on Distrowatch to no avail. I heard about this one for a review I read online.  I don't know how to construct my firewall. Where should I look for info on what to block and what should be aloud.  I have two WAN's one Internet, and one for a private WAN.  I also have an in-house LAN that will be connected to this firewall.  I want to protect the in-house LAN from the Internet Wan and Private Wan. I am sorry if I am not wording this right.  I do know a little about Iptables but prefer the web based interface your flavor has to offer.

      Please point me in the right direction.

      Thank you for your help.

      Dominic Iadicicco
      South Country Library

      1 Reply Last reply Reply Quote 0
      • P
        Perry last edited by

        A Diagram is always nice to have before recommend anything, that way physical lines / hardware are shown

        http://forum.pfsense.org/index.php/topic,1630.0.html

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • D
          diadicic last edited by

          Here is that diagram you asked for.  I hope it makes sense.

          Thanks again

          Dominic Iadicicco
          South Country Library

          1 Reply Last reply Reply Quote 0
          • H
            hoba last edited by

            The private WAN/Country wide is just a limited subnet? Can you route between your LAN and that country wide wan or do you need to nat?

            1 Reply Last reply Reply Quote 0
            • D
              diadicic last edited by

              I don't need NAT for the private WAN. But I would like to protect my in House Lan from attackers on that network, so I do need a firewall and not just a pass through.

              Dom

              1 Reply Last reply Reply Quote 0
              • H
                hoba last edited by

                Then it's rather easy. Start with a default setup:
                WAN
                LAN
                OPT1 (private WAN/Countrywide)

                Don't use a gateway when configuring interfaces>opt1. Just enter a valid IP and subnet (if you enter a gateway there it will automatically start natting). Then add system>static routes at OPT1 for the subnets on that interface.

                That's it in general. The default config allows LAN to anywhere by default and blocks incoming at WAN and OPT1.

                1 Reply Last reply Reply Quote 0
                • D
                  diadicic last edited by

                  Cool,

                  I will give it a try and ask question as I go along.  I guess I am going to learn a lot.

                  Thanks hoba

                  Dominic Iadicicco
                  Network Administrator
                  South Country Library
                  22 Station Road
                  Bellport NY 11713

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post