Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New to pfsense and need a Plan of Action

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    3 Posts 3 Posters 936 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DualWaner
      last edited by

      I have recently built a pfsense box using a MiniATX board and now have it connected to internet via two WAN.

      My ADSL2+ connection generally have 14.5Mbps down and 0.89Mbps up on one and the other 12Mbps and 0.7Mbps.

      I am shifting from a Draytek 2820 which gave me very good service and seemed to provide excellent security. We have about 10 users with a mixture of PC, MAC, tablets, and phones etc.

      What I want to do is as follows.

      1.  Divide the load over the two Wan so as to get the best speed possible.

      2.  Install two different VPN services, one to handle general internet use and this would use a local sever.  The second VPN to handle P2P and torrent traffic and this would use a sever in another country. Automate which traffic goes to which VPN.

      3.  Put in place some bandwidth control so as to limit bandwidth for some traffic. For example we have 4 computers backing up to Crashplan I would like this to use the full bandwidth available if there is nothing else happening but to be restricted when there is other use.

      4.  I want to make the pfsense secure, what packages should I be installing.

      5.  Is there anything else I should be considering before I start any of the above?

      Is there a particular order that I should be looking at to do the above?

      I should mention that I am very new to this and sometimes it takes me a while to understand the terminology my apologies in advance.

      Any help would be greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        @DualWaner:

        4.  I want to make the pfsense secure, what packages should I be installing.

        I would argue that the more packages you install the less secure pfSense becomes.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          I would exepect pfSense to be at least as 'secure' as the Draytek router as a fresh install.
          Some here would argue that you're not really 'secure' unless you're running Snort (or equivalent). It depends how you define secure really.
          Of your list the only thing I can see any issue with would be redirecting p2p traffic via a specific VPN. How are you planning to catch that traffic? There is a layer 7 filter that can do it but I've personally found it very easy to get wrong.  ;) If you're able to divide out the p2p traffic some other way, like using a separate wifi network, it will be much easier.

          Steve

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.