Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Securing the pfSense console access by modem

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    2 Posts 2 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mamcinty
      last edited by

      I have a remote site that I support where the entire network is powered by a single Linux box serving as a NAT Gateway/Firewall, Inter-VLAN router, DHCP Server, TFTP Server, Samba Domain Controller, and other things.  I've been wanting to separate out these services for a while and have decided to try and use pfSense to do it because of its great capabilities but easy to use interface.  I have a wonderful "enterprise grade" configuration right now that is very complex to manage because there is no GUI and little documentation but I think I could duplicate pretty much all of it very easily.  That makes me very happy. ;-)  However, one part I haven't quite figured out is the backup modem that I have configured to provide a console on the Linux box in the event where I need to diagnose connectivity problems and can't reach the site using traditional means.  It's come in quite handy already, and I would rather not lose it.

      Right now the modem is simply hanging off a getty and therefor using the Linux login process and associated authentication.  Is there a way I could hang a modem off the pfSense box and obtain access to the pfSense console in a similar but secure fashion?  I'm not sure that people wardial anymore, but I don't quite feel right leaving any part of my network open with no authentication, even if it is just through a modem that I doubt anyone will ever find.

      Any thoughts?

      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by

        connect it through another com port to pfsense and edit the /etc/ttys file to mark the port as secure.
        That should give you a standard unix login prompt.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.