New to pfsense looking to eventually replace Watchguard devices.

  • Hello,

    I am completely new to pfsense. I recently purchased a Netgate APU kit and just finished installing pfsense. I am going to be using this in my home for testing to get a feel for its capabilities with the hope of replacing multiple watchguard devices currently in service at a medium sized business with several watchguard edge units in remote offices all connecting back to the main facilities watchguard firewall. These watchguard devices are great, however they come with a yearly cost that I would like to remove if I can get the same or similar feature set using pfsense.

    I am sure I will have plenty of questions as I go through and set this Netgate unit up, however for now I just have a couple as it seems like it's fairly straightforward with what I see so far.

    Does pfsense have the ability to block content types for HTTP Response or via proxy for example application\octet-stream or video\x-flv? The watchguard out of the box blocks everything when using the HTTP Proxy so in a very granular way I have control over what users have access to. I have to allow or add every content type to a policy when using the proxy. Can pfsense do this? If so what or where do I need to go to enable this?

    Also for business users what are the popular must have packages?


  • You can install the squid proxy server.
    And you can (without the proxy) block ports.

  • Ahh perfect! Installed squid and found it under Proxy Server–->ACLs--->Block MIME types (reply only). This is exactly what I was looking for, Thank you Marv21!

  • no problem :)

Log in to reply