Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Fixing a Hobbled together Network

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 706 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      redpine
      last edited by

      Hello.  I'm new here.  Over the years I've hobbled together a network and I'm no networking gui, more of a software guy.  Anyway looking for any advice on how to set things up.  After adding lots of wireless devices, a mythtv server, a mail server, webserver, several pcs and a couple of laptops, things are on a downward spiral.  The attacks on my mailserver and webserver are constant. I use fail2ban and country block to git rid of most of it, however, I do see outages more frequently, where pings are reported by nagios as taking 500 ms.

      I'm going to put together a four port appliance with pfSense.  One to the WAN, one to wireless, one to my mail/webserver and one to general pc use and media devices.  How best to go about this I don't know.  Any advice would be appreciated. I understand the concepts of VLAN, Subnets, etc, just don't know what is the best approach.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • BBcan177B Offline
        BBcan177 Moderator
        last edited by

        You can block known malicious IPs with pfBlockerNG to help protect your open WAN ports:

        https://forum.pfsense.org/index.php?topic=86212.0

        I've also written a script to import 50+ feeds:

        https://forum.pfsense.org/index.php?topic=86212.msg508975#msg508975

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • R Offline
          redpine
          last edited by

          Has anyone taken fail2ban and pushed the jailed ips to pfsense.  It does a pretty good job of detecting hacks on the system.  Only problem is I want to move the ip filtering off of my server and on to a pfSense appliance.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.