Pfsense Note
of 2
-
Upload
harry-chan-putra-sp-mtcna-mtctce-mtcre -
Category
Documents
-
view
221 -
download
0
Transcript of Pfsense Note
-
8/8/2019 Pfsense Note
1/2
Hacom pfSense Setup and Configuration
PfSense (http://www.pfsense.org/) is a complete, embedded firewall software package that provides all the importantfeatures of commercial firewall boxes (including ease of use). Please refer to the on-line Quick-Start Guide and the
Deployment Guide for additional information beyond the scope of this document.
On-Line Documentation
The M0n0 Users Manual (http://m0n0.ch/wall/docbook/)
M0n0wall Quick Start Guide (http://m0n0.ch/wall/quickstart/)
pfSense FAQ (http://faq.pfsense.com/)
pfSense tutorial (http://www.pfsense.com/index.php?id=36)
Hacom pfSense Quick-Start Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense
%20Quick-Start%20Guide.pdf)
Hacom pfSense Deployment Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Deployment%20Guide.pdf)
Requirements to Access to pfSense's Console.
You will need a keyboard and a monitor to access the console of Hacom's pfSense. Serial console is available on certain
models.
Input/Output Phoenix Mercury Mars
Systemboard ES466B CV700A CV700A CV763A CI852A
Monitor VGA
Keyboard USB USB or PS/2
Serial Console
Optional
(Required
hardware
modification at
factory!)
Optional
(Required a serial-console enabled BIOS update)
Setup Using pfSense Console
When the system is booted up, a Grub screen is shown. There is a five (5) seconds delay for user to access Grub directly. Atthe first boot up, pfSense was not configured. User will see a setup screen asking for network interface configuration.
Follow the direction on the screen to set up and to configure at least the first two (2) interfaces: LAN and WAN.
Hacom systems typically have at least three (3) network interfaces. Depending on the systems, they are typically based on
the Realtek chipset and will be detected by pfSense as:
rl0: first Realtek 10M/100M Ethernet adapter
rl1: second Realtek 10M/100M Ethernet adapter
rl2: third Realtek 10M/100M Ethernet adapter
rl4: (optional) fourth Realtek 10M/100M Ethernet adapter
For the Intel Gigabit Ethernet systems, pfSense will detect the following network interfaces, instead:
em0: first Intel Gigabit 10M/100M/1G Ethernet adapter
em1: second Intel Gigabit 10M/100M/1G Ethernet adapter
em2: third Intel Gigabit 10M/100M/1G Ethernet adapter
em3: (optional) fourth Intel Gigabit 10M/100M/1G Ethernet adapter
Once the network interfaces are set up, pfSense is ready and the console menu is shown as in the following.
http://www.pfsense.org/http://m0n0.ch/wall/docbook/http://m0n0.ch/wall/docbook/http://m0n0.ch/wall/quickstart/http://m0n0.ch/wall/quickstart/http://faq.pfsense.com/http://www.pfsense.com/index.php?id=36http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Quick-Start%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Quick-Start%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Quick-Start%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Deployment%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Deployment%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Deployment%20Guide.pdfhttp://www.hacom.net/catalog/index.php?cPath=91_100http://www.hacom.net/catalog/index.php?cPath=91_96http://www.hacom.net/catalog/index.php?cPath=91_97http://www.hacom.net/catalog/index.php?cPath=91_97http://m0n0.ch/wall/quickstart/http://m0n0.ch/wall/quickstart/http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Quick-Start%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Quick-Start%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Quick-Start%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Deployment%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Deployment%20Guide.pdfhttp://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense%20Deployment%20Guide.pdfhttp://www.hacom.net/catalog/index.php?cPath=91_100http://www.hacom.net/catalog/index.php?cPath=91_96http://www.hacom.net/catalog/index.php?cPath=91_97http://m0n0.ch/wall/docbook/http://faq.pfsense.com/http://www.pfsense.org/http://www.pfsense.com/index.php?id=36 -
8/8/2019 Pfsense Note
2/2
Web Administration
The web administration is accessible through the LAN IP. For example, if the LAN IP is 192.168.1.1, go to
http://192.168.1.1/. By default, username is admin, password is pfsense.
Firmware Update
There are several ways to update the firmware.
1. For Hacom systems prior to pfSense version 1.2.1, it is recommended: (a) to back up the configuration, (b) to flash
the new firmware., and (c) to restore the configuration.
2. Starting from version 1.2.1, firmware can be updated reliably on-line.
Important notes:
Hacom pfSense systems are based on the full firmware, including headless systems. When updating the firmware,use the full-update version. The embedded version will disable the display and keyboard access to the console.
The compact flash (CF) based systems require the platform information to be changed from embedded to
pfSense before the updating process. It should be changed back to embedded after the update.
The DOM based platforms are pfSense and ready to use just like a solid state drive.
Maximum Firewall States
It is recommended to change the maximum firewall state from the default 10,000 to at least 100,000 for systems with256MB RAM memory, or 200,000 for systems with more than 512MB RAM, or 400,000 for systems with more than 1GB
RAM. Each state uses about 1k of RAM memory.
Sometimes, the maximum number of firewall states is also referred as maximum number of concurrent connections.
From the Web Administration, go to System Advanced, and scroll all the way to the bottom to see the option.
Technical Support Contact
If there are any questions, please contact us at [email protected] or 714-564-9932.
http://192.168.1.1/mailto:[email protected]://192.168.1.1/mailto:[email protected]
