Tag Archives: pfsense

This article explains how to set up OpenVPN with Google Authenticator on pfSense. I’m using pfSense 2.4.2 but the method shouldn’t change much. If you follow along you’ll end up with a VPN server that asks for the user’s username, a pre-set PIN (4-8 numbers) and a one-time generated code from Google Authenticator on your […]

If you’ve set up a pfSense CARP cluster for high availability and you’re running OpenVPN on it there are a few tweaks you can make to improve your experience. The issues: OpenVPN client is unable to connect to WAN VIP… …and when it does, no internet connection is available via OpenVPN. You cannot reach the […]

What is High Availability in PfSense? High Availability (HA) in PfSense comes down to hardware redundancy, essentially having a hot spare instantly taking over a router that becomes unavailable, aka failover. Instantly in this case being one or two seconds, without firewall states being broken, so your file will just continue downloading and your video […]

You can assign an Active Directory group to log in to PfSense’s web interface. This article has a more elaborate discussion of two different methods to achieve an Active Directory link, here I’ll just describe the LDAP one. RADIUS will work as well. On your domain controller – Create a PfSense group and add users […]

This article explains how to set up PfSense as an OpenVPN server which authenticates clients based on the certificate they have and their Active Directory credentials using either RADIUS or LDAP. If you find this article helpful feel free to click some of the ads on this page. It won’t make me rich but it […]

PfBlockerNG on PfSense protects your network by filtering internet traffic based on lists of domains or ip addresses. The lists are usually provided by third parties. Setting up pfBlockerNG and getting it to work is relatively simple but there’s a lot of possibilities that may not seem obvious right away. If you are using Active […]

This article describes how to set up a virusscanner on your PfSense router. We’ll set up the Squid proxy server and ClamAV as a virusscanner. A lot of internet sites now use TLS (https) so not scanning inside encrypted web traffic would miss a lot of data. However we cannot decrypt en re-encrypt traffic with […]

This article explains how to set up an IDS/IPS system using Snort of PfSense 2.4. There are other howtos; this documentation is mainly for my own benefit. If my documentation helped you, please consider clicking some of the ads on this page. It won’t make me rich but I would know someone found it useful […]

Testlab This article describes how to set up a virtual LAN with a virtual router and virtual computers. It is isolated from your physical LAN and meant to test setups with multiple computers in the same LAN. Intended audience This is for everyone who wants to experiment with networked servers isolated from their production network. […]

How to route internet traffic through a site-to-site OpenVPN tunnel in PfSense 2.1