How to set up OpenVPN with Google Authenticator on pfSense

This article explains how to set up OpenVPN with Google Authenticator on pfSense. I’m using pfSense 2.4.2 but the method shouldn’t change much. If you follow along you’ll end up with a VPN server that asks for the user’s username, a pre-set PIN (4-8 numbers) and a one-time generated code …

How to set up PfSense High Availability (hardware redundancy)

What is High Availability in PfSense? High Availability (HA) in PfSense comes down to hardware redundancy, essentially having a hot spare instantly taking over a router that becomes unavailable, aka failover. Instantly in this case being one or two seconds, without firewall states being broken, so your file will just …

Log in to PfSense based on Active Directory group membership

You can assign an Active Directory group to log in to PfSense’s web interface. This article has a more elaborate discussion of two different methods to achieve an Active Directory link, here I’ll just describe the LDAP one. RADIUS will work as well. On your domain controller – Create a …

Set up OpenVPN on PfSense with user certificates and Active Directory authentication

This article explains how to set up PfSense as an OpenVPN server which authenticates clients based on the certificate they have and their Active Directory credentials using either RADIUS or LDAP. If you find this article helpful feel free to click some of the ads on this page. It won’t …

Protect your network with domain filtering on pfSense 2.4 and pfBlockerNG

PfBlockerNG on PfSense protects your network by filtering internet traffic based on lists of domains or ip addresses. The lists are usually provided by third parties. Setting up pfBlockerNG and getting it to work is relatively simple but there’s a lot of possibilities that may not seem obvious right away. …

Scan your network’s internet traffic with Squid and ClamAV on PfSense 2.4

This article describes how to set up a virusscanner on your PfSense router. We’ll set up the Squid proxy server and ClamAV as a virusscanner. A lot of internet sites now use TLS (https) so not scanning inside encrypted web traffic would miss a lot of data. However we cannot …

Back to Top