pfSense Archives - Geek is the Way!

Troubleshooting “Failed” pfSense+ Upgrades on Netgate Hardware

Thiago Crepaldi — Sat, 04 Apr 2026 04:25:10 +0000

The Disk Space Wall Updating your firewall is usually a “set it and forget it” task, but if you’re running a high-performance appliance like the Netgate 6100, you might occasionally hit a wall. In my case, I triggered the update from 25.x to 26.03, the logs start rolling, and then—Failed. If your logs mention cloning...

The post Troubleshooting “Failed” pfSense+ Upgrades on Netgate Hardware appeared first on Geek is the Way!.

Overriding external domains DNS Bind9’s Response Policy Zone on your pfSense

Thiago Crepaldi — Sat, 18 Mar 2023 05:15:52 +0000

On a previous post, we’ve discussed how to use Bind9 on your pfSense in a way that external names were forwarded to name servers while internal names were statically resolved by Bind. In this post, we are going to discuss how to override the IPs returned by external name servers with IPs of our choosing....

The post Overriding external domains DNS Bind9’s Response Policy Zone on your pfSense appeared first on Geek is the Way!.

Configuring DHCP Dynamic Host registration on DNS Bind9 on your pfSense

Thiago Crepaldi — Sat, 18 Mar 2023 04:51:28 +0000

On a previous post, we’ve discussed how to use Bind9 on your pfSense in a way that external names were forwarded to other name servers and internal names were statically resolved. In this post, we are going to integrate pfSense’s DHCP Server and Bind9, so that when DHCP assigns an IP to a device, it...

The post Configuring DHCP Dynamic Host registration on DNS Bind9 on your pfSense appeared first on Geek is the Way!.

Configuring DNS Bind9 on your pfSense

Thiago Crepaldi — Sat, 18 Mar 2023 04:11:48 +0000

If there is one annoying thing on pfSense that seems to be never fixed is its DNS Resolver service called Unbound. Release after release, the Netgate folks still struggle to identify and fix the random crashes, unexpected restarts and whatnot. In this post, we are going to install Bind9, a very solid DNS server, to...

The post Configuring DNS Bind9 on your pfSense appeared first on Geek is the Way!.

Monitoring pfSense Server using Zabbix Agent

Thiago Crepaldi — Sat, 31 Dec 2022 18:40:29 +0000

From previous posts, we have deployed Zabbix Server on a Proxmox container. We also hardened the installation through Let’s Encrypt certificates for the web frontend and TLS encryption for the communication between Server and Agents/Proxies, after all, although encrypted Zabbix Server <-> Agent/Proxy communication with PSK or SSL certificates 🙂 In this post I will...

The post Monitoring pfSense Server using Zabbix Agent appeared first on Geek is the Way!.

Accessing ISP equipment/Modem from local network

Thiago Crepaldi — Fri, 16 Dec 2022 21:12:25 +0000

Most Internet Service Providers (ISP) install devices in our houses, such as a cable/DSL modems or a ONT/ONU for optical, which have a web interfaces on a private IP address of its own. Since the device is not connected to any port of your local network switch, and therefore, sit outside your your network, accessing...

The post Accessing ISP equipment/Modem from local network appeared first on Geek is the Way!.

Setting up VPN client on your pfSense using Private Internet Access (PIA) service with Kill switch

Thiago Crepaldi — Tue, 13 Dec 2022 04:06:57 +0000

Private Internet Access (aka PIA) provides a cheap VPN service that allows up to 10 simultaneous devices. Recently I have switched from Surfshark to PIA because although Surfshark allows unlimited devices, having multiple connections in the same device (pfSense router) doesn’t always work. The reason is that different connections to different countries can have the...

The post Setting up VPN client on your pfSense using Private Internet Access (PIA) service with Kill switch appeared first on Geek is the Way!.

How to host multiple domains using HAProxy as reverse proxy on pfSense

Thiago Crepaldi — Mon, 17 Oct 2022 05:02:22 +0000

In previous posts it was discussed how to create a DMZ network and host a website from a isolated VLAN on your network. That is a powerful resource, but with the limitation of not being possible to use a friendly FQDN such as geekistheway.com or mydomain.com as the frontend for the websites. This post will...

The post How to host multiple domains using HAProxy as reverse proxy on pfSense appeared first on Geek is the Way!.

How to create a DMZ network using VLANs on pfSense

Thiago Crepaldi — Sun, 16 Oct 2022 23:51:48 +0000

DMZ (aka Demilitarized Zone) network as defined by Wikipedia “is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet”. The purpose is to add an additional layer of security by separating what is exposed a public service in the DMZ, while the rest of...

The post How to create a DMZ network using VLANs on pfSense appeared first on Geek is the Way!.

How to force Dynamic DNS (DDNS) updates on a schedule at you pfSense

Thiago Crepaldi — Sat, 16 Apr 2022 11:31:56 +0000

In this short post I will describe how to force your DDNS service to periodically refresh your IP on your pfSense. In theory, that should never be needed because when your WAN IP changes, DDNS service should notice it and update your IP on demand. However, I have notice my IPSEC tunnel never reconnected after...

The post How to force Dynamic DNS (DDNS) updates on a schedule at you pfSense appeared first on Geek is the Way!.