Load balancing, as the name implies, is the act of distributing load (in this case network packages) to one or more interfaces, which can be WANs if you have more than one ISP service connected to your pfSense appliance and/or VPN connections over a single WAN. Failover is similar, but instead of distributing, it switches…
Surfshark provides a cheap VPN service that allows unlimited number of devices with ad blocking. In this tutorial we are going to configure pfSense with Surfshark and assign an interface to it so that we can route it to other services. Surfshark information The first step is getting your Surfshark credentials. Go to the login…
By default, pings are not allowed and actually not recommended. Bu during a network debugging, it can be quite handy. In order to allow ping incoming on the pfSense WAN port, go to Firewall >> Rules >> WAN page and create a new rule by clicking on Add button (down arrow icon) and do as…
A OpenVPN server is useful if you want to safely connect to your house/office’s network from a remote place, say Disneyland or from abroad. In this article we are going to setup an OpenVPN server on your pfSense using LDAP for authentication based on Synology’s LDAP server. Getting ready A brief word on performance running…
In this article we are going install Let’s Encrypt SSL certificates on a Synology NAS, but with a twist! The certificates are actually issued by pfSense, which is in the edge of our Internet setup, and then reused by Synology NAS too. Configure pfSense In short, you have to use pfSense to issue a certificate…
In this article I’m going to show how to authenticate users on your pfSense using LDAP server powered by Synology DSM. The steps will include SSL encryption based on Let’s Encrypt certificates. You need to issue Let’s Encrypt SSL certificates, configure SSL certificates on your pfSense, and finally configure SSL certificates on your Synology that…
As you may have noticed, your UDM Pro came with a self-signed certificate, which browsers don’t like much and neither do I. In this article, we are going to install Let’s Encrypt SSL certificates using crontab from a pfSense device. You can replace pfSense with any other device with crontab available. Unifi OS doesn’t provide…
Unifi Dream Machine Pro (aka UDM Pro) is a nice appliance for acting as Unifi controller for your Access points (APs), while it also offers a 8-port managed switch using low power, noise and heat. It is an average router, and a lousy security appliance (hopefully they will improve a lot in this area). This…
For future posts, you will need to have at least one pair of public/private SSH keys installed on your devices for no password access to them. To do so, simply run ssh-keygen -t rsa -b 4096 to generate a 4096 bits RSA key. You will be asked to confirm the key name. Accept the default…
For future posts, we will need to have SSH enabled on the pfSense device, so let’s get this out of the way. Configuring SSH user I highly recommend not to use admin user for accessing pfSense through SSH. If you do it, you will face several constrains which will probably cost you hours to go…