Yeah, I know, I need to work on shorter titles 😀 By reading a previous post, you may have created an IPSec tunnel to connect your home and office (or something like that). That is useful on its own, but it can be the case that you also want that all internet traffic to go…
This is another topic that I have referenced so many times that I decided to dedicate a post just for it and save some typing. The goal is to configure a VLAN subnet that has DHCP server and basic firewall rules to allow any traffic on your pfSense. This VLAN will be created from the…
Many of us have more than one pfSense (maybe connecting our home and office, our home and our parents, etc) which would benefit with a direct connection between them. In this post I will describe how to create a routed tunnel that connects both ends, in a way that Site A can directly access Site…
From time to time, I need to reference the use of a IP alias called RFC1918 to separate traffic from local network from other (aka “Internet”) traffic. RFC 1918 was published to “Address Allocation for Private Internets”, which is our local network. There is nobody on internet using any IP in the range described by…
On pfSense’s documentation own words, “the basic idea of traffic shaping is raising and lowering the priorities of packets or keeping them under a certain speed. This concept seems simple, however, the number of ways in which this concept can be applied is vast.” pfSense supports “Traffic shaper” and “Limiter” (and they can be used…
A typical home network is a simple single network and if any of your devices is compromised or infected with malware, the attacker may be able to spread malware or compromise all of your other devices. You can better protect your home network by separating your home network into sub-networks (aka subnets). Devices in a subnet do…
A Unifi controller is a required piece of software if you have any Unifi gear, such as their famous Access Points. You can have the controller running on a dedicated hardware, as Unifi Cloud Key or Dream Machine Pro. However, in this post we are going to install the Unifi controller on a Docker container…
Load balancing, as the name implies, is the act of distributing load (in this case network packages) to one or more interfaces, which can be WANs if you have more than one ISP service connected to your pfSense appliance and/or VPN connections over a single WAN. Failover is similar, but instead of distributing, it switches…
Surfshark provides a cheap VPN service that allows unlimited number of devices with ad blocking. In this tutorial we are going to configure pfSense with Surfshark and assign an interface to it so that we can route it to other services. Surfshark information The first step is getting your Surfshark credentials. Go to the login…
By default, pings are not allowed and actually not recommended. Bu during a network debugging, it can be quite handy. In order to allow ping incoming on the pfSense WAN port, go to Firewall >> Rules >> WAN page and create a new rule by clicking on Add button (down arrow icon) and do as…