Nice presentation. Very explanative. At 23.32 where you can fill in the domain name, does it have to be the same (in case someone has a DC) with that one the DC is using or something different? Would it help somewhere if the name was the same? 23:58 In order to be able for all the VM's to go to the NS1 as the DNS does that mean that you are going to allow traffic in rules between the different network segments? Because each one resides to a different network As a future video about pfSense and since I think I haven t seen it yet somewhere, it would be nice to show how you can implement many wans, summing them up to one. -Which of the many wans would pfSense see as a public ip? -If one of the wans had static ip could it be used in pfSense? I have a scenario like this in a small company moved to a place where no ISP could give them net access. After 2 months of searching a way for reliable connection, had success with 4G routers and a lot of error and trial in finding the right angle (directional antennas) and right band to receive ρεφραψτιον signal from the pylons far away. I set up 3 of them with really good speeds but couldn t find a way to combine them into one. I thought of zerocell but unfortunately it goes to end of life for that project. Seaching for alternatives I ve read somewhere that pfSense can do the same. Do you know how?
The domain name you enter is important for pfSense to do its own DNS resolution and by default if you configure it as a DHCP server it will tell a DHCP client to append this domain name to a hostname it wants to resolve E.g if pfSense or a PC for that matter wants to resolve the hostname 'fileserver' it will then ask the DNS server to resolve fileserver.templab.lan as in this example So we want that domain name to match with a domain name the DNS server we've configured it to use supports To allow access to DNS, each interface has its own firewall rule in my lab to allow access from that particular subnet to UDP port 53 on NS1 I've not looked into multiple WANs with pfSense as I don't have a need yet but pfSense should be able to load balance across multiple WAN interfaces using basic routing In normal routing, if a device has multiple default routes or gateways it will load balance traffic across them and this would be on a per flow basis i.e. a web browsing session to one server would be sent to ISP1 whereas a web browsing session to another server is sent to ISP2 pfSense does support multiple gateways although I see it also has an option for a gateway group which looks to be the better option as this combines these gateways into a group and it then handles things like gateway failures for you The challenge I see with balancing WANs on a firewall mind is that traffic that goes out one interface must come back in through the same one, so you have to have different NAT rules for each ISP's link to make sure the same ISP returns the traffic
Good question although I think something I had read a while back suggested it offered slightly better HDD and CPU performance than SAS, even though it should be the other way around Nothing you would notice on a VM like this but I started using Parallel after that
Hello David, Hand Happy Thanksgiving Day! I’m taking a course to become a Cybersecurity and I have problems setting this up and I want to ask you if you can help because it is my first time doing this type of work. I have a lab, similar like this tutorial video you show. The flow chart shows: I need to set-up a router FW at the center. on the left-hand side I have to set a Kali and CEO virtual machines with IP: 192.168.0.0/24 on the right-hand side I need to set Untrusted NW Kali Linux with IP: 172.30.0.0 On the bottom I need to set-up on the right-hand side a web server At the middle I need to set-up a Kali and on the left side a DNS Server: What files or software I can use to make the DNS, WEB Server and CEO to create this and how I configure this to communicate each other?
Very clear and detailed video. I've watched a lot of PFSense videos and this is one of the best I've watched!
Good to hear the video was helpful
Nice presentation. Very explanative. At 23.32 where you can fill in the domain name, does it have to be the same (in case someone has a DC) with that one the DC is using or something different? Would it help somewhere if the name was the same?
23:58 In order to be able for all the VM's to go to the NS1 as the DNS does that mean that you are going to allow traffic in rules between the different network segments? Because each one resides to a different network
As a future video about pfSense and since I think I haven t seen it yet somewhere, it would be nice to show how you can implement many wans, summing them up to one.
-Which of the many wans would pfSense see as a public ip?
-If one of the wans had static ip could it be used in pfSense? I have a scenario like this in a small company moved to a place where no ISP could give them net access.
After 2 months of searching a way for reliable connection, had success with 4G routers and a lot of error and trial in finding the right angle (directional antennas) and right band to receive
ρεφραψτιον signal from the pylons far away. I set up 3 of them with really good speeds but couldn t find a way to combine them into one. I thought of zerocell but unfortunately it goes to end of life for that project. Seaching for alternatives I ve read somewhere that pfSense can do the same. Do you know how?
Any change for an answer as well?
The domain name you enter is important for pfSense to do its own DNS resolution and by default if you configure it as a DHCP server it will tell a DHCP client to append this domain name to a hostname it wants to resolve
E.g if pfSense or a PC for that matter wants to resolve the hostname 'fileserver' it will then ask the DNS server to resolve fileserver.templab.lan as in this example
So we want that domain name to match with a domain name the DNS server we've configured it to use supports
To allow access to DNS, each interface has its own firewall rule in my lab to allow access from that particular subnet to UDP port 53 on NS1
I've not looked into multiple WANs with pfSense as I don't have a need yet but pfSense should be able to load balance across multiple WAN interfaces using basic routing
In normal routing, if a device has multiple default routes or gateways it will load balance traffic across them and this would be on a per flow basis i.e. a web browsing session to one server would be sent to ISP1 whereas a web browsing session to another server is sent to ISP2
pfSense does support multiple gateways although I see it also has an option for a gateway group which looks to be the better option as this combines these gateways into a group and it then handles things like gateway failures for you
The challenge I see with balancing WANs on a firewall mind is that traffic that goes out one interface must come back in through the same one, so you have to have different NAT rules for each ISP's link to make sure the same ISP returns the traffic
Hi sir I am using pf sense 2.6.0 suddenly not working in my black list option i will try al type of method
It's possible the list you are using is no longer being supported
I suggest checking the forums to find out why
Why did you select Parallel rather than SAS controller?
?
Good question although I think something I had read a while back suggested it offered slightly better HDD and CPU performance than SAS, even though it should be the other way around
Nothing you would notice on a VM like this but I started using Parallel after that
Hello David, Hand Happy Thanksgiving Day!
I’m taking a course to become a Cybersecurity and I have problems setting this up and I want to ask you if you can help because it is my first time doing this type of work.
I have a lab, similar like this tutorial video you show.
The flow chart shows:
I need to set-up a router FW at the center.
on the left-hand side I have to set a Kali and CEO virtual machines with IP: 192.168.0.0/24
on the right-hand side I need to set Untrusted NW Kali Linux with IP: 172.30.0.0
On the bottom I need to set-up on the right-hand side a web server
At the middle I need to set-up a Kali and on the left side a DNS Server:
What files or software I can use to make the DNS, WEB Server and CEO to create this and how I configure this to communicate each other?
It depends on what software you have available but Linux servers would make sense since you're going to use Kali Linux
SIMPLE ANSWER: DON'T THE IPv6 STACK IS FUNDAMENTALLY BROKEN IN THIS VERSION
Good to know. Although until ISPs offer IPv6 I'll stick with IPv4