Help Securing home Network, PfSense

Discussion in 'hardware' started by 4Qman, Dec 27, 2014.

  1. 4Qman

    4Qman Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    12
    I am looking at some options with regards to securing my home network.

    I require the ability to have a solid VPN connection with my home network from my mobile and laptop, This is for work purposes, owncloud etc. I also use a private VPN provider that i also want to have running. I am thinking of having wireless signal1 as VPN traffic and another wirless signal for my home network & if possible a guest wirless signal.

    I am looking at PFsense to handle traffic but need some help with the configuration and general understanding. of what i will need. I do have a home Server, along with several other devices.

    Am i correct in the following..
    ADSL Router ---> PFsense Machine ---> Wireless Signal & Switch

    I am new to this but do have some experience with networking.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    I believe that a pfSense box can do what you want. It might be prudent to buy gold support, which includes the latest version of pfSense: The Definitive Guide. You would need a box with one supported ethernet port (best Intel or Broadcom) and two supported wifi cards. Installing pfSense, you'd assign three interfaces: em0 (WAN), ath0 (LAN) and ath1 (GUEST).

    You'd setup an OpenVPN server instance in pfSense, listening on WAN. Then you'd add an interface named MYVPN (or whatever) and route it to LAN. That would provide secure connections to LAN from your remote devices.

    You'd also setup an OpenVPN client instance, listening on WAN, and connecting to the commercial VPN service. Then you'd add an interface named XVPN (or whatever) and configure outbound NAT from LAN to its gateway. You'd probably also need to tweak routing to ensure that incoming traffic on MYVPN didn't get confused with XVPN.

    Finally, you'd configure outbound NAT from GUEST to WAN, and add some firewall rules to prevent leaks.
     
  3. 4Qman

    4Qman Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    12
    Hi Mirimir,

    Ive been reading sold old posts here and see that you was familiar with Pfsense. I do understand the gist of what you have explained but i have limited knowledge, altho as you mention subscribing for the gold membership would assist me mainly ith everything.

    I was recommended the Netgate APU2, do you have any experience with this hardware. I see that it does not have any wifi cards, this is a feature i ideally need so will need to find some other options.
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
Loading...