pfSense

[Deleted User 298457]

I'm now looking at one of these to have in this install:

Sky FTTC connection
--------------------
Sky Router
--------------------
pfSense
--------------------


Plan is for Sky box, Vodafone SureSignal, Humax , sony blu raybox etc. to all sit in DMZ in front of the pfSense box with all my other kit sat on my main LAN

3 x laptops (XP, Vista, 7)
1 x printer
1 x desktop (7)
2 x iphones
1 x apple TV
1 x apple ipad
1 x AV Amp
1 x Wireless AP
1 x NAS


Can anyone recommend a base box for pfSense, I don't have anything at present, thought about a laptop, but of course not enough NIC ports.

My other thought was a HP Microserver and getting ESXi up and running on it etc. and then trying snort and other tools etc.

Obviously I'll have to determine what ports are needed to be open for the various appliances to work etc.

Why would you use the Sky router if you have Pfsense? Double NAT is an awful situation to be in.

I have Sky FTTC and PfSense running on an Intel Atom 330D/1GB/160GB router but it works equally as well on a MaxTerm 8300B embedded/terminal PC.

 

[PistolPete]

Ah... I forgot you are putting you WAN interface on Pfsense.

For me, I have a static IP on the WAN side on my router, a /30 on the LAN side of the router and the WAN side of pfsense, and a /27 and /29 on the LAN & DMZ side of pfsense.

However, I have to set the WANGW address on the pfsense /30 to a different subnet which is the next hop the other side on the WAN router IP (if that make sense).

ISP router 81.187.81.x > Router WAN IP (81.187.91.x) > Router LAN 81.187.2.x > Pfsense WAN (81.187.2.x - WANGW set as 81.187.81.x address) > Pfsense Lan (90.155.x.x) & Pfsense DMZ (81.187.219.x).

If I don't set an additional WANGW address in the WAN interface then I don't get any routing. Pfsense automatically adds the Router LAN interface and tried to set it as the default GW.