Scribd
Upload
48 views

PFsense

PfSense is open source firewall/router software that can be installed on physical or virtual machines. It has a web-based interface and can be used for routing, firewalling, VPNs, proxies and more. The document provides instructions to install PfSense in VirtualBox and configure its interfaces, zones, services and filtering.

Uploaded by

lika edaw
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
48 views

PFsense

PfSense is open source firewall/router software that can be installed on physical or virtual machines. It has a web-based interface and can be used for routing, firewalling, VPNs, proxies and more. The document provides instructions to install PfSense in VirtualBox and configure its interfaces, zones, services and filtering.

Uploaded by

lika edaw
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

pfSense is an open source firewall/router computer software distribution based on FreeBSD.

It is installed on a physical computer or a virtual machine to make a dedicated firewall/router


for a network. It can be configured and upgraded through a web-based interface, and
requires no knowledge of the underlying FreeBSD system to manage.(WIKIPEDIA)

Popular uses for pfSense


 LAN / WAN Router
 Wireless Hotspot (Captive Portal)
 VPN Box with OpenVPN
 Firewall
 IDS with snort
 DHCP / DNS Server
 Wireless Access Point
 Transparent Squid Proxy Server
 Multi Wan Router or Load Balancer
 DNS Blacklist
 Port Forwarding / NAT (Network Address Translation)
 Server Load Balancing
 Certificate Management
 …..

 https://linuxtute.github.io/2018/08/08/Install-PfSense-2-4-3-on-Virtual-Box/
 https://dlford.io/pfsense-nat-how-to-home-lab-part-3/
 https://samuraihacks.com/install-pfsense-in-virtualbox/
1. Install pfsense by using these link as tutorial according IP addresses given in the architecture.

Three interfaces:
 WAN Adapter 1 linked to the AIMS network by bridge (that will use dhcp). Give
screenshots as proof
 LAN Adapter 192.168.89.1 (fixed) in a network called internal. Give screenshots as
proof
 DMZ Adapter 192.168.80.1 in a network called dmz. Give screenshots as proof
Assign Interfaces

2. Configure the LAN network on the pfsense(BSD) terminal


a. Set LAN interface IP address 192.168.49.1/24 without a gateway
b. set up the DHCP service on range 192.168.49.2-192.168.49.22

c. Put the Kali Linux host to the LAN and permit to get access on internet
Test with this link

Give a capture of navigator showing web access as proof that is working.


3. Configure dmz Zone on the pfsense(BSD)
Use you kali Linux navigator and http://192.168.49.1 Give screenshots from your physical
computer navigator as proof. By default username=admin and pass=pfsense

a. Set LAN interface IP address 192.168.80.1/24 without a gateway


b. set up the DHCP service on range 192.168.80.2-192.168.80.7
i. Navigate to Services -> DHCP Server and select the DMZ Interface.
ii. Check Enable DHCP server on DMZ interface
iii. Set a DHCP Range
iv. Click Save on the bottom
2. Configure the dmz zone.
When you create a new interface, it always comes without any rules, meaning all traffic is
blocked by default.

a.Permit DNS and ICMP from dmz network to the Pfsense on dmz interface
b.Permit the LAN get access to dmz for any port and any protocol on LAN Interface
c.Permit http, ftp and email access to dmz from anywhere on WAN interface
d.Connect metasploitable on DMZ network, give screenshot that shows internet
navigator has access on metasploitable server from anywhere.
Give a screenshot as proof
3. Configuration of services: Go to server menu and click on DHCP SERVER. Complete the
configuration by giving DNS servers IP

Your local DNS name (Ex for AIMS-Senegal-LAB it is 192.168.1.1)

Google DNS: 8.8.8.8

On Kali send a new dhcp request and test the link http://google.com/ . Give a screenshot
as proof.

4. Filtering: On the Firewall Menu permit http access from anywhere to DMZ and NAT Port
forward.
Show the access on metasploitable from physical machine (internet).

You might also like