Turning an old computer into powerful firewall and intrusion prevention and detection device

Having a traffic analysis device, at your demarcation point, is crucial to network security.  However, these devices are often, very expensive to purchase, and can limit your spending, on other vital network devices. Open Source software is freely distributed, and  give the user more control, and stability, than many proprietorial wares.

“PFSense”is and Open Source, Intrusion Detection, Prevention, and Firewall suite, of Unix based programs to secure your network, or single desktop computer.

What You Need

  1. Download the free version of PFSense from this website.
  2. A computer with 2 network adapters, and a dvd drive or USB port for installation.
  3. 2 cat5e network patch cords.
  4. A USB drive or DVD (I use the DVD)

What You Do

  1. Use the ISO you downloaded to make an installation disk.
  2.  Boot the ISO and follow the instructions on your screen.
  3. Performing a Full Install (ISO, Memstick)

For other boot issues, Installation Troubleshooting.

 

 

 

As the operating system boots and pfSense starts, a prompt is presented with some choices and a countdown timer. At this prompt, press i to invoke the installer now.

Installer 01 launch early.png

Alternately, allow the system to boot the rest of the way, assign interfaces, and then choose option 99 to invoke the installer.

The Quick/Easy Install option is, as the name implies, both Quick and Easy. That is the method which will be demonstrated here.

First, the installer console can be changed to use a different font, screenmap, or keymap. Most people do not need to change these, but it may help with some international keyboards.

Installer 02 set console options.png

At the Select Task prompt, choose Quick/Easy Install.

Installer 03 choose task.png

The Quick/Easy Install option assumes the first located disk is the intended target, so be sure there is only one SSD/HDD is present in the system.

NOTE: A GEOM mirror (software RAID) may also be configured by choosing Custom Install and then invoking the option to create the mirror and select the disks. Once that has been completed, then it is possible to return to the Select Task screen and proceed with a Quick/Easy Install

Because the next step is destructive to whatever is currently on the target disk, confirmation is required to proceed. Select OK then press Enter.

Installer 04 easy install confirm.png

The install will proceed, wiping the target disk and installing pfSense. Copying files may take some time to finish.

After the files have been copied to the target disk, a choice is presented to select the console type. Standard defaults to the VGA console. Embedded defaults to serial console.

Installer 05 select console.png

Now the system must reboot so that pfSense may start from the target disk. Select Reboot and then press Enter. Be sure to remove the disc or USB memstick so that the system will not attempt to boot from there next time.

Installer 06 reboot.png Installer 07 rebooting.png

After the system reboots, pfSense will be running from the target disk. The next step is to Assign Interfaces on the Console .

 

FULL Documentation is available at the wiki.

https://doc.pfsense.org/index.php/Main_Page

Now you need to read some of the documentation to configure the software.