Cai Dat Pfsense

am08 PPESENSE tin tp-FOperbb cisco Lab PFSENSE toan tap nse Frewa Seve @) sunsctne io masts vntsoner 6=Mé Hinh Trong Thue TS Aout fut ptt e258, 78 by Mungo 6 phn nby cia chi dt tsense th s8 an oi, ang xdt theo céch kndch quan nt vB toh tang St dung ela Pisense vb eng eB hin dang trdn eka! wong doanh neh ch soo oung 2. Nghe minh Oe Bua Who inv ea 10 User Ng cu nh dang duge erin ka 1 NAT outside cha mall server ra ngodl Internet QS User cb thé nh v2 Ql mal Kh & hd * 2, Falover tran 2 WAN 8 dam User lubn kat di coe vot Loternet 5) Chu rin VPN cho phep User cé Ui tray aut vio ERP server Kh @ ohh Aout: Mee 4 roxy server + SqutsGuard + cSm mots User Internet nang eh cho hg 3 Guge mBE trang dy nh Ie ‘pexcom eon tt ca ning user Khe th ray aust Sh tsong vi cm download mg fle hg. him exe 3. vin gave 5/ Tat cd ce ung eng Ket nol Ieernat du pra dug Km soat (21 vu ME théng) 6) Tring ke avoe totic av Sung ea coe User 6 Buh 1,2 3 Baa al bia ia finn ng ea ny bh ay a i ch hang User mk en mu in toy a tet ei A abe Deny che Target Categories 26 tren mt Group ACL is 68 uy xorg vn un Aiba 5: 8 diy 28 30 Aliases chi co php més 58 por cd thé Kat nS dvoc dn Internet nut HTTP (80), ‘eamvlewar (9988), VPN (300,4800,1723), Seeure POPS va SMTP (995, 465), Yahoo (S080, 5130), Skype (33032) v8 hm va kh 0 Rule = og ta pr prt vs to php prt 43 User ding Utes a wat a ante su vy I 8 bei ai ede cg cng Rode ce website cb si oyg port 443 th i ph tao thém mt Rule kfc eho phép ching “Thing Ke Et ni 10. duy nh cae server 43 ‘Va ke eS lah th ay to 68 kiém sadt duge User si ng ce ng dung Khic kat fl ra ngs Internet nu cic (game onlina.Tuy hay eve trong vide add him vao met e610 server cus ede website nay Una dung =u dung HTTPS {Gan tet che cg vid) nung vd cach nay cb the cBm voc Utrasur va phn Tan ee Ung dung Wis dhe Ia inae (Bi hin 6: Ci 85 him 961 nhop a xem aug cbc rg Kb SDUEE cl Se trén met may th cO CPU AMD 2,76, Ram 268, HDD 16068 (720rpm) nnng teense vin choy ‘Be nan, enca thay ya Shh trang treo hob 1 Apply cdc eu Non dl nen. ‘"eiga alge rye quan va t3to8 eu Nh “uy‘n kn rigs kl thm Prony eh roy x08 website mdi du rSt ehonh vi & duge cache Ig vbe HOD. Nhung Sauleroing mae glam tu tay com dh, C58 vo ooSng gi 100 User ty st th MBE HDD Bin rong 38 hing dip Una ns {qua bal vigt nay hy vong cing alin mol ng higu 1 ptitn no cbc che ning ca Pense cng nh vic chen Tim Suing Wa rong Ne thng ca minh A-Cai d3t Pfsense 2.0 Domed Sop 1b, 2013, 3:00 AH by Tung Ove [updated 5 pssitos coal camisitstopelahopen-yston-bavpfsense-frewallsense-tos- tparame PPESENSE tin tp-FOperbb Nn 1 Bot Pons data nd faltowing console 0''G \-y shove tm oleS ay that you nish ismre eos et tap aA ask perforn, 5; pssitosg2ogl.camisitstoperlahopen-yston-bavpfsense-frewallsense-tos-tp 228am08 PESENSE tin tp -TOperkb Saunas eng Rabel a8 ag pssitosg2ogl.camisitsopelahopen-yston-bavfsense-frewallssense-tos- tparame PESENSE tin tp-FOpertb Dis pssitosg2ogl.camisitstoperlahopen-yston-bavpfsense-frewallsense-tos-tp 408arame pstsitos coal casitstopelabope PPESENSE tin tp-FOperbb Dis 528arame PPESENSE tin tp-FOperkb 2+Load Balancing 18a chang ta ph to ke Goup gb cho WAN rs hing ta mun Load alana rn pssitosg2ogl.camisitsopelahopen-yston-bavfsense-frewallssense-tos- tp 628am08 PPESENSE tin tp-FOperbb ft Grup Noe vt: Catan Pty ton abe WAN. Ns chon Naver a khng tha gf vo Lolacing Tar yr ub nu it ce go Tar rg aut te i vie Lond Balacing tn rong ay Vb ob dctng Tar oa Mo a8 aver ena atong cd Tarp han dour Gi 2 ta Loa alec 2 dung 2 cig Te stung mt rg 150 Mts vs bt uO i ny 1256 cab vt ene 2 avg ray Cb uae sea Ven dzong saps nea hom Dung SOMES sco Neg Sa ‘ong soho 38.28 Wemnea tf). Fy Ey bebebete EET neem enn er Tis rt (Coon ah Mig IS cho AN 1 Sad chon Save = Tuong ty et0 WAN, (8 ad dung aug Lasting ny ching ap go mL v8 ha nn ae i, pssitosg2ogl.camisitsopelahopen-yston-bavfsense-frewallssense-tos- tpPESENSE tin tp-FOperkb am08 — =; co Frowal > le» Grate iva shin Avance Feature chon ang Mulan 3Gatony 3 Loadacng 3: NAT, RULES va Aliases "rung Ove {updated Sep 18,2013, 3:86 0M} 4INAT (Network Address Translation) NAT on Pianse ab che cd sar & ue Inte au 602 met cc IY dng Cg We NAT ny 1 8 cho a NAT me stro age ome hay eon gla NAT uso pssitosg2ogl.camisitsopelahopen-yston-bavfsense-frewallssense-tos- tpPPESENSE tin tp-FOperbb “Tal ta Pr Fara dn + Cte anew NAT bana am08 (a rer evn Sh ae =a ‘Ono wong ae nahn 2U RULES “oo alsa cho ship aque Wri qua cg LAN hae WAN cia PESENSE, Ta cdtN Block, Past Hae Rol male ki St | a tecccaee Oo Pat Sowes dg tan ph bn 102 in i 8 8 ey Wg en nguyen de ful ay 56 cho pp tc ce IP tong mang LAN yc Inmet uy mh au go 80 ding TO? “a cang 0 8 to ti Rules eb aa 8 pang le tg Pin Avance hia de cho shia chon mt 8 ty chen ke hr Gateway, Schule [a pssitosg2ogl.camisitsopelahopen-yston-bavfsense-frewallssense-tos- tpam08 PPESENSE tin tp-FOperbb 3/ ALIASES ‘Ales a tcc ta. 8 Grp niu Por na ru Network" rau, Lr eh ea Alas 9 ta eb Bg ifetstndnaennon ewe not fa a, geEbEE EE Ec Ta Mens Frowa enon Asee va chon Aas row Aas et tin en Alin venom ype =v ancien pp Urr vto Geog rung Goael au nh IP ching a plo tf ale msi spon h Thay tar l'un Nee 2g Sg vn. su gf Fle rn Dostton 2 han a las vSe ma ng cha Sul chai ach ‘4:Proxy (Squid, SauidGuard, LightSquid) Sep 18, 2013, 3:48 AM} ~ Mt Proxy server thng am chit nng tam gl nhng yeu cbu ntemet cba ede cent ching Khdng giao {bp trys tp ntemet vaglip cao otc dot you cau sau cus clon ge tay vn nhan han. Proxy cing GU {quan cacy cap ntemet Dang ch WN6ng co cent ty cep vao ahang rang weDst bi cam. - Pisense cho phép ta ci thém vao nhiing th rng ma me inh Pisense chua cB. Vi thé ab ty hign vibe ‘nay ta cing pha cai thém vao 3 tinh nng gb: + Squid: chic ning lm Proxy Server + SquldGuar: cho php ta chu hinh 68 loc ee dBi tuyng hay nd cen Khde I tao cde Access List che Proxy a8 c&m user ‘ruy c@p vao website + LightSauid: a8 tgo cde Report. 1/ Squid pssitos coal camisitstoperlahope-yston-bavpfsensefrewallsense-tos-tpam08 Ea “p pssitos coal camisitstoperlahope-yston-bavpfsensefrewallsense-tos-tpam08 PPESENSE tin tp-FOperb creck vo Alon urs a taro 8 Trnepetet Proxy Nar pi in fo rauyén me me en roy ee: ache arava SS Se eevee) Ss Se imeem ST eae cI Gaon roe seve: eco conte Semiemmsnmatammne Ta cess Conta tong tty allow subnets ap ao strt 16 pp dug ox. pssitosg2ogl.camisittaperlahope-yston-bavpfsense-frewallsense-tos-tpPESENSE tin tp-FOperbab ermal Sey | Pivcy | Contnt{ Correia | Pagans | Advanced am08 | Db eb ua xem Trgnparen Pry deat ng ena by ech vio Cates Parl inametOptns v8 sp IP Proxy ‘ever Por 3128 Ns ty ap wee bh Pung ty roxy Serve eho Op 8b Onckv ansparent het deg king cn phat etn piace Sikh 2/ SquidGuard Tp ata a os inn SqusGums chon Pay Fiera har Sanaces Pry ter Suidcue Genera sttnge ° ie EN I I NET ee eee Beet me menennnncnenenen hpssitos g2ogl.camfsittoperlahopen-yston-bavpfsense-frewallsense-tos-tpam08 PPESENSE tin tp-FOperkb eres (se) Check vo rus 2 nh rn emble Schad lacks UR ching a ng cla tn mg bo dog ech a ab = Sau dsl Seve “Tei Bleck ching ta ln vp Dood cht cha tik donload ge hain ‘ror fer Seidcuar: Common Aces onl Lit (ACL) . eee Toit common ACL vg dh ta may xa sow ad Becks. Vy hang acy cee wade “dng tet dg PAL news techn dey 3 chm Nu user ey ct vo oe rang cm, a6 co tnt rarect 1 mot rang kde hog lb ng nog bao: chor trongReatect move Common ACL ny dng no oe User i dg Prony Sever roxy fer Sulack Groupe er ro Lt (MCL) ° Tog as Goren AGL Gp AGL ig hn gr tg ie dg ch mB hm che Ur ticec arabe * [3 pssitos coal camisittoperlahopen-yston-bavpfsense-frewallsense-tos-tp ‘28am08 PPESENSE tin tp-TOperb Prony iter Suldar Groups Access Conve Lit (ACL: Eat ° =n Ee spemmne wintamonare ememeass otis Sees i Tata Cont np vo oy P ma ens te dg ce Graup ACL ny Tame x on aig in ange Tat en, Nh mn ngs yh pl aa (aw Tage ie List 2 208 mB oda Yor gan Times Auge ve mB pag RN Nt gan Tes roy ter Squdouare Target tage. ° =m s} rn — —, + Tiga ategaes 2 ong db nt vo eu te , pssitosg2ogl.camfsitstopelahopen-yston-bavpfsensefrewallssense-tos- tpam08 PESENSE tin tp-FOperkb A’ eit it vidya vio rr nh np tt 2 ee a tr c6 pn al mi gh Sau 4 Seve v8. quy I Canman ACL Rage Group ACL db uy chon cm hay ho pec Use downs ed a te iy ry er Sida Tes: at ° 3/ LightSquid avs — pssitosg2ogl.camisittaperlahope-yston-bavpfsense-frewallsense-tos-tpam08 pssitosg2ogl.camfsitstopelahopen-yston-bavpfsensefrewallssense-tos- tp PPESENSE tin tp-FOperbb Seu vo lb Lipoid apr xe Rept cba Pax v8 cde cache a cuge a Magma sy 123M 21306 sewn sp 76 SusM 205% paws om D sin Bos aed ap a WE 6 sr sam ieagm pp &@ DSM SIM 130% Toalavenge = 75H 20981 M1926%% Lihat (Sear Fron AKA ESL ns mis ea Proxy Rapa duce tng ha rg nay VPN ( OPEN VPN, PE wm Ove’ updated Se 2, 2083, 3:47 AM} VENA oi? YEN Er il ht rt ct tyr ern hr te tg a tng chi man ae ture dn ‘im aso ue nn tg to vat mH, Bk cing ef ktn a se may tm fe ou trang rans bing St eater co era tng tr tna tnen. cho pop O68 ths gto ty Way gua ne Wg nga sav Gan oe "ay in oon eh rg rang reo nen Ba dn hn lrg avo neg cha my, ‘Cheon dug mt hoa vec nd i ma vo ing Kha tc hyp, nin ae Lutag hap gt nbn dan je, ac kid két n6i VEN G62 i 8 VPN Trap: Crt to Sto vA Stet Sie 1883 ng nh chu nay fp it v8 ong cura eho Ngee ng x9, Win Mapa cry tng uD nme. VI dy Ki nat ng ‘ry th a hay sare Gn ath al oe 08 Cla ‘Ap cng tee che ob ait vn hing ela le ev ghang ch Us ao ou wr an, Vi gs m0 cng ty de ale (com eh ashen tng ede en nah tin Srgaore vit Nam, eh by mgm rng VEN Sto Seek ‘hate Wi Nar v8 Snape ng dui vb arg or man nama paw a Wn yan eb, a _o kang oo ad kt th én bd ny ct so tn v8 Kd 8 clot oe tn Pens rg au io the ss 11 Open VPNam08 PESENSE tin tp-FOperbb a Syston: catia arty Manger. ° “Tea mol 8th syton: Create Auto Manager ° Su do User Manger tong mens Systam vga mi user Toitsbrg Coat auton chon CA vin mi ta a tse pssitosg2ogl.camisitstopelahopen-yston-bavpfsensefrewallssense-tos-tpam08 ‘chon Opeo¥Pvt mara VPN ‘Sud chantab Wzas vam i theo ce bus Chon Cost ta User hpssitos coal camisitstopelahopen-yston-bavpfsensefrewallssense-tos- tpam08 PESENSE tin tp-FOperbb = inva eh I ea ova stv va I Tuna ets ng be cho clare aN kt 0 VPN = Omen Next pe penn: cent Export Ua ° ET Eee cease ean ER Sa th 8 gi Roi mi OpenVPN Ton 8c ia inte Np User vB password lg nb pssitosg2ogl.camfsitstopelahopen-yston-bavpfsensefrewallssense-tos- tparame PESENSE tin tp-FOperbb au 8 a bing lnm cont. sty da oP age cp tr Sever Gamect hin cng 21 PPTP VPN {cng mit ota ing bch pp cere nl VPN ose ratwok UB dirt ou nn ds ona tg hdr cs Ngo ei Pane Lira eg IP ay ke Wy IP aa co el Be eu. Nip ao at = = 2 © “% tip urerame va snort. Nl mu gn tan Peet th sn vi eg Na ch dg th 8 tn 2108am08 PPESENSE tin tp-FOperkb ‘uo os ah PPT VPN a an Lue Mé poe UOP 1723 nartce Wan ab cont snk nf ue ‘auc ho xg Saver all lo ip ll VPN brook vbo Cares Pana Nate sd “at Cetor 4 Set am comocton chia eo ‘en Corea fo 9 wero vara Newt Usemy rar comecion AD > Somtang sapere nnn to com Beh patmne ‘Us ey lr anne) vk Neat pssitosg2ogl.camisittaperlahope-yston-bavpfsense-frewallsense-tos-tpam08 PPESENSE tin tp-FOperkb Typetne tert dea cnmetto " eo Tiong Wa aes ln PHO ia Sov ty ae lp BIS hg Sarr A chsh VPN Okeme _ ae aw Nip Urea v passwort Hohn Senerva hn comee. ‘Sa kin ai Bing incon vi ny cla shin dre IP 12.168.3.2 SIL2TP VPN 18 80 mt han VPN PPP nda VPN L2IP cf hon oan 8 phi tp hon men, [aerate ernie a — (renee near mpeenrane a Np va ch Seem bn Sone “Tht ng pn con zomg lah Wich Hoh PPP a inh mot usmame va pats ab User pssitosg2ogl.camfsitstopelahopen-yston-bavpfsensefrewallssense-tos- tpam08 PPESENSE tin tp-FOperbb TWN Gomecton Pope aT “ieee Le Tumeig Pash Pc TSN) Hewes Facog —————} fea eatin comes fener al a At Ub tomb Athos Peed EF) \ (6 Motes te Fuente panned Pa 1 Dalene Hane Auten te CA) Mem C88 enon MECHA) [ikon na Winton Feelin Fou Coe) Cte) $6 rn ng sat rg rh PPT ay 6 vio Peper. Tetab Seen chon ib VEN Sau chon Advance Selling [Bey ee at Wh eessate spe ay Svea in ae, emda i ha AVN ee ieactetesinectezeecee, i eg Ds Pesan neg tb LZ? dt op pes nan ng lap ene Pre bg eh ve Ragan Vino Sst va arora dn ee Y ESSal ACNE Sytem cumeCaroanscce aaron S46 pom thay vl Valu rane: Prt: Tp: OMORD: Vai: Kh tn Windows gat de Aly onc Sain VP vA ie ere peer AIIPSEC VPN 88 voLPSEC VPN ening ah han Clot St oe Sto Si pssitos g2ogl.camisittoperlahopen-yston-bavpfsense-frewallsense-tos-tpam08 PPESENSE tin tp-FOperb N81 3 rn wong bl wit ny i tf v8 conto se a aoa hiancs — sok — ieee | —— Toit Mota cnts:Enala PSe2 Mable Cie! Sippo py IP cp ho Gn. ONS sev Login Barnard eo i Cone thing ‘Aeeh Charges va sad chen Grose 8 Phase 1 pssitos coal camisittoperlahopen-yston-bavpfsense-frewallsense-tos-tpam08 PPESENSE tin tp-FOperb ae Con ice cha kd nl VPN, hd charg hye I Matus PSK vce ut abn Na von tse: Kaye ooo ore Poe Eu pestered ey 42) eee Coe ip mal. ven pb ue lg ha nc cnt vi srvet "VPN Access Manager ea) a Vena x ‘Sau tk VPN Access Manager ic ls ies llamo vA A vio nl Carmen hpssitos coal camisitstopelahopen-yston-bavpfsensefrewallssense-tos- tprao SENSE toi tp -FTOpertab 1 Se Coviauion Aabesesin a Abt ieed ei ene] Osea | See CetlenoAdahy Fie Tal Authemation chan Mut! PSK vm Pe Shave Key ab Crndntae (Be iain] ie maT) Atheist eos (iid uh) Ea erste | Cnc (eee ey Sony 4 | Cee) (tame) acl dorty np vo oto hs Noh en Seer (Yow sie Coniauaton [ss ein [aera] Ph [ERATE alma ee ce corertovLengh ga (\ [Jenn cnx roe natn ea 0 | Cee) (tame) Oph ipa Th Arn reg Tay TERT over pssitosg2ogl.camfsitstopelahopen-yston-bavpfsensefrewallssense-tos- tpam08 PESENSE tin tp-FOpertb 0 WH ResNeroae le Ea View Fal a\|o ao it Moly _Oslete a Seren eo Yong NOTRE ‘Bacio bm dung | busing cp i) Google Sas pssitos coal camisittoperlahopen-yston-bavpfsense-frewallsense-tos-tp

Cai Dat Pfsense

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cai Dat Pfsense

Uploaded by

Copyright:

Available Formats

You might also like