1. Insert the installation CD of PFSense 2. Select Option ---> 6
3. Press I to start installation
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
4. In the configure console select option Accept these setting
5. In Select task option select option
Quick / Easy Installer and press Ok.
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
6. In install Kernal Option Select the Standard Kernal
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
7. Reboot
8. After Reboot Configure Network
Select No option for “Do you want to configure VLAN (Y/N):” N
9. Select the network card for WAN: – hn0
10. Select the network card for LAN: – hn1 Select Yes option for “Do you want to proceed (Y/N):” yes
11. Configure the LAN / WAN IP address
Select option (1) Assign Interfaces Assign WAN IP address on hn0 Assign LAN IP address on hn1 Set the web configurator option to “yes”. Web Console will be enabled on LAN IP Address (http://172.16.100.50) by default Select option (7) Ping host to test network connectivity of LAN and WAN
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk 12. Now Access PFSense through Web Console i.e (http://172.16.100.50) Default user: Admin Default password: pfsense 13. System--> Setup Wizard Press Next --> Set Hostname--> (PFSenseFirewall)--> Domain Name --> (nuisb.edu.pk)--> Primary DNS Server -->(221.132.112.8) --> Secondary DNS Server -->(221.132.112.9) --> check the override DNS option --> Press Next Keep the other options as defaults Set WAN IP/Gateway Address Set LAN IP /Gateway Address Set admin password Reload
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk 14. Enable https on PFSense and TCP Port (Mention Port# 2048 in TCP port option)
System -->Advanced --> Admin Access
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
15. Enable SSH System -->Advanced --> Admin Access --> Check Enable SSH and set SSH port
16. Set DNS Server
System > Routing > Gateways --> Add LAN and WAN Gateway and Monitor IPs
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
Configure DNS and Gateway (WAN / LAN) System > General Setup -->
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
Ping to WAN / LAN IP Diagnostic >Ping >Host Name>IP
Install the PFSense System update
System > Update > System Update
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
Install the required Packages System > Package Manager > Available Packages Squid (High Performance Proxy Services) Squid Guard (High performance web proxy URL filter) Light Squid (LightSquid is a high performance web proxy reporting tool)
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk Now Configure Squid Check to enable the squid proxy Change Proxy port to: 8080
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk Clear the Local Cache Package ---> Proxy Server: Cache Management ---> Local Cache
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk Press the Clear Disk Cache Now button
Check to Enable the Squid Proxy
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
Enable Logging
Squid conf file in pfsense /usr/local/etc/squid/squid.conf
Enable Antivirus
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
Package --> Proxy Server: Access Control --> ACLs Mention the Allowed Subnet Mask, Unrestricted IP, Banned host address and etc as per requirements
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk Now Add Allowed subnets and ACLs
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
Update the Proxy Server: Traffic Management Traffic Mgmt
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk To Add VLAN Route in PFsense
System --> Routing
System --> Routing--> Gateways
Add Local Gateway
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
System --> Routing--> Gateways
Add static route of VLAN
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
After this all, squid proxy services will be available for all VLANs.
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk How to install squidguard
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
How Configure Bandwidth Shaper
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
Now add VLANs. Go to the Interfaces --> (assign) --> VLANs --> Add Parenet Interface --> Select LAN --> VLAN Tag (Mention Tag Name e.g 10) --> Description (e. VLAN10)
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
Now Add Interfaces through Interfaces/Assignments Add all VLAN interfaces
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk