Any Ideas On Things To Implement In Pfsense?

Discussion in 'Networking & Security' started by S-F, May 12, 2018.

  1. S-F

    S-F Gawd

    Messages:
    570
    Joined:
    Aug 5, 2010
    I just last week made the switch from DD-WRT to pfsense and now that I finally have everything running the way it was on my old router I'm looking for ways to leverage all of the possibilities of my new machine.

    Ad blocking:
    I used to block ads using this pixelserv method and it worked rather well: https://www.howtogeek.com/51477/how-to-remove-advertisements-with-pixelserv-on-dd-wrt/
    I have followed this guide for ad blocking in pfsense: https://www.linuxincluded.com/block-ads-malvertising-on-pfsense-using-pfblockerng-dnsbl/
    Does anyone have any thoughts they'd like to share about the guide or any other ideas they'd like to share?

    VPN:
    I have been using PIA as a VPN service for over a year now by running the client on individual machines. Yesterday I got it running on the pfsense router and it's great. Does anyone have any ideas on ways to possibly improve this?

    I guess at this point now that I have everything up and running I'm just looking for ways to take greater advantage of my possibilities. I see that there are a ton of packages but I don't really have an in depth idea of what they do. I looked into using squid to cache web traffic but it looks like it's all but impossible for https.

    Any ideas or tips are highly appreciated!
     
  2. wolfofone

    wolfofone Gawd

    Messages:
    690
    Joined:
    Aug 15, 2010
    Hmm https cache should be possible though you may have to install certs to each PC. Not sure...
     
  3. WhoBeDaPlaya

    WhoBeDaPlaya 2[H]4U

    Messages:
    2,553
    Joined:
    Dec 16, 2002
    Too lazy to setup adblocking myself.
    RPi + PiHole = done deal for all devices on the network.
     
  4. S-F

    S-F Gawd

    Messages:
    570
    Joined:
    Aug 5, 2010
    I think I set up all the pi-hole stuff in pfSense through PFBlockerNG using the DNSBL feeds the pi-hole uses. I think............... From the guide in the second link I posted. Has anyone done https caching?
     
  5. rtangwai

    rtangwai [H]ard|Gawd

    Messages:
    1,276
    Joined:
    Jul 26, 2007
    If you need remote access to your network you might want to implement OpenVPN.

    Squid and SquidGuard are useful too if you have a lot of devices connecting to your network.

    Maybe a RADIUS server?

    If you have friends use your network maybe a captive portal?