How to Set up a Firewall Using pfSense, a Free Open Source Program

What is pfSense?

pfSense is a free and open-source program that provides the same (and oftentimes more) functionality as common commercial-grade firewallsIt is based on the FreeBSD operating system with a custom kernel and includes free third-party software packages, adding even more functionality to the program. The program utilizes an intuitive web interface that does not require any UNIX knowledge or the need to manually edit rule sets. 

pfSense Use Cases

Those looking for a cost-effective firewall solution would benefit greatly from a solution such as pfSenseUse cases include: 

  • VPN Router; setting up secure remote access over a VPN to your software services inside a data center (IPsec, OpenVPN)  
  • LAN/WAN Router 
  • Firewall 
  • Network Address Translation (NAT) 
  • DHCP or DNS server

How to Set up pfSense on Leaseweb Server

  1. Navigate to the downloapage on pfsense.org and download the ISO Installer for AMD64 (64-bit). Decompress the downloaded file (by using the gunzip command in Linux or the 7-Zip application in Windows) into the ISO Installer pfSense(…).iso file.
  2. Go to your (virtual or dedicated) server and re-install your server using the ISO Installer file. How this works dependon the type of server:
    • Your Leaseweb Dedicated Server can be re-installed using the IPMI Interface for remote management of the server hardware (also known as HPE iLO or DELL iDRAC). In both HPE iLO and DELL iDRAC you can attach the .iso installer file as Virtual Media. The IPMI Interface can be securely accessed via the Remote Management feature of your dedicated server in the Leaseweb Customer Portal 
      • An alternative way for your Leaseweb Dedicated Server is to set up your own IPXE boot environment first, and then use the IPXE boot to re-install your server. Read more on this subject ithe Leaseweb Knowledge Base. 
    • On cloud platforms like Leaseweb Elastic Compute (or similarly on Leaseweb VMware Cloud Director), you can upload your own ISO Installer file to the catalog of templates and ISO files and attach the ISO file to a compute instance for (re)installation. The pfSense website also includes a detailed description on how to install via VMware vSphere Client.

The sizing of the server hardware will also influence the possible performance of the firewall. Considering sufficient hardware specifications, the pfSense server can handle high levels of throughput, connections, and packets per second. On the pfSense website, you can also find comparisons between selected hardware sizing and performance information. 

The pfSense website includes very detailed installation walkthrough information of the pfSense software, a pfSense Default Configuration, and more. 

Alternatives to pfSense

Alternatives to pfSense include free and opensource OPNsense, opensource VyOS, and many other solutions (hint: a Google search for pfSense alternative’ will also provide many options).