SlideShare uma empresa Scribd logo

Pf sense 2.0

OpenFest team
OpenFest team

Pf sense 2.0 - Щеряна Шопова

Tecnologia
1 de 15
Baixar para ler offline
pfSense 2.0 pfSense 2.0 Shteryana Shopova OpenFest, Sofia November, 2011
pfSense - Introduction ● FreeBSD-based open-source distribution for firewalls and routers ● Started in 2004 based on m0n0wall ● Powerful and flexible firewalling and routing platform ● Versions ● Legacy 1.2.3 ● Latest stable – 2.0 – released 17th September, 2011
pfSense - Applications pfSense 2.0 ● Firewall (incl. redundant setups) ● SOHO Router ● WAN Router ● Wireless Access Point/Captive Portal ● VPN Appliance (OpenVPN, IPSec, L2TP, PPTP) ● VoIP Appliance (FreeSWITCH) ● Sniffer appliance ●
System Requirements pfSense 2.0 ● 100Mhz Pentium CPU, 128MB RAM, 1GB Hard driver/512MB CF card (embedded) ● Throughput ● 10-20Mbps – 266Mhz CPU ● 21-50Mbps – 500Mhz CPU ● 51-200Mbps – 1GHz CPU ● 201-500Mbps – 2.0Ghz CPU, PCI-e network adapters ● 501Mbps+ - server-class hardware, 3.0Ghz CPU, PCI-X/PCI-e network adapters ● Features/Installed Packeges ● VPN – CPU resource and/or HW entcyption, 500Mhz CPU for 10Mbps IPSec ● Captive Portal - CPU resource ● Large state tables – 1Кb RAM per conection ● Packages – additional RAM - snort, ntop, etc – at least 512Mb RAM
pfSense - Features pfSense 2.0 ● pf firewall from OpenBSD ● Stateful filtering of IP, UDP and TCP streams based on various parameters ● Max connections limit per rule, selective logging per rule ● Filtering based on OS ● Policy routing ● Transperent L2 filtering, Traffic normalization ● NAT and Load balancing ● Redundancy – carp and pfsync ● WebUI ● Package management ● Update & configuration management
NewpfSense 2.0 2.0 Features in ● New instalation options ● New interface types ● GRE and GIF tunnels ● Dial-up modem and Multi-link PPP ● 3G, VAP and more wireless cards supported ● LAGG ● Bridging enhancements ● Multiple gateways (dynamic) & Multi- WAN ● WebGUI improvements – HTTPS, context help menus
NewpfSense 2.0 Features (cont.) ● Firewall ● Layer 7 filtering ● Traffic shaper rewritten ● EasyRule ● Extended advanced rule options ● Extended NAT options ● Rule scheduling handled by pf ● State summary view & real-time stats in WebUI
NewpfSense 2.0VPN Features - ● L2TP VPN added ● IPSec ● Ipsec-tools 0.8 ● Mobile IPSec works with Android/iPhone ● OpenVPN ● Remote access configuration wizzard ● Client export package ● OpenVPN Status page
pfSense2.0 New in 2.0 ● User management ● Local database ● LDAP ● Raduis ● Authentication diagnostics ● Cert manager ● Config history ● diff, download, descriptions
Available packages pfSense 2.0 ● Advanced routing ● OpenBGPD, OpenOSPFD ● Telephony ● FreeSWITCH, SIP Proxy ● Network Management ● Zabbix, nagios ● Network diagnostics ● Bandwithd, rated, iperf, nmap, pfflowd ● Web proxy ● Squid, squidGuard, LightSquid, HAVP Antivirus ●
Planned releases - 2.0.1 pfSense 2.0 ● http://redmine.pfsense.org ● Maintenance release ● Expected - ??? ● Status - ~ 20% issues fixed
Planned releases - 2.1 pfSense 2.0 ● The big step - IPv6 ● pf, carp, traffic shaper, load balancer, captive portal, DHCPv6, PPPoE, PPTP ● Packages' updates ● New Varnish package ● cryptodev support ● Improved policy routing & route metrics ● Super vlan (RFC 3069)
PfSense 2.0 webUI menus pfSense 2.0 DEMO
pfSense 2.0 Thank you!
pfSense 2.0 Questions?

Recomendados

pfSense presentation
pfSense presentationpfSense presentation
pfSense presentationSimon Vass
 
pfSense, OpenSource Firewall
pfSense, OpenSource FirewallpfSense, OpenSource Firewall
pfSense, OpenSource FirewallErik Kirschner
 
pfSense presentation
pfSense presentationpfSense presentation
pfSense presentationSimon Vass
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorialtutorialsruby
 
DebConf16 BoF on MariaDB/MySQL packaging
DebConf16 BoF on MariaDB/MySQL packagingDebConf16 BoF on MariaDB/MySQL packaging
DebConf16 BoF on MariaDB/MySQL packagingOtto Kekäläinen
 
More Information
More InformationMore Information
More InformationAristotle Miranda
 
Less passwords, more security: unix socket authentication and other MariaDB h...
Less passwords, more security: unix socket authentication and other MariaDB h...Less passwords, more security: unix socket authentication and other MariaDB h...
Less passwords, more security: unix socket authentication and other MariaDB h...Otto Kekäläinen
 
Securing the network for VMs or Containers
Securing the network for VMs or ContainersSecuring the network for VMs or Containers
Securing the network for VMs or ContainersMarian Marinov
 

Recomendados

pfSense presentation
pfSense presentationpfSense presentation
pfSense presentationSimon Vass
 
pfSense, OpenSource Firewall
pfSense, OpenSource FirewallpfSense, OpenSource Firewall
pfSense, OpenSource FirewallErik Kirschner
 
pfSense presentation
pfSense presentationpfSense presentation
pfSense presentationSimon Vass
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorialtutorialsruby
 
DebConf16 BoF on MariaDB/MySQL packaging
DebConf16 BoF on MariaDB/MySQL packagingDebConf16 BoF on MariaDB/MySQL packaging
DebConf16 BoF on MariaDB/MySQL packagingOtto Kekäläinen
 
More Information
More InformationMore Information
More InformationAristotle Miranda
 
Less passwords, more security: unix socket authentication and other MariaDB h...
Less passwords, more security: unix socket authentication and other MariaDB h...Less passwords, more security: unix socket authentication and other MariaDB h...
Less passwords, more security: unix socket authentication and other MariaDB h...Otto Kekäläinen
 
Securing the network for VMs or Containers
Securing the network for VMs or ContainersSecuring the network for VMs or Containers
Securing the network for VMs or ContainersMarian Marinov
 
Basic ASA Configuration, NAT in ASA Firewall
Basic ASA Configuration, NAT in ASA Firewall Basic ASA Configuration, NAT in ASA Firewall
Basic ASA Configuration, NAT in ASA Firewall NetProtocol Xpert
 
Install dev stack
Install dev stackInstall dev stack
Install dev stackBasim Aly (JNCIP-SP, JNCIP-ENT)
 
OpenVPN
OpenVPNOpenVPN
OpenVPNfrancisdinha
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingWido den Hollander
 
Passwordless login with unix auth_socket
Passwordless login with unix auth_socketPasswordless login with unix auth_socket
Passwordless login with unix auth_socketOtto Kekäläinen
 
NAT with ASA & ASA Security Context
NAT with ASA & ASA Security ContextNAT with ASA & ASA Security Context
NAT with ASA & ASA Security ContextNetProtocol Xpert
 
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit ModeSetting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit ModeDhruv Sharma
 
Building Python Development Station
Building Python Development StationBuilding Python Development Station
Building Python Development StationBasim Aly (JNCIP-SP, JNCIP-ENT)
 
HTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesHTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesOVHcloud
 
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxyLeandro Almeida
 
What is Firewall?
What is Firewall?What is Firewall?
What is Firewall?NetProtocol Xpert
 
How to setup your linux server
How to setup your linux serverHow to setup your linux server
How to setup your linux serverMarian Marinov
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesMark Smith
 
Raw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on LinuxRaw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on LinuxDevin Olson
 
Factory setup wsa_9.2_v1.0
Factory setup wsa_9.2_v1.0Factory setup wsa_9.2_v1.0
Factory setup wsa_9.2_v1.0Dhruv Sharma
 
Rabbit mq簡介(上)
Rabbit mq簡介(上)Rabbit mq簡介(上)
Rabbit mq簡介(上)共和 薛
 
ΠΔ126
ΠΔ126ΠΔ126
ΠΔ126Katerina Arabatzi
 
Art1204 we don't need another hero the art of feminism
Art1204 we don't need another hero the art of feminismArt1204 we don't need another hero the art of feminism
Art1204 we don't need another hero the art of feminismProfWillAdams
 
Hum2220 sp2015 syllabus
Hum2220 sp2015 syllabusHum2220 sp2015 syllabus
Hum2220 sp2015 syllabusProfWillAdams
 
2009 Spring Newsletter
2009 Spring Newsletter2009 Spring Newsletter
2009 Spring NewsletterDirect Relief
 
La sociedad-civil-y-la-construccin-de-ciudadana
La sociedad-civil-y-la-construccin-de-ciudadanaLa sociedad-civil-y-la-construccin-de-ciudadana
La sociedad-civil-y-la-construccin-de-ciudadanalassershot
 
Presentation1
Presentation1Presentation1
Presentation1Katerina Arabatzi
 

Mais conteúdo relacionado

Mais procurados

Basic ASA Configuration, NAT in ASA Firewall
Basic ASA Configuration, NAT in ASA Firewall Basic ASA Configuration, NAT in ASA Firewall
Basic ASA Configuration, NAT in ASA Firewall NetProtocol Xpert
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingWido den Hollander
 
Passwordless login with unix auth_socket
Passwordless login with unix auth_socketPasswordless login with unix auth_socket
Passwordless login with unix auth_socketOtto Kekäläinen
 
NAT with ASA & ASA Security Context
NAT with ASA & ASA Security ContextNAT with ASA & ASA Security Context
NAT with ASA & ASA Security ContextNetProtocol Xpert
 
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit ModeSetting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit ModeDhruv Sharma
 
HTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesHTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesOVHcloud
 
How to setup your linux server
How to setup your linux serverHow to setup your linux server
How to setup your linux serverMarian Marinov
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesMark Smith
 
Raw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on LinuxRaw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on LinuxDevin Olson
 
Factory setup wsa_9.2_v1.0
Factory setup wsa_9.2_v1.0Factory setup wsa_9.2_v1.0
Factory setup wsa_9.2_v1.0Dhruv Sharma
 
Rabbit mq簡介(上)
Rabbit mq簡介(上)Rabbit mq簡介(上)
Rabbit mq簡介(上)共和 薛
 

Mais procurados (16)

Basic ASA Configuration, NAT in ASA Firewall
Basic ASA Configuration, NAT in ASA Firewall Basic ASA Configuration, NAT in ASA Firewall
Basic ASA Configuration, NAT in ASA Firewall
 
Install dev stack
Install dev stackInstall dev stack
Install dev stack
 
OpenVPN
OpenVPNOpenVPN
OpenVPN
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic Networking
 
Passwordless login with unix auth_socket
Passwordless login with unix auth_socketPasswordless login with unix auth_socket
Passwordless login with unix auth_socket
 
NAT with ASA & ASA Security Context
NAT with ASA & ASA Security ContextNAT with ASA & ASA Security Context
NAT with ASA & ASA Security Context
 
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit ModeSetting up Cisco WSA Proxy in Transparent and Explicit Mode
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
 
Building Python Development Station
Building Python Development StationBuilding Python Development Station
Building Python Development Station
 
HTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesHTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy Tales
 
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxy
 
What is Firewall?
What is Firewall?What is Firewall?
What is Firewall?
 
How to setup your linux server
How to setup your linux serverHow to setup your linux server
How to setup your linux server
 
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet DevicesIETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
IETF 106 - Default IPv6 Local Only Addressing for Non-Internet Devices
 
Raw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on LinuxRaw Iron to Enterprise Server: Installing Domino on Linux
Raw Iron to Enterprise Server: Installing Domino on Linux
 
Factory setup wsa_9.2_v1.0
Factory setup wsa_9.2_v1.0Factory setup wsa_9.2_v1.0
Factory setup wsa_9.2_v1.0
 
Rabbit mq簡介(上)
Rabbit mq簡介(上)Rabbit mq簡介(上)
Rabbit mq簡介(上)
 

Destaque

Art1204 we don't need another hero the art of feminism
Art1204 we don't need another hero the art of feminismArt1204 we don't need another hero the art of feminism
Art1204 we don't need another hero the art of feminismProfWillAdams
 
Hum2220 sp2015 syllabus
Hum2220 sp2015 syllabusHum2220 sp2015 syllabus
Hum2220 sp2015 syllabusProfWillAdams
 
2009 Spring Newsletter
2009 Spring Newsletter2009 Spring Newsletter
2009 Spring NewsletterDirect Relief
 
La sociedad-civil-y-la-construccin-de-ciudadana
La sociedad-civil-y-la-construccin-de-ciudadanaLa sociedad-civil-y-la-construccin-de-ciudadana
La sociedad-civil-y-la-construccin-de-ciudadanalassershot
 
सुनामी
सुनामीसुनामी
सुनामी22456651
 
Β' ΤΑΞΗ ΥΛΗ ΕΞΕΤΑΣΕΩΝ 2016
Β' ΤΑΞΗ ΥΛΗ ΕΞΕΤΑΣΕΩΝ 2016Β' ΤΑΞΗ ΥΛΗ ΕΞΕΤΑΣΕΩΝ 2016
Β' ΤΑΞΗ ΥΛΗ ΕΞΕΤΑΣΕΩΝ 2016Katerina Arabatzi
 
Farallon risk group 20111107cs
Farallon risk group 20111107csFarallon risk group 20111107cs
Farallon risk group 20111107csShrutiSara
 
Mla citation guide & citation data forms
Mla citation guide & citation data formsMla citation guide & citation data forms
Mla citation guide & citation data formsProfWillAdams
 
I danni del fumo sono dovuti ai radicali liberi: è possibile contrastarli per...
I danni del fumo sono dovuti ai radicali liberi: è possibile contrastarli per...I danni del fumo sono dovuti ai radicali liberi: è possibile contrastarli per...
I danni del fumo sono dovuti ai radicali liberi: è possibile contrastarli per...CreAgri Europe
 
Ad group policy1
Ad group policy1Ad group policy1
Ad group policy1denogx
 
Hum2310 fa2015 proust questionnaire
Hum2310 fa2015 proust questionnaireHum2310 fa2015 proust questionnaire
Hum2310 fa2015 proust questionnaireProfWillAdams
 
Exploring Cloud Credentials for Institutional Use
Exploring Cloud Credentials for Institutional UseExploring Cloud Credentials for Institutional Use
Exploring Cloud Credentials for Institutional UseJeremy Rosenberg
 
Performance Metrics for your Build Pipeline - presented at Vienna WebPerf Oct...
Performance Metrics for your Build Pipeline - presented at Vienna WebPerf Oct...Performance Metrics for your Build Pipeline - presented at Vienna WebPerf Oct...
Performance Metrics for your Build Pipeline - presented at Vienna WebPerf Oct...Andreas Grabner
 
Errol morris essay
Errol morris essayErrol morris essay
Errol morris essaypkirk63
 
How to keep you out of the News: Web and End-to-End Performance Tips
How to keep you out of the News: Web and End-to-End Performance TipsHow to keep you out of the News: Web and End-to-End Performance Tips
How to keep you out of the News: Web and End-to-End Performance TipsAndreas Grabner
 

Destaque (20)

ΠΔ126
ΠΔ126ΠΔ126
ΠΔ126
 
Art1204 we don't need another hero the art of feminism
Art1204 we don't need another hero the art of feminismArt1204 we don't need another hero the art of feminism
Art1204 we don't need another hero the art of feminism
 
Hum2220 sp2015 syllabus
Hum2220 sp2015 syllabusHum2220 sp2015 syllabus
Hum2220 sp2015 syllabus
 
2009 Spring Newsletter
2009 Spring Newsletter2009 Spring Newsletter
2009 Spring Newsletter
 
La sociedad-civil-y-la-construccin-de-ciudadana
La sociedad-civil-y-la-construccin-de-ciudadanaLa sociedad-civil-y-la-construccin-de-ciudadana
La sociedad-civil-y-la-construccin-de-ciudadana
 
Presentation1
Presentation1Presentation1
Presentation1
 
सुनामी
सुनामीसुनामी
सुनामी
 
Β' ΤΑΞΗ ΥΛΗ ΕΞΕΤΑΣΕΩΝ 2016
Β' ΤΑΞΗ ΥΛΗ ΕΞΕΤΑΣΕΩΝ 2016Β' ΤΑΞΗ ΥΛΗ ΕΞΕΤΑΣΕΩΝ 2016
Β' ΤΑΞΗ ΥΛΗ ΕΞΕΤΑΣΕΩΝ 2016
 
Farallon risk group 20111107cs
Farallon risk group 20111107csFarallon risk group 20111107cs
Farallon risk group 20111107cs
 
Mla citation guide & citation data forms
Mla citation guide & citation data formsMla citation guide & citation data forms
Mla citation guide & citation data forms
 
I danni del fumo sono dovuti ai radicali liberi: è possibile contrastarli per...
I danni del fumo sono dovuti ai radicali liberi: è possibile contrastarli per...I danni del fumo sono dovuti ai radicali liberi: è possibile contrastarli per...
I danni del fumo sono dovuti ai radicali liberi: è possibile contrastarli per...
 
Ad group policy1
Ad group policy1Ad group policy1
Ad group policy1
 
Promo Snh Congres Zorgvastgoed
Promo Snh Congres ZorgvastgoedPromo Snh Congres Zorgvastgoed
Promo Snh Congres Zorgvastgoed
 
Mendelisme1
Mendelisme1Mendelisme1
Mendelisme1
 
Hum2310 fa2015 proust questionnaire
Hum2310 fa2015 proust questionnaireHum2310 fa2015 proust questionnaire
Hum2310 fa2015 proust questionnaire
 
Exploring Cloud Credentials for Institutional Use
Exploring Cloud Credentials for Institutional UseExploring Cloud Credentials for Institutional Use
Exploring Cloud Credentials for Institutional Use
 
Performance Metrics for your Build Pipeline - presented at Vienna WebPerf Oct...
Performance Metrics for your Build Pipeline - presented at Vienna WebPerf Oct...Performance Metrics for your Build Pipeline - presented at Vienna WebPerf Oct...
Performance Metrics for your Build Pipeline - presented at Vienna WebPerf Oct...
 
Wundt, w. (1897)
Wundt, w. (1897)Wundt, w. (1897)
Wundt, w. (1897)
 
Errol morris essay
Errol morris essayErrol morris essay
Errol morris essay
 
How to keep you out of the News: Web and End-to-End Performance Tips
How to keep you out of the News: Web and End-to-End Performance TipsHow to keep you out of the News: Web and End-to-End Performance Tips
How to keep you out of the News: Web and End-to-End Performance Tips
 

Semelhante a Pf sense 2.0

pfSense 2.2 Preview - pfSense Hangout November 2014
pfSense 2.2 Preview - pfSense Hangout November 2014pfSense 2.2 Preview - pfSense Hangout November 2014
pfSense 2.2 Preview - pfSense Hangout November 2014Netgate
 
Site-to-Site VPNs - pfSense Hangout November 2015
Site-to-Site VPNs - pfSense Hangout November 2015Site-to-Site VPNs - pfSense Hangout November 2015
Site-to-Site VPNs - pfSense Hangout November 2015Netgate
 
Remote Access VPNs - pfSense Hangout September 2015
Remote Access VPNs - pfSense Hangout September 2015Remote Access VPNs - pfSense Hangout September 2015
Remote Access VPNs - pfSense Hangout September 2015Netgate
 
TP Link Load Balancer.pptx
TP Link Load Balancer.pptxTP Link Load Balancer.pptx
TP Link Load Balancer.pptxPrakash Singh
 
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...Cloud Native Day Tel Aviv
 
Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Arthur Berezin
 
Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014Netgate
 
6WINDGate™ - Enabling Cloud RAN Virtualization
6WINDGate™ - Enabling Cloud RAN Virtualization6WINDGate™ - Enabling Cloud RAN Virtualization
6WINDGate™ - Enabling Cloud RAN Virtualization6WIND
 
NetScaler and advanced networking in cloudstack
NetScaler and advanced networking in cloudstackNetScaler and advanced networking in cloudstack
NetScaler and advanced networking in cloudstackDeepak Garg
 
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018Netgate
 
CentOS NFV SIG Introduction and Update
CentOS NFV SIG Introduction and UpdateCentOS NFV SIG Introduction and Update
CentOS NFV SIG Introduction and UpdateTom Herbert
 
6WINDGate™ - Enabling NFV for Telco Architectures
6WINDGate™ - Enabling NFV for Telco Architectures6WINDGate™ - Enabling NFV for Telco Architectures
6WINDGate™ - Enabling NFV for Telco Architectures6WIND
 
66 pfsense tutorial
66 pfsense tutorial66 pfsense tutorial
66 pfsense tutorialequinonesr
 
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...OpenStack Korea Community
 
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebula Project
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverTomaz Muraus
 

Semelhante a Pf sense 2.0 (20)

pfSense 2.2 Preview - pfSense Hangout November 2014
pfSense 2.2 Preview - pfSense Hangout November 2014pfSense 2.2 Preview - pfSense Hangout November 2014
pfSense 2.2 Preview - pfSense Hangout November 2014
 
Site-to-Site VPNs - pfSense Hangout November 2015
Site-to-Site VPNs - pfSense Hangout November 2015Site-to-Site VPNs - pfSense Hangout November 2015
Site-to-Site VPNs - pfSense Hangout November 2015
 
Remote Access VPNs - pfSense Hangout September 2015
Remote Access VPNs - pfSense Hangout September 2015Remote Access VPNs - pfSense Hangout September 2015
Remote Access VPNs - pfSense Hangout September 2015
 
TP Link Load Balancer.pptx
TP Link Load Balancer.pptxTP Link Load Balancer.pptx
TP Link Load Balancer.pptx
 
66 pf sensetutorial
66 pf sensetutorial66 pf sensetutorial
66 pf sensetutorial
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorial
 
Run Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkRun Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT Network
 
Varnish SSL / TLS
Varnish SSL / TLSVarnish SSL / TLS
Varnish SSL / TLS
 
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
Livnat Peer & Arthur Berezin, Red Hat - Neutron High Availability - OpenStack...
 
Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015Neutron high availability open stack architecture openstack israel event 2015
Neutron high availability open stack architecture openstack israel event 2015
 
Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014Intro to Multi-WAN - pfSense Hangout April 2014
Intro to Multi-WAN - pfSense Hangout April 2014
 
6WINDGate™ - Enabling Cloud RAN Virtualization
6WINDGate™ - Enabling Cloud RAN Virtualization6WINDGate™ - Enabling Cloud RAN Virtualization
6WINDGate™ - Enabling Cloud RAN Virtualization
 
NetScaler and advanced networking in cloudstack
NetScaler and advanced networking in cloudstackNetScaler and advanced networking in cloudstack
NetScaler and advanced networking in cloudstack
 
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
Routed IPsec on pfSense 2.4.4 - pfSense Hangout June 2018
 
CentOS NFV SIG Introduction and Update
CentOS NFV SIG Introduction and UpdateCentOS NFV SIG Introduction and Update
CentOS NFV SIG Introduction and Update
 
6WINDGate™ - Enabling NFV for Telco Architectures
6WINDGate™ - Enabling NFV for Telco Architectures6WINDGate™ - Enabling NFV for Telco Architectures
6WINDGate™ - Enabling NFV for Telco Architectures
 
66 pfsense tutorial
66 pfsense tutorial66 pfsense tutorial
66 pfsense tutorial
 
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
 
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. MonteroOpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
OpenNebulaConf2015 1.10 OpenNebula Networking: SDNs & NFVs - Ruben S. Montero
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 server
 

Mais de OpenFest team

Embedding FreeBSD: for large and small beds
Embedding FreeBSD: for large and small bedsEmbedding FreeBSD: for large and small beds
Embedding FreeBSD: for large and small bedsOpenFest team
 
Why you can charge for open source software
Why you can charge for open source softwareWhy you can charge for open source software
Why you can charge for open source softwareOpenFest team
 
Microinvest Warehouse Open
Microinvest Warehouse OpenMicroinvest Warehouse Open
Microinvest Warehouse OpenOpenFest team
 
Как да правим по-добър бизнес с услуги около софтуера с отворен код
Как да правим по-добър бизнес с услуги около софтуера с отворен кодКак да правим по-добър бизнес с услуги около софтуера с отворен код
Как да правим по-добър бизнес с услуги около софтуера с отворен кодOpenFest team
 
Електронни пари: Пътят до BitCoin и поглед напред
Електронни пари: Пътят до BitCoin и поглед напредЕлектронни пари: Пътят до BitCoin и поглед напред
Електронни пари: Пътят до BitCoin и поглед напредOpenFest team
 
Виртуализирано видеонаблюдение под FreeBSD
Виртуализирано видеонаблюдение под FreeBSDВиртуализирано видеонаблюдение под FreeBSD
Виртуализирано видеонаблюдение под FreeBSDOpenFest team
 
RFID технологии и проблеми със сигурността им
RFID технологии и проблеми със сигурността имRFID технологии и проблеми със сигурността им
RFID технологии и проблеми със сигурността имOpenFest team
 
Redis the better NoSQL
Redis the better NoSQLRedis the better NoSQL
Redis the better NoSQLOpenFest team
 
Свободни PLC
Свободни PLCСвободни PLC
Свободни PLCOpenFest team
 
Distributed WPA PSK security audit
Distributed WPA PSK security auditDistributed WPA PSK security audit
Distributed WPA PSK security auditOpenFest team
 
Why kernelspace sucks?
Why kernelspace sucks?Why kernelspace sucks?
Why kernelspace sucks?OpenFest team
 
Направи си сам суперкомпютър
Направи си сам суперкомпютърНаправи си сам суперкомпютър
Направи си сам суперкомпютърOpenFest team
 
Свободни курсове за обучение
Свободни курсове за обучениеСвободни курсове за обучение
Свободни курсове за обучениеOpenFest team
 
Using Open Source technologies to create Enterprise Level Cloud System
Using Open Source technologies to create Enterprise Level Cloud SystemUsing Open Source technologies to create Enterprise Level Cloud System
Using Open Source technologies to create Enterprise Level Cloud SystemOpenFest team
 
Behaviour-Driven Development, Ruby Style
Behaviour-Driven Development, Ruby StyleBehaviour-Driven Development, Ruby Style
Behaviour-Driven Development, Ruby StyleOpenFest team
 

Mais de OpenFest team (20)

Embedding FreeBSD: for large and small beds
Embedding FreeBSD: for large and small bedsEmbedding FreeBSD: for large and small beds
Embedding FreeBSD: for large and small beds
 
Why you can charge for open source software
Why you can charge for open source softwareWhy you can charge for open source software
Why you can charge for open source software
 
Microinvest Warehouse Open
Microinvest Warehouse OpenMicroinvest Warehouse Open
Microinvest Warehouse Open
 
Backbone.js
Backbone.jsBackbone.js
Backbone.js
 
Как да правим по-добър бизнес с услуги около софтуера с отворен код
Как да правим по-добър бизнес с услуги около софтуера с отворен кодКак да правим по-добър бизнес с услуги около софтуера с отворен код
Как да правим по-добър бизнес с услуги около софтуера с отворен код
 
Електронни пари: Пътят до BitCoin и поглед напред
Електронни пари: Пътят до BitCoin и поглед напредЕлектронни пари: Пътят до BitCoin и поглед напред
Електронни пари: Пътят до BitCoin и поглед напред
 
Node.social
Node.socialNode.social
Node.social
 
Виртуализирано видеонаблюдение под FreeBSD
Виртуализирано видеонаблюдение под FreeBSDВиртуализирано видеонаблюдение под FreeBSD
Виртуализирано видеонаблюдение под FreeBSD
 
RFID технологии и проблеми със сигурността им
RFID технологии и проблеми със сигурността имRFID технологии и проблеми със сигурността им
RFID технологии и проблеми със сигурността им
 
Redis the better NoSQL
Redis the better NoSQLRedis the better NoSQL
Redis the better NoSQL
 
initLab
initLabinitLab
initLab
 
Свободни PLC
Свободни PLCСвободни PLC
Свободни PLC
 
Distributed WPA PSK security audit
Distributed WPA PSK security auditDistributed WPA PSK security audit
Distributed WPA PSK security audit
 
Aesaes
AesaesAesaes
Aesaes
 
Why kernelspace sucks?
Why kernelspace sucks?Why kernelspace sucks?
Why kernelspace sucks?
 
Направи си сам суперкомпютър
Направи си сам суперкомпютърНаправи си сам суперкомпютър
Направи си сам суперкомпютър
 
Свободни курсове за обучение
Свободни курсове за обучениеСвободни курсове за обучение
Свободни курсове за обучение
 
Using Open Source technologies to create Enterprise Level Cloud System
Using Open Source technologies to create Enterprise Level Cloud SystemUsing Open Source technologies to create Enterprise Level Cloud System
Using Open Source technologies to create Enterprise Level Cloud System
 
Emacs reborn
Emacs rebornEmacs reborn
Emacs reborn
 
Behaviour-Driven Development, Ruby Style
Behaviour-Driven Development, Ruby StyleBehaviour-Driven Development, Ruby Style
Behaviour-Driven Development, Ruby Style
 

Último

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 

Último (20)

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 

Pf sense 2.0

  • 1. pfSense 2.0 pfSense 2.0 Shteryana Shopova OpenFest, Sofia November, 2011
  • 2. pfSense - Introduction ● FreeBSD-based open-source distribution for firewalls and routers ● Started in 2004 based on m0n0wall ● Powerful and flexible firewalling and routing platform ● Versions ● Legacy 1.2.3 ● Latest stable – 2.0 – released 17th September, 2011
  • 3. pfSense - Applications pfSense 2.0 ● Firewall (incl. redundant setups) ● SOHO Router ● WAN Router ● Wireless Access Point/Captive Portal ● VPN Appliance (OpenVPN, IPSec, L2TP, PPTP) ● VoIP Appliance (FreeSWITCH) ● Sniffer appliance ●
  • 4. System Requirements pfSense 2.0 ● 100Mhz Pentium CPU, 128MB RAM, 1GB Hard driver/512MB CF card (embedded) ● Throughput ● 10-20Mbps – 266Mhz CPU ● 21-50Mbps – 500Mhz CPU ● 51-200Mbps – 1GHz CPU ● 201-500Mbps – 2.0Ghz CPU, PCI-e network adapters ● 501Mbps+ - server-class hardware, 3.0Ghz CPU, PCI-X/PCI-e network adapters ● Features/Installed Packeges ● VPN – CPU resource and/or HW entcyption, 500Mhz CPU for 10Mbps IPSec ● Captive Portal - CPU resource ● Large state tables – 1Кb RAM per conection ● Packages – additional RAM - snort, ntop, etc – at least 512Mb RAM
  • 5. pfSense - Features pfSense 2.0 ● pf firewall from OpenBSD ● Stateful filtering of IP, UDP and TCP streams based on various parameters ● Max connections limit per rule, selective logging per rule ● Filtering based on OS ● Policy routing ● Transperent L2 filtering, Traffic normalization ● NAT and Load balancing ● Redundancy – carp and pfsync ● WebUI ● Package management ● Update & configuration management
  • 6. NewpfSense 2.0 2.0 Features in ● New instalation options ● New interface types ● GRE and GIF tunnels ● Dial-up modem and Multi-link PPP ● 3G, VAP and more wireless cards supported ● LAGG ● Bridging enhancements ● Multiple gateways (dynamic) & Multi- WAN ● WebGUI improvements – HTTPS, context help menus
  • 7. NewpfSense 2.0 Features (cont.) ● Firewall ● Layer 7 filtering ● Traffic shaper rewritten ● EasyRule ● Extended advanced rule options ● Extended NAT options ● Rule scheduling handled by pf ● State summary view & real-time stats in WebUI
  • 8. NewpfSense 2.0VPN Features - ● L2TP VPN added ● IPSec ● Ipsec-tools 0.8 ● Mobile IPSec works with Android/iPhone ● OpenVPN ● Remote access configuration wizzard ● Client export package ● OpenVPN Status page
  • 9. pfSense2.0 New in 2.0 ● User management ● Local database ● LDAP ● Raduis ● Authentication diagnostics ● Cert manager ● Config history ● diff, download, descriptions
  • 10. Available packages pfSense 2.0 ● Advanced routing ● OpenBGPD, OpenOSPFD ● Telephony ● FreeSWITCH, SIP Proxy ● Network Management ● Zabbix, nagios ● Network diagnostics ● Bandwithd, rated, iperf, nmap, pfflowd ● Web proxy ● Squid, squidGuard, LightSquid, HAVP Antivirus ●
  • 11. Planned releases - 2.0.1 pfSense 2.0 ● http://redmine.pfsense.org ● Maintenance release ● Expected - ??? ● Status - ~ 20% issues fixed
  • 12. Planned releases - 2.1 pfSense 2.0 ● The big step - IPv6 ● pf, carp, traffic shaper, load balancer, captive portal, DHCPv6, PPPoE, PPTP ● Packages' updates ● New Varnish package ● cryptodev support ● Improved policy routing & route metrics ● Super vlan (RFC 3069)
  • 13. PfSense 2.0 webUI menus pfSense 2.0 DEMO