How Good is pfSense?

About six months ago, I started using pfSense (uses FreeBSD) for my main router. I have been very pleased with it and will share a short description of my experiences with it.

Please take note this is not a “how-to” tutorial on installing pfSense. I am just giving my general opinions and experiences with using pfSense.

Install Procedure

The install has two different paths. 1) A quick install, or 2) a more detailed, custom install. I just went ahead and used the quick install. The actual installation took about 3-4 minutes to complete. The process was quick and painless.

Initial Setup

After pfSense installs and reboots, you will have the opportunity to tell pfSense which network card is for your WAN and which network card is for your LAN connections – all basic, routine information a router needs to know.

pfSense will give you the opportunity to setup a VLAN if needed. I had no problems with this part of the setup.

General Router Configuration

You can now access (via a web browser) the newly installed pfSense router using the default local (LAN) IP address pfSense assigned you.

Once in, you will need to modify the router’s basic settings (e.g. WAN settings, LAN settings, etc.). Having your old router configuration with you while setting up your new router helps a lot.

I setup a VPN (using OpenVPN) to my place of work. This has helped a lot in providing a safe and encrypted mechanism to transfer data between home and work.

I also assigned static IP addresses to the different computers at the location.

Powerful Gateway Control

pfSense gives you total control over your firewall’s gateway. For example, let’s say I have the following local networks: 10.x, 11.x, and 12.x Each of these networks are sand-boxed from each other for extra security.

Now let’s say I have computers on the 11.x network that only need to process data locally (e.g. computers that render 3d animated graphics). They have no need to use the Internet at all. All their work is assigned via a local computer.

I can now go to pfSense and tell it not to allow the 11.x network through the Internet gateway. So now I have the 10.x and 12.x networks with Internet, while the 11.x has absolutely no Internet access. This is a very good and effective way to secure important workstations from an outside attack.

I am pretty sure none of the consumer-grade routers you can purchase from your local retailer will have this ability out-of-the-box.

Backup and Restore

pfSense allows you to backup your entire router configuration. You can restore at any time you need to.

Upgrades

pfSense seamlessly upgrades to newer versions, keeping your previous configuration. This is one of the reasons I enjoy using pfSense. No more wasting time fixing configurations due to a system update.

I used to use OpenWRT (a Linux-based router OS) that required a complete reconfiguration, every…single…upgrade (no joke). I about had a heart-attack when I found this out. OpenWRT definitely was not a good fit for me.

Overall Opinion of pfSense

I am very pleased with pfSense. I have had almost zero trouble with it. pfSense handles many Internet connections well, allows for major flexibility in configuring my networks, and works perfectly with SSD drives.

If you want a extremely powerful router, but do not want to shovel out the money to buy a commercial setup, pfSense gives you a really great alternative.

To sum it up, pfSense is a great solution, open source, and available for free. I recommend you try it out for yourself. Click here to go to pfSense’s home webpage.


Posted in Internet and Servers, Operating Systems, Software