pfSense is a FreeBSD-based firewall tailored for use as a firewall and router. The project started in 2004 as a fork of the m0n0wall project, but focused towards full PC installations rather than the embedded hardware focus of m0n0wall.
Although mainly deployed as a perimeter firewall, pfSense is versatile enough to fill many types of deployments. Here is a short list of common deployments:
- Perimeter Firewall - As discused earlier, this is by far the most common deployment for pfSense.
- Router - Due to the ability to load balance connections and provide failover capabilities, pfSense makes for an ideal choice for a DIY Router for the SMB market.
- Wireless Access Point - With the ability of Captive Portal within it, pfSense can easily be deployed as a wireless hotspot solution.
- Special purpose appliance - Some users have decided to utilize pfSense in a unique way to helpfulfill their unique needs.
- VPN Appliance
- Sniffer Appliance
- Dedicated DHCP server
- Dedicated DNS server
pfSense includes almost all the features in expensive commercial firewalls, and more in many cases. Here is a list of features taken from the pfSense Features page.
- State Table
- CARP- CARP from OpenBSD allows for hardware failover. Two or more firewalls can be configured as a failover group. If one interface fails on the primary or the primary goes offline entirely, the secondary becomes active. pfSense also includes configuration synchronization capabilities, so you make your configuration changes on the primary and they automatically synchronize to the secondary firewall.
- pfsync - pfsync ensures the firewall's state table is replicated to all failover configured firewalls. This means your existing connections will be maintained in the case of failure, which is important to prevent network disruptions.
- Outbound and Inbound load balancing
- VPN - IPsec, OpenVPN, PPTP
- PPPoE Server
- RRD Graphs Reporting
- Real Time Information - Using AJAX
- Dynamic DNS
- Captive portal
- DHCP Server and Relay
- Live CD Version Available
Step 1:Install Pfsense from CD
Step 2:enable vlan or no(I choose "no")
Step 3:enter the lan interface name
Step 4:enter the wan interface name
Step 5: enter
Step 6 type "y"
Step 7: setup ip adrress as Diagram
III/LOAD BALANCE WEB
Step 8:Set up Load Balancing Pool
The first thing to do is create a pool (Services > Load Balancer > Add).
Step 9:Set up virtual server
Adding a new Virtual Server (Services > Load balancer > Virtual Servers > Add )
Step 10: Set up virtual ip address
Adding a new Virtual IP (Firewall > Virtual IPs > Add )
Step 11:Create Nat(Firewall > Nat > Add)
Note: open port 80 from Internet access to 192.168.0.5 and 192.168.0.6
Step 12:Access to http://192.168.20.204/ and check status load balance
Step 13:Disconnect 192.168.0.5 Access to http://192.168.20.204/ and check status load balance
As LOAD balance but choose Failover
Besides pfsense can create cluster fail over firewall and load balance outbound