Vally123 I use CyberGhost VPN for $30 a year 1 PC unlimited server access and no logs. It also works with Netflix and online gaming but with a extra 20ms on ping latency. It is not at the router level though since it runs on software GUI.
I use CyberGhost as well, but I fail to see how this has any relevance to this comment thread!? BTW, Cyberghost *does* work on a router level, you just have to know what you are doing. They will just give you an openvpn configuration file in your account section if you choose to download one.
Omg. I knew I could count on you Wendell, Ryan, and Krista. Nobody on TH-cam has a proper guide for VPN client on the router. Most guides are for old pfSense versions or didn't work for me. :) Thanks for the vid! :)
I love these pfSense and Linux-based tutorial and discussion videos. They're what differentiate this channel from the dime-a-dozen tech channels out there. I'd love to see a video on how to get Linux gaming up and running to completely abandon Windows. I'm an intermediate skilled user with Linux, but even I couldn't get the graphics drivers for my 1080 to work reliably. Keep up with these awesome videos.
Geopirate3 I'm most familiar with Ubuntu, but I've tried with Linux Mint and a couple of other Debian-based distributions. And yes I used the proprietary drivers (both for CPU and GPU), but screen tearing and dropped frames are always rampant every time I reattempt Linux gaming on every build I try it on.
The thing with Linux is sometimes the distros that do things for you, don't do things properly. Maybe check out using real Debian? Version 9 is in RC status but it's more than stable enough for regular use.
Awesome guide. I've already tested this with my VPN provider. Works like a charm. Whats also a cool option is setup a separate VLAN which will use the VPN connection, connect a WiFi access point to that Vlan, so whenever you connect to that WiFi you will go over the VPN tunnel.
Two things are preventing me from running it at the router level: 1. online gaming and 2. Plex. Definitely want to see the next video about how to pass certain traffic over VPN vs. regular connection.
As a long time PFSense user I think there is great value in these videos, so many PFSense videos are for much older versions and no longer relevant. I would be very interested in seeing how you go about making whitelist for Netflix/Steam etc, I have never been able to get these to work well.
Great work folks, very informative. Eventually, an episode on installing and basic configuration of SNORT on pfSense would be great. SNORT seems like a fantastic product but a bit complex for happy-home-owner.
Would be awesome to setup Bro or Snort with PFSense and then a video for on open source log analysis... Or perhaps a video on setting up traffic queues for VOIP/Streaming/Kodi etc, network antivirus, or OpenVPN server for secure remote access into the home network.
Only issue I have with pfsense is upload QoS thats the ONLY thing I need working but It never works, always limits the upload speed like it does, BUT still causes high ping/lag/bufferbloat despite limiting my upstream. Whilest it works fine with any consumer router or my EdgeRouter X
great video, hope you guys really make more in-depth guides like these for a lot of other things. The way you guys go about approaching the material in these types of videos is great. Keep it up.
When you can't trust the Senate, you can trust Wendell. Can't wait for the exceptions video so to limit my exposure yet enjoy specific services. I'd like this to be done with other semi pro routers like Miktrotik and Ubiquiti. Also a HTTPS everywhere tutorial so I can connect to my NAS without needing to manually add exceptions.
QuickQuips or you can be proactive and learn to do it yourself. that way you actually understand what's going on rather than clicking where Wendell tells you to click. It's a good idea to learn PKI and networking.
Mikrotik are carrier grade routers... We have implemented Mikrotik cloud core routers for Metropolitan sized WISP networks all over the USA. However, until the next version its not worth using them for OpenVPN because they only support TCP
Well, there is a VPN tab for Ubiquiti, it's not that I don't know how to do it, but it'd be good for others who also have these higher caliber routers. help.ubnt.com/hc/en-us/articles/204949694-EdgeRouter-OpenVPN-Site-to-Site
Thanks for these pfsense videos; I think it's going to enable me to set this up on my home network. When you get around to further videos, can you briefly comment on how to add/setup your home wireless network with this? Is it as simple as just plugging in your wireless router to an opt port or ethernet switch? My home has a LOT of wireless devices (laptops, cell phones, distant desktops, etc) and the primary motivation for me moving to router level VPN is to get all of those behind the VPN.
Finally some recognition for VyprVPN. I use it on my router, and on my phone when I'm off of my home network. I did find them when I signed up for giganews. But I kept them after I cancelled my giganews account. i really enjoy VpyrVPN.
Would like to see methods of having real time stats of the system and possibly data for all the devices on the network displayed. Or maybe how to setup a failover setup.
If you use Nyr/Angristan's OVPN creator for your VPS, then everything Wendell did is fine except you need to use the client cert Nyrs bash script provides, or add the pfSense internal CA and Cert into the OVPN VPS and use the TLS key either Nyrs bash script creates or add the TLS certs to your OVPN server config. Other than that it's fine.
Nice video! My two cents: I think most of the 6-minute intro should have been after the demo : definitely the parts about affiliate links, NAT rules, DNS concerns, and even maybe the detailed "why"s.
nice. Looking forward to your exclusions in the next part.... interested in how to exclude items such as the mentioned NetFlix and also how to exclude RoKu boxes behind the router.
Really looking forward to your next video regarding firewall rules, as many guides from PIA, Vypr, nord, etc all conflict for various reasons. Some claim the firewall rules can cause the VPN not to connect etc.
For a VPN on pfsense, I use a VPS and created a VPN server on it, as it has high speed and high bandwidth compared to any VPN provider as well as port forward whatever port i need to my local servers as port forwarding is blocked by default by ISPs in my country. in addition to VPN to utilize the pfblockerNG with multiple block lists blocking every single ad and malware on the network. As well as squid caching that scans everything with clamAV for viruses specially when browsing suspicious sites or torrent sites.
I am more interested in VPN for remote access to my network and protecting my wifi when on the road. I work away from homes and use an IPSEC connection to pfSense now. It's set up to allow WAN access. My biggest issue is accessing the local network. Mainly my FreeNAS server from phones. Not an issue on laptops, but it's hard t find mobile apps that allow me to use an IP to connect to devices. The issue is having to use a different subnet for the IPSEC from the local network. Now, is there a better way to setup the VPN or maybe a firewall rule(s) I can use to make the subnets access each other more seamlessly? I feel this should be a simple fix and I am just overlooking something.
you can just create a PPTP server on your pfsense and bridge that to your local network. with that, you get the same IP as your LAN and you can get access to any network services in your home. You can do the same thing with OpenVPN by bridging the interface to your LAN.
Chad Bremer Is it a problem where the apps only want to search for the servers? You might need to find out how to forward broadcasts between the LAN and VPN in that case. Or if they don't like IPs but are OK with hostnames, you may want to set up a local internal DNS server. Edit - yeah, just bridge IPSec to LAN if it lets you. Same effect as the broadcast forward (but more traffic will pass over it).
In a nutshell, yes. Most mobile apps seem to only want to discover servers on the network but won't let you put in an IP or hostnames. At least of the ones I have tried. I can't even find a good file manager that allows me to punch in details. I already have local DNS running and it works fine when I can use it. Any computer for example or accessing router and FreeNAS web GUI from any browsers, even mobile. The one app I have working is an SMB syncing app. It allows custom IP/host entry. So I can sync pics, vids, whatever I want from on the road. I just can not use it to browse files. I can browse if on the local wifi since discovery works, obviously. Trying to make it as simple as possible so my family has easy access. It's hard enough getting people to just turn the VPN on when on wifi outside the home.
Would like to point out that if your not using pfSense as your router check if the router you are trying to do this with can be a OpenVPN client. For example, my Sophos UTM can not be setup as a VPN client without modifications which if you have Enterprise support can void your warranty. Long story short this setup is not possible.
I know this is a very old video at this point, but It would be really nice to get more info around how FAST pfSense router actually is. I have ExpressVPN and run their custom version of OpenWRT which allows me to do something similar with an off-the-shelf Linksys router. The only problem is that when the VPN is connected it is SLOW. I have Gigabit internet, but get wired ethernet speeds under 50 Mbps! AES-256 encryption is just way too much for a consumer router I guess? If I got a dedicated pfSense router, would it be much faster, or could I just end up with essentially the same speeds because the connection is only going to be as fast as my VPN service?
I would love to see a tutorial for the packet BindDNS for pfsense. I want to move my dns server off my home server to my router. You guys are awesome, thanks for the great videos.
don't some vpn providers pay for faster lines through the local ISP's? Thats what i read on howtogeek.. I was testing ping and it seemed like it was faster so it makes me think it's somewhat true. maybe it depends on what vpn.. I'm user safervpn
Sorry guys you were to late because I already configured VPN on my pfSense machine 2 weeks ago. Still a very nice video! Could you guys do a follow up about LightSquid caching?
When you were speaking about a secure computer that you use for banking, your exact words were " running a really secure version of Linux " What version(s) would you consider to be the most secure. This is a top is re-visit over and over. I know Tails is really good for security and I liked MOFO Linux which seemed secure and aesthetically pleasing. If you could make some suggestions I value your opinion.
So the whole point of this is you'll end up getting random non-targets ads you're likely not interested in. So you're still getting the ads, do i'd rather just block that.
snort would be interesting. dyndns+openvpn on for my mobile device. monitoring and analyze traffic in general. I would like to see what connections are established besides when I visit a single site. blocking certain sites: porn, drugs etc in general and how good does it work. I think its easy with squid but but doesn't work very good. there are also two different types of squid I don't get the difference. also we have mostly 3 local telephone numbers from our ISP and the default router we get do also the entire sip stuff. I think alot of people don't want to loose this when switching to pfsense. not sure if Asterix works on pfsense cuz still needing the crap ISP router for telephone also means no external ISP address on WAN of the pfsense. I have an eye on the new APUs from PC engines what do you guys think about it. seems ideal fit
Can you also make a video about putting a VPN on a spare router and connecting it to your primary router (pfsense) so that you effectively have two wireless networks, one that goes through the VPN and the other that's normal?
I get what you are doing. But I need more examples shown of how to configure the outbound/inbound so I can specify stuff like Blizzard to not use the vpn.
I think it is possible to use VirtualBox as a pfsense router if you have three LAN ports on your PC. LAN 1 as WAN port em0 for modem connection. LAN 2 em1 for switch connection and LAN 3 to connect cable coming from switch for internet access. If you don't have switch, you connect LAN 2 and 3 directly with cross crimped cable. You must set all Network Adapters as Bridged Adapter in VirtualBox Network settings. Will this work?
Love your videos, and thanks! Suggestion for video: How about a video on setting up EAP-TLS authentication via FreeRadius plugin in pfSense, to secure my SOHO all-linux network from MITM/rogue AP attacks?
What purpose did creating the internal certificate serve when setting up PIA? Their instructions don't include that step and you had to enter your username and password anyways?
Dave's Not Here served no purpose. The VPN provider won't trust your client cert. It even says that in the drop-down, that you don't need a client cert if using username and password. The whole idea of the client cert is to authenticate the user. The user would have a cert from your CA that they have the private key to. What they did is meaningless and I'd bet if you look at the logs it is ignored.
Could you do a video on setting up pfsense in a virtual machine on say, esxi? I have an old server that i'd love to use as a router, but also with other things, because 24 cores is a bit overkill for just routing, and setting up a esxi server on it and using that to do routing as well as other things would be great.
I know its not what you asked but I personally this thing called Pihole that tunnels your DNS traffic through a raspberry pi or linux computer, filters the ads, and then lets the other traffic through. I love it.
I tried to setup a VPN in pfSense to tunnel all P2P traffic through it and non of the rest of the traffic to keep speeds up for things like gaming and simple browsing, couldn't get it to work. Although I didn't spend that much time on it and only gave it one shot with an old guide, gave up because i couldn't find other guides. That would be the bee's knee's if you guys make a tutorial on something like that.
Any plans for the follow up on how to only pass some traffic over the VPN ? That was cool but show me how to do some cool shit with the VPN/pfSense ... 😂 Thanks for all your content !
what i don't like is the fact the Antivirus was removed as a package, so i guess another section on your pfsense is how to PROPER setup pfblocker as I don't think mine is doing zero.
I know this is a REALLY OLD VIDEO. With that being said, I would love a video on how to completely anonymize yourself while using the web. Accessing region blocked web content would be another video I would love to see.
Have you noticed a speed difference with and without the VPN? My connection speed is a third when I have the whole router on the VPN vs just one computer.
So is it okay to use those free anti virus programs like Avast, AVG, or are you way more secure if you upgrade to one of their paid services? I know the question is a litter off topic, but still in that general security field.
How safe is it when you have your router change locations everyday? One day your in one location the next day you are in another? Is this safer than leaving it alone?
@Level1Linux What's your stance on using OPNsense or VyOS (formerly Vyatta) instead of PFsense? Yes I know VyOS is CLI only, but as far as I can tell it's damn powerful. Maybe that's worth the hassle ? OPNsense is just a fork of PFsense, I know. But is it up to the task, do they deliver?
A video to make a vpn server VM on your server that you can connect certain devices to connect to the VPN while others do not as per the intro to this video would be great.
If you're just running Openvpn on your pfsense install then you will still be routing all your traffic unecrypted via your ISP, with a third party VPN the connection is encrypted from your router to the remote server and then onto the internet
I think I need to learn about networking first. There are so many levels and evrytime i install someting I have no idea which function it has Any good networking playlist reocmmended?
If McDonalds were next to the on-ramp of the highway, you just took the on-ramp thinking it lead to McDonalds.. you can add exceptions to your routing! If you want fast response between your gamepad and game server, A and B, you dont add a VPN to mask your location, A-C-B.. more stops mean more confusion to the bank!
Please give us more of these tutorials soon, I don't want to wait several months for each of these xD
Agreed
Agreed.
yes please.
Vally123 I use CyberGhost VPN for $30 a year 1 PC unlimited server access and no logs. It also works with Netflix and online gaming but with a extra 20ms on ping latency. It is not at the router level though since it runs on software GUI.
I use CyberGhost as well, but I fail to see how this has any relevance to this comment thread!? BTW, Cyberghost *does* work on a router level, you just have to know what you are doing. They will just give you an openvpn configuration file in your account section if you choose to download one.
Omg. I knew I could count on you Wendell, Ryan, and Krista. Nobody on TH-cam has a proper guide for VPN client on the router. Most guides are for old pfSense versions or didn't work for me. :) Thanks for the vid! :)
I love these pfSense and Linux-based tutorial and discussion videos. They're what differentiate this channel from the dime-a-dozen tech channels out there. I'd love to see a video on how to get Linux gaming up and running to completely abandon Windows. I'm an intermediate skilled user with Linux, but even I couldn't get the graphics drivers for my 1080 to work reliably. Keep up with these awesome videos.
What distro are you using and are you using the proprietary drivers?
Geopirate3 I'm most familiar with Ubuntu, but I've tried with Linux Mint and a couple of other Debian-based distributions. And yes I used the proprietary drivers (both for CPU and GPU), but screen tearing and dropped frames are always rampant every time I reattempt Linux gaming on every build I try it on.
What if you installed Vulkan tools and drivers and used it for gaming?
Mystic Bardock LSSGSS I never thought to try that. The only game I care about is Rocket League, and I'm not sure that they even use Vulkan.
The thing with Linux is sometimes the distros that do things for you, don't do things properly. Maybe check out using real Debian? Version 9 is in RC status but it's more than stable enough for regular use.
Awesome guide. I've already tested this with my VPN provider. Works like a charm. Whats also a cool option is setup a separate VLAN which will use the VPN connection, connect a WiFi access point to that Vlan, so whenever you connect to that WiFi you will go over the VPN tunnel.
Two things are preventing me from running it at the router level: 1. online gaming and 2. Plex. Definitely want to see the next video about how to pass certain traffic over VPN vs. regular connection.
God damn it, I love this channel so much. It's just free of all the things I hate about majority of TH-cam tech channels.
This is some of the most high-quality pfSense/networking content on planet earth. Very good job L1T team!
Been using this for 2 years on a separate pfSense VM for 2 Linux VMs for p2p traffic. Works like a charm.
As a long time PFSense user I think there is great value in these videos, so many PFSense videos are for much older versions and no longer relevant. I would be very interested in seeing how you go about making whitelist for Netflix/Steam etc, I have never been able to get these to work well.
Great work folks, very informative.
Eventually, an episode on installing and basic configuration of SNORT on pfSense would be great. SNORT seems like a fantastic product but a bit complex for happy-home-owner.
1:55 i dont think ive ever heard wendell swear before
LOL, as soon as I herd you guys talk about the ruling I did this that night!! I love PFsense!
Would be awesome to setup Bro or Snort with PFSense and then a video for on open source log analysis... Or perhaps a video on setting up traffic queues for VOIP/Streaming/Kodi etc, network antivirus, or OpenVPN server for secure remote access into the home network.
Would love a long pfSense series! Great video and show. Looking forward to the next and hoping to see videos on packages like Snort and Squid
Only issue I have with pfsense is upload QoS thats the ONLY thing I need working but It never works, always limits the upload speed like it does, BUT still causes high ping/lag/bufferbloat despite limiting my upstream. Whilest it works fine with any consumer router or my EdgeRouter X
great video, hope you guys really make more in-depth guides like these for a lot of other things. The way you guys go about approaching the material in these types of videos is great. Keep it up.
When you can't trust the Senate, you can trust Wendell. Can't wait for the exceptions video so to limit my exposure yet enjoy specific services.
I'd like this to be done with other semi pro routers like Miktrotik and Ubiquiti. Also a HTTPS everywhere tutorial so I can connect to my NAS without needing to manually add exceptions.
Yeap, Rand Paul has truly lost my respect.
QuickQuips or you can be proactive and learn to do it yourself. that way you actually understand what's going on rather than clicking where Wendell tells you to click.
It's a good idea to learn PKI and networking.
Mikrotik are carrier grade routers... We have implemented Mikrotik cloud core routers for Metropolitan sized WISP networks all over the USA. However, until the next version its not worth using them for OpenVPN because they only support TCP
Wendell is the senate ! #prequelmemes
Well, there is a VPN tab for Ubiquiti, it's not that I don't know how to do it, but it'd be good for others who also have these higher caliber routers.
help.ubnt.com/hc/en-us/articles/204949694-EdgeRouter-OpenVPN-Site-to-Site
Thanks for these pfsense videos; I think it's going to enable me to set this up on my home network. When you get around to further videos, can you briefly comment on how to add/setup your home wireless network with this? Is it as simple as just plugging in your wireless router to an opt port or ethernet switch? My home has a LOT of wireless devices (laptops, cell phones, distant desktops, etc) and the primary motivation for me moving to router level VPN is to get all of those behind the VPN.
great video as ever! you guys give the best advice! can't wait for the custom routes video. don't make us wait for months 😋
@Wendel
FYI: Notepad does support line endings ( format -> line endings)
But notepadd ++ or sublime are the better anyways :)
Finally some recognition for VyprVPN.
I use it on my router, and on my phone when I'm off of my home network. I did find them when I signed up for giganews. But I kept them after I cancelled my giganews account. i really enjoy VpyrVPN.
Would like to see methods of having real time stats of the system and possibly data for all the devices on the network displayed. Or maybe how to setup a failover setup.
A couple of months ago, I looked at getting pfsense on an older machine but ended up elected to get an edgerouter. Now I'm reconsidering it.
If you use Nyr/Angristan's OVPN creator for your VPS, then everything Wendell did is fine except you need to use the client cert Nyrs bash script provides, or add the pfSense internal CA and Cert into the OVPN VPS and use the TLS key either Nyrs bash script creates or add the TLS certs to your OVPN server config. Other than that it's fine.
TCC what does OVPN and VPS stand for?
Nice video!
My two cents: I think most of the 6-minute intro should have been after the demo : definitely the parts about affiliate links, NAT rules, DNS concerns, and even maybe the detailed "why"s.
nice. Looking forward to your exclusions in the next part.... interested in how to exclude items such as the mentioned NetFlix and also how to exclude RoKu boxes behind the router.
Really looking forward to your next video regarding firewall rules, as many guides from PIA, Vypr, nord, etc all conflict for various reasons. Some claim the firewall rules can cause the VPN not to connect etc.
Can you create a video showing how to configure making Netflix route out my WAN gateway instead of my VPN gateway
I've been toying with the idea of selling hardware "kits" and resell VPN accounts to people. Deciding between a few different routers.
For a VPN on pfsense, I use a VPS and created a VPN server on it, as it has high speed and high bandwidth compared to any VPN provider as well as port forward whatever port i need to my local servers as port forwarding is blocked by default by ISPs in my country.
in addition to VPN to utilize the pfblockerNG with multiple block lists blocking every single ad and malware on the network. As well as squid caching that scans everything with clamAV for viruses specially when browsing suspicious sites or torrent sites.
I am more interested in VPN for remote access to my network and protecting my wifi when on the road. I work away from homes and use an IPSEC connection to pfSense now. It's set up to allow WAN access. My biggest issue is accessing the local network. Mainly my FreeNAS server from phones. Not an issue on laptops, but it's hard t find mobile apps that allow me to use an IP to connect to devices. The issue is having to use a different subnet for the IPSEC from the local network. Now, is there a better way to setup the VPN or maybe a firewall rule(s) I can use to make the subnets access each other more seamlessly? I feel this should be a simple fix and I am just overlooking something.
you can just create a PPTP server on your pfsense and bridge that to your local network. with that, you get the same IP as your LAN and you can get access to any network services in your home.
You can do the same thing with OpenVPN by bridging the interface to your LAN.
Is it possible to bridge the existing IPSEC? Just to save me having to reconfigure all the mobile devices in the family. :D
Chad Bremer
Is it a problem where the apps only want to search for the servers? You might need to find out how to forward broadcasts between the LAN and VPN in that case.
Or if they don't like IPs but are OK with hostnames, you may want to set up a local internal DNS server.
Edit - yeah, just bridge IPSec to LAN if it lets you. Same effect as the broadcast forward (but more traffic will pass over it).
In a nutshell, yes. Most mobile apps seem to only want to discover servers on the network but won't let you put in an IP or hostnames. At least of the ones I have tried. I can't even find a good file manager that allows me to punch in details. I already have local DNS running and it works fine when I can use it. Any computer for example or accessing router and FreeNAS web GUI from any browsers, even mobile. The one app I have working is an SMB syncing app. It allows custom IP/host entry. So I can sync pics, vids, whatever I want from on the road. I just can not use it to browse files. I can browse if on the local wifi since discovery works, obviously. Trying to make it as simple as possible so my family has easy access. It's hard enough getting people to just turn the VPN on when on wifi outside the home.
Chad Bremer if you are on iOS look at FileExplorer Pro by Skyjos, great app.
Would like to point out that if your not using pfSense as your router check if the router you are trying to do this with can be a OpenVPN client. For example, my Sophos UTM can not be setup as a VPN client without modifications which if you have Enterprise support can void your warranty. Long story short this setup is not possible.
TIL about Notepad++.
Thanks! Also, this will come in handy when I build my PFSense box.
If you're looking for a good text editor that runs on Windows, I really recommend Atom over Notepad++.
I literally just set this up this weekend... Great info here, keep it up!
I know this is a very old video at this point, but It would be really nice to get more info around how FAST pfSense router actually is. I have ExpressVPN and run their custom version of OpenWRT which allows me to do something similar with an off-the-shelf Linksys router. The only problem is that when the VPN is connected it is SLOW. I have Gigabit internet, but get wired ethernet speeds under 50 Mbps! AES-256 encryption is just way too much for a consumer router I guess? If I got a dedicated pfSense router, would it be much faster, or could I just end up with essentially the same speeds because the connection is only going to be as fast as my VPN service?
I just repurposed my old model B raspberry pi as a VPN for my home network and it's perfect.
I would love to see a tutorial for the packet BindDNS for pfsense. I want to move my dns server off my home server to my router. You guys are awesome, thanks for the great videos.
Three years ago, time for a refresh? With more information about vpn providers, please?
don't some vpn providers pay for faster lines through the local ISP's? Thats what i read on howtogeek.. I was testing ping and it seemed like it was faster so it makes me think it's somewhat true. maybe it depends on what vpn.. I'm user safervpn
Sorry guys you were to late because I already configured VPN on my pfSense machine 2 weeks ago. Still a very nice video! Could you guys do a follow up about LightSquid caching?
Remote access LT2P IPSec on pfsense would also be a nice topic.
Please do the tutorial where you show how to route certain traffic to bypass the VPN e.g. games, netflix etc. Would be much appreciated.
When you were speaking about a secure computer that you use for banking, your exact words were " running a really secure version of Linux " What version(s) would you consider to be the most secure. This is a top is re-visit over and over. I know Tails is really good for security and I liked MOFO Linux which seemed secure and aesthetically pleasing. If you could make some suggestions I value your opinion.
So the whole point of this is you'll end up getting random non-targets ads you're likely not interested in. So you're still getting the ads, do i'd rather just block that.
This is awesome!! Would love to see more things Pfsense can do.
snort would be interesting. dyndns+openvpn on for my mobile device. monitoring and analyze traffic in general. I would like to see what connections are established besides when I visit a single site.
blocking certain sites: porn, drugs etc in general and how good does it work. I think its easy with squid but but doesn't work very good. there are also two different types of squid I don't get the difference. also we have mostly 3 local telephone numbers from our ISP and the default router we get do also the entire sip stuff. I think alot of people don't want to loose this when switching to pfsense. not sure if Asterix works on pfsense cuz still needing the crap ISP router for telephone also means no external ISP address on WAN of the pfsense. I have an eye on the new APUs from PC engines what do you guys think about it. seems ideal fit
It should be noted that you really don't want to use CBC and you should instead opt for GCM if you can help it.
Can you also make a video about putting a VPN on a spare router and connecting it to your primary router (pfsense) so that you effectively have two wireless networks, one that goes through the VPN and the other that's normal?
Hi guys! can you make an updated version of this with protonvpn and pfsense? I know that alot of people would like the entire setup process.
I get what you are doing. But I need more examples shown of how to configure the outbound/inbound so I can specify stuff like Blizzard to not use the vpn.
What are the differences/pros/cons of setting up OpenVPN vs IPSec on a pfSense router?
i wish you two were my best mates.Love you guys.Keep up the good work.
You're doing a Series on BSD routers on your Linux channel...
GOOD FORM!
Hi Wendell do you think we can get a video that goes deep into how linux docker and containers work?
I have PIA and i use it often. I love it so much i got the year plan for like 45 bucks
The music in the background around 10:30 its like wendells talking over a rap instrumental lol
Newbie question here.. but why pay for a vpn service? can't you create a vpn server inside pfsense?
Can you show us how to setup a pfsense virtual machine on a Freenas Corral machine?
Shoutout to Kansas City! Awesome vid.
I wonder if I can do this with my Asus router, it has quite a bit of options, it'd be nice if I could use my VPN account /w TorGuard over that.
Modern pfSense? How long has pfSense been around? And, when exactly was the “modern” version released.
One vote for remote access via Open VPN. i.e. cafe to home network.
Can you use pfsense for ad and site blocking similar to untangle NG firewall? If so I would love to see tutorials for that.
can I stop my microwave from spying on me?
I think it is possible to use VirtualBox as a pfsense router if you have three LAN ports on your PC. LAN 1 as WAN port em0 for modem connection. LAN 2 em1 for switch connection and LAN 3 to connect cable coming from switch for internet access. If you don't have switch, you connect LAN 2 and 3 directly with cross crimped cable. You must set all Network Adapters as Bridged Adapter in VirtualBox Network settings. Will this work?
Tor browser helps too when using a VPN and wanting to hide some things.
Love your videos, and thanks!
Suggestion for video:
How about a video on setting up EAP-TLS authentication via FreeRadius plugin in pfSense, to secure my SOHO all-linux network from MITM/rogue AP attacks?
What purpose did creating the internal certificate serve when setting up PIA? Their instructions don't include that step and you had to enter your username and password anyways?
Dave's Not Here served no purpose. The VPN provider won't trust your client cert. It even says that in the drop-down, that you don't need a client cert if using username and password. The whole idea of the client cert is to authenticate the user. The user would have a cert from your CA that they have the private key to. What they did is meaningless and I'd bet if you look at the logs it is ignored.
Could you do a video on setting up pfsense in a virtual machine on say, esxi? I have an old server that i'd love to use as a router, but also with other things, because 24 cores is a bit overkill for just routing, and setting up a esxi server on it and using that to do routing as well as other things would be great.
Assuming you've figured it out by now but pfsense works great in esxi. I have over 100 days uptime on my pfsense VM.
I know this video is 3 years old, but could you put your pfsense videos into a Playlist so they're easier to find?
And I just subbed 😁
pfSense adblocking please!
I know its not what you asked but I personally this thing called Pihole that tunnels your DNS traffic through a raspberry pi or linux computer, filters the ads, and then lets the other traffic through. I love it.
Putting a video on TH-cam to show people how to adblock at the router level would be shooting themselves in the foot.....
Video on how to blacklist windows 10 telemetry/spywares on pfSense.
You can use the SQUID package on pfSense to do this :)
pfBlocker with DNSBL... read the forum.
Hulu simply won't work.
Sometimes Craigs List and popular Ticket Buying services won't work either.
I tried to setup a VPN in pfSense to tunnel all P2P traffic through it and non of the rest of the traffic to keep speeds up for things like gaming and simple browsing, couldn't get it to work. Although I didn't spend that much time on it and only gave it one shot with an old guide, gave up because i couldn't find other guides.
That would be the bee's knee's if you guys make a tutorial on something like that.
How about messing with network traffic next now that you're told us how to protect it?
Any plans for the follow up on how to only pass some traffic over the VPN ?
That was cool but show me how to do some cool shit with the VPN/pfSense ... 😂 Thanks for all your content !
what i don't like is the fact the Antivirus was removed as a package, so i guess another section on your pfsense is how to PROPER setup pfblocker as I don't think mine is doing zero.
clamav is still built into squid package, try that
hmm thanks i'll look into it.
I know this is a REALLY OLD VIDEO. With that being said, I would love a video on how to completely anonymize yourself while using the web. Accessing region blocked web content would be another video I would love to see.
Complete anonymity requires schizo levels of deep rabbit hole wandering. It's barely possible these days.
Have you noticed a speed difference with and without the VPN? My connection speed is a third when I have the whole router on the VPN vs just one computer.
So is it okay to use those free anti virus programs like Avast, AVG, or are you way more secure if you upgrade to one of their paid services? I know the question is a litter off topic, but still in that general security field.
great tutorial! we need more.. please include network traffic shape with custom rules. and captive portal with radius.
How safe is it when you have your router change locations everyday? One day your in one location the next day you are in another? Is this safer than leaving it alone?
sometimes i just wonder if i am just paranoid? and i have nothing to worry about.
@Level1Linux
What's your stance on using OPNsense or VyOS (formerly Vyatta) instead of PFsense?
Yes I know VyOS is CLI only, but as far as I can tell it's damn powerful. Maybe that's worth the hassle ?
OPNsense is just a fork of PFsense, I know. But is it up to the task, do they deliver?
So, I have Win 10... Why do I feel like this would all be a wasted effort when I'm already running the OS equivalent of the KGB?
Can you do a video on virtualizing pfsense?
A video to make a vpn server VM on your server that you can connect certain devices to connect to the VPN while others do not as per the intro to this video would be great.
The only problem I have with running my whole network thought the vpn is speed. Can't find a provider with 150mbps+
Thanks for the effort guys! Is there a difference between using a third-party VPN such as PIA with pfsense vs just having OpenVPN running on pfsense?
If you're just running Openvpn on your pfsense install then you will still be routing all your traffic unecrypted via your ISP, with a third party VPN the connection is encrypted from your router to the remote server and then onto the internet
That makes ...sense **hehe** Have a lot more to learn. Thank you!
is there a link to the music somewhere?? i love it. good tutorial btw.
Vultr go 2.5$ vps, and you can make your own. Same specs as DigitalOcean but cheaper
Thank you for this video, please continue to upload pfsense tutorials
Please do a tutorial on a OpenVPN+RADIUS+Google Authentication setup, I'm not able to get that working :(
Overplay.net also supports Linux and even DD-WRT and Tomato variants ;)
So it should also be easy to setup in pfSense.
Could you guys do a video for IPVanish on PFSense?
How to make and host a private VPN? That would be a nice tutorial.
I think I need to learn about networking first.
There are so many levels and evrytime i install someting I have no idea which function it has
Any good networking playlist reocmmended?
When is the routing through the VPn0N to access netflix coming?
Having a VPN up causes banking and ecomerce problems, they thought I was the thief !!
If McDonalds were next to the on-ramp of the highway, you just took the on-ramp thinking it lead to McDonalds.. you can add exceptions to your routing!
If you want fast response between your gamepad and game server, A and B, you dont add a VPN to mask your location, A-C-B.. more stops mean more confusion to the bank!
I actually wouldn't mind something on a secure banking computer...
Would like to see site-to-site VPN on pfsense.