Announcement

Collapse
No announcement yet.

PFSense Firewall Group purchase interest

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Peter,

    Attached is the original PDF document for the GPS.

    I left the blue LED lamp connected to let me have a visual when it is sync'd to GPS's. It is very bright.

    Think I mentioned I used a regular cat5e connected to two RS-232 ends to extend the cable. Initially I had the Sure GPS board mounted in the attic of a two story home and the end of the RS-232 was in the basement. I would guess that the run was about 100-150 feet. Now the Sure GPS is mounted in the basement with an antenna view outside one window in the basement and it works great.

    Will take a picture of the board mounted. I did not put it in a case rather it is using wood screws on a wood beam in the basement.

    What headers did you order from China?

    Attached Files
    - Pete

    Auto mator
    Homeseer 3 Pro - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e 64 bit Intel CPU - Mono 5.20
    Homeseer Zee2 (Lite) - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e BeeLink 4Gb BT3 Pro - Mono 5.20

    X10, UPB, Zigbee, ZWave and Wifi MQTT automation.

    Comment


    • Chris,

      Yes here have been using no ip dot com for over 10 years now.

      I've never installed PFSense in a commercial environment.

      About two years ago did update a new Cisco ASA for an small enterprise environment (open sector - local state) and it was a slow and I was not impressed.

      Also configured a few F5's for a large international enterprise (160k users) a few years back; early internet.
      - Pete

      Auto mator
      Homeseer 3 Pro - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e 64 bit Intel CPU - Mono 5.20
      Homeseer Zee2 (Lite) - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e BeeLink 4Gb BT3 Pro - Mono 5.20

      X10, UPB, Zigbee, ZWave and Wifi MQTT automation.

      Comment


      • Hi Pete,
        Many thanks for the document, greatly appreciated.
        This is what I ordered in the way of headers.

        620 Piece Dupont connector kit from e-bay, was due to arrive last Friday, didn't happen so hopefully be waiting when I get back.
        Here is the link.

        https://www.ebay.co.uk/itm/620pc-Dup...;_trksid=p2060 353.m2749.l2649

        Made up a loom to bring LED's out to a front panel where the floppy drive used to be, not finished, also waiting on the right header for the off board LED end. Currently using an old desktop case and the sure board is attached to a piece of 2"x2" trunking lid which is in turn is attached to a couple of motherboard stand off's. Antenna connection goes out via a bulkhead mounting.

        Still unsure whether I will leave it in this case or try and fit it in a 1U short server case I have knocking about. This might be a little tight we'll see.

        Peter

        Comment


        • Ahh....see now what you are doing.

          So how long will the cable to the powered GPS antenna be? Will it work with the included Sure GPS antenna and cable?

          In the attic the antenna was next to the Sure GPS module and worked fine with no windows and a standard roof. In the basement it only works cuz I have a south / west small window. I am not sure if it would work through the cement foundation in the basement.

          Here for my work endeavor the server room was some 50 feet underground and the GPS antenna was mounted on the roof of the 3 story building elevator shaft.

          The NTP server was a 1U HP server in a rack which was over kill at the time for an NTP server...it was a spare and therefore it was free to use.

          I used old microwave cable that was on the roof and went down to the server room via the chases in the building and put an digital satellite powered amplifier. It was the amplifier that allowed a view of more than 2-3 satellites.
          - Pete

          Auto mator
          Homeseer 3 Pro - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e 64 bit Intel CPU - Mono 5.20
          Homeseer Zee2 (Lite) - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e BeeLink 4Gb BT3 Pro - Mono 5.20

          X10, UPB, Zigbee, ZWave and Wifi MQTT automation.

          Comment


          • Hi Pete,

            Hopefully mounting the sure card inside the PC case which ever one I end up with. Currently a tinkering project which will have a good end use. Not rushing at all but certain things I have decided that I need from the project, basically a good quality firewall that I understand that provides different subnets for the house stuff, phones, cameras and an onboard Wi-Fi connection.
            Will try and post a picture or two of the modded sure card and the bit of trunking lid, attacked the trunking with a wood chisel, worked really well must admit my chisel's are razor sharp and honed.
            GPS aerial / antenna will be the standard one supplied, the box itself will be mounted either in the Data cabinet or on top of the cabinet depending which one I end up with. The Data cabinet is mounted in my garage / workshop above in the loft space along with all my other HA stuff, so in respect of the antenna just a layer of tiles and a barrier sheet between the outside world think it willl pick up satelites OK if not then a rethink might be in order.
            Had a quick look at the PDF but not yet studied it in detail, lots of info so thankyou for the link.

            Peter

            Comment


            • I had good luck with the Sure GPS in the attic.

              Yes you can utilize autonomous VLANs or multiple LAN cards with PFSense.
              - Pete

              Auto mator
              Homeseer 3 Pro - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e 64 bit Intel CPU - Mono 5.20
              Homeseer Zee2 (Lite) - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e BeeLink 4Gb BT3 Pro - Mono 5.20

              X10, UPB, Zigbee, ZWave and Wifi MQTT automation.

              Comment


              • 14th of May, 2019

                The prices of the mini Intel computers have dropped a bit here and tinkering with trying to install PFSense on a $65 Intel computer.

                It has USB 3.0 and only 1 Gb NIC on it. So for second NIC using USB here. It is sold as an Intel TV box and comes with Windows 10.

                I do not think I will have issues installing PFSense BSD on it.

                It comes with 4Gb DDR3-4 RAM and a built in 64Gb of eMMC.

                Might turn the built in WLAN to an AP on it for a combo.

                No external serial port but I think I can modify it for this easy enough.
                - Pete

                Auto mator
                Homeseer 3 Pro - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e 64 bit Intel CPU - Mono 5.20
                Homeseer Zee2 (Lite) - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e BeeLink 4Gb BT3 Pro - Mono 5.20

                X10, UPB, Zigbee, ZWave and Wifi MQTT automation.

                Comment


                • Hi All,
                  Glad to see this thread is still alive. Must admit my pFsense box is still lurking around although I have rebuilt my HS server and my FreePBX box so the pFsense machine has definately taken the back burner. Now summer seems to have arrived in the UK I have all the exciting outdoor jobs to catch up on so guess the next time I look at it will be in Autumn.
                  Thanks for the update Pete

                  Peter

                  Comment


                  • As a result of this thread, I purchased a Qotom mini PC with pfSense. Pete graciously helped me get it up and running. Just recently I was noticing that there are lots of port scans going on these days. When an open port is found, they hammer it trying to get in. I have a port open for HSTouch remote access. Recently I noticed that it was getting scanned and hammered for access so frequently that HS3 was being impacted. Effectively a DOS attack. Via pfBlockerNG on pfSense, I was able to apply several geo block lists that really settled things down in terms of HS3. Most of the activity originated outside of the US. Then I noticed some activity that I could not easily do with a block list. I created my own white list which I use in conjunction with the block lists and things are nice and quiet again. The scans are still occurring but there is no impact. Without pfSense, I would not have had enough control via my router to prevent this unwanted activity.

                    Thanks Pete and pfSense!

                    P.S. No need to school me on VPN or myHS. OpenVPN is on my list of pfSense packages to explore. myHS fundamentally violates my guiding principle of local control not being dependent on an external service.

                    Comment


                    • I have source restrictions on all of the rules on my WAN interface. Rather than blocking the problem countries, why not only permit North America? Or better yet, create an alias which includes your common sources. Egress IP for work, friends house, ip block for your cellular carrier, etc.


                      i.e. Permit ICMP from pfB_NAmerica_v4 to WAN

                      Sent from my LGUS997 using Tapatalk

                      Comment


                      • Originally posted by viroid View Post
                        I have source restrictions on all of the rules on my WAN interface. Rather than blocking the problem countries, why not only permit North America? Or better yet, create an alias which includes your common sources. Egress IP for work, friends house, ip block for your cellular carrier, etc.


                        i.e. Permit ICMP from pfB_NAmerica_v4 to WAN

                        Sent from my LGUS997 using Tapatalk
                        Permitting North America was too broad. I was getting many IPs that traced back to AWS in North America. The whitelist I created does include my common sources and only allows known sources for the ports I have open.

                        Comment


                        • OK so purchased a Qotom Q310P cheap (< $100) to DIY build a PFSense firewall for a relative. Documenting the build over here:

                          PFSense on a Qotom Q310P mini PC computer


                          - Pete

                          Auto mator
                          Homeseer 3 Pro - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e 64 bit Intel CPU - Mono 5.20
                          Homeseer Zee2 (Lite) - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e BeeLink 4Gb BT3 Pro - Mono 5.20

                          X10, UPB, Zigbee, ZWave and Wifi MQTT automation.

                          Comment


                          • Pete

                            Here am running pfSense on a qotom too. It is this one.

                            I need a cmos battery with the proper connector for the motherboard. I no longer have the old battery with connector (uninteresting story). Reached out to Qotom but that didn't go so well. If you run across a source for that battery with connector, please let me know.

                            Thanks.

                            Robert

                            Comment


                            • Amazon has a number of CMOS backup batteries here.
                              Randy Prade
                              Aurora, CO
                              Prades.net

                              PHLocation - Pushover - EasyTrigger - UltraECM3 - Ultra1Wire3 - Arduino

                              Comment


                              • Installed PFSense on it today. Thinking of also making it a WAP. I am impressed so far.

                                Once installed will see how the VPN tunnel works between the two PFSense boxes.
                                - Pete

                                Auto mator
                                Homeseer 3 Pro - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e 64 bit Intel CPU - Mono 5.20
                                Homeseer Zee2 (Lite) - 3.0.0.534 (Linux) - Ubuntu 18.04/W7e BeeLink 4Gb BT3 Pro - Mono 5.20

                                X10, UPB, Zigbee, ZWave and Wifi MQTT automation.

                                Comment

                                Working...
                                X