Return on pfSense

This will soon make 3 months I’m using pfSense router oriented FreeBSD operating system. In 2011 I had already written an article on, but since July 2012 I put it into “production” with functioning 24 hours and actual conditions. Several points have particularly pleased me in pfSense, I’ll describe them below.

Here are the features I currently operates:

Firewall (DMZ)
DHCP server
OpenVPN client
Static routes
3 VLAN tagged on a single port
Jammed on a CF card
4 user workstations on the VLAN30, 4 servers on VLAN20 (dmz)

Note that there are many others that I do not use: NTP, DNS server, relay DHCP, IPSec, the list is long…

For now, 79 days of uptime, it may seem little, but as I said earlier it is only 3 months. Last restarts were voluntary for update operations or cut during a lightning storm. It should also compare this to a domestic merdebox that requires a reboot almost daily to restore internet access. Brief, pfSense is reliable, it runs without interruption.

I particularly appreciate that this little box black (Alix 1.d) is capable of handling it alone the whole of the network. I have “added” my VPN, but also a DHCP server. And other significant issues relate to diagnostic tools. Can make ping, view routing tables, arp, traceroute, and there is even a sniffer of adjustable network on several levels of verbosity.

Everything is well organized, easy to find and use. Changes are taken into account without having to restart the router (then again, compared to domestic box) which is appreciable. The summary tables of the firewall rules are quite thoughtful. The configuration can be exported to an XML file if you want to “format” the machine (for an update for example).

I do not regret the choice of pfSense as solution to manage my network: D all the qualities that can be sought are, with the flexibility, simplicity and reliability. This is an excellent appliance that is not ready to let go of me!