Netgate pfSense Plus Firewall/VPN/Router
Netgate | 24.03.0Linux/Unix, FreeBSD 14 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
IPsec VPN routing issue
GUI is very easy to use, site-to-site VPN tunnel established easily.
However, it seems miss routing config, I could not find a way to route traffic into this VPN tunnel.
- Leave a Comment |
- 1 comment |
- Mark review as helpful
Very easy to install out of the gate and a robust routing platform.
What do you like best about the product?
Can't believe how easy it is to set up out of the box. Fire up the server, install the platform and then you assign a LAN/WAN interface... DONE!
What do you dislike about the product?
I would like to see more analytics or an easier way to get to client based data from the dashboard.
What problems is the product solving and how is that benefiting you?
I am looking for a secure, but easy and highly configurable platform that just plain WORKS. This seems to fit the bill.
So powerful
What do you like best about the product?
With this product being open source it amazing how powerful the features you get with it and the ability to configure to your needs is great!
What do you dislike about the product?
It can be hard to get the configuration you want at the start but you get there in the end!
What problems is the product solving and how is that benefiting you?
Free open source protection for your network what more could you want!
Pfsense a worth while firewall
What do you like best about the product?
The best things of this product is how modular it can be and the community support it offers.
pfsense has a range of modules/plugins that can be added in order to shape pfsense to your needs, there is a wide selection and you are sure to find something to do the job. If for any reason you are unable to find a module to do what needs to be done, more than likely a question has been asked on the subject and an answer is easily found, if not you can pose a question on the forums and you will be met with a very patient community.
One of the main benefits is the capability for multiple WANs, allowing you to route traffic how you see fit or even load balance.
You can add squid guard and block/allow websites on a whitelist/blacklist.
Aliasing allows you to add multiple IP's/networks/hosts under a single alias and make firewall rules based on this, so rather than creating 250 firewall rules for 250 nodes, simply alias all 250 and make a single rule for that alias.
There are pages devoted to graphs so you can monitor your network traffic, your physical NICs and the server itself.
There are a ton of features and all the basic/advanced networking needs are met.
pfsense has a range of modules/plugins that can be added in order to shape pfsense to your needs, there is a wide selection and you are sure to find something to do the job. If for any reason you are unable to find a module to do what needs to be done, more than likely a question has been asked on the subject and an answer is easily found, if not you can pose a question on the forums and you will be met with a very patient community.
One of the main benefits is the capability for multiple WANs, allowing you to route traffic how you see fit or even load balance.
You can add squid guard and block/allow websites on a whitelist/blacklist.
Aliasing allows you to add multiple IP's/networks/hosts under a single alias and make firewall rules based on this, so rather than creating 250 firewall rules for 250 nodes, simply alias all 250 and make a single rule for that alias.
There are pages devoted to graphs so you can monitor your network traffic, your physical NICs and the server itself.
There are a ton of features and all the basic/advanced networking needs are met.
What do you dislike about the product?
There is very little I have found I do not like about pfsense, although I have not tested every single possible feature, my experience has certainly been very positive. There are two things however that do spring to mind.
I was unable to achieve port forwarding for a VPN. The VPN was PPTP (admittedly I never tried any other methods) on a Windows server. Despite countless hours searching and reading the results and numerous attempts of changing settings, I was unable to use the VPN (had worked previously with a paid firewall solution), whether this issue still stands or was entirely my fault still remains unsolved.
After approximately three years I have found pfsense to become slightly flaky. I have only experienced this with one box (the longest running). Whether this issue boils down to the physical server and/or components or whether this is due to changes over the course of time/corruption of configuration files, is again undetermined.
In reality I have not experienced any real downsides of the solution I cannot link back to me.
I was unable to achieve port forwarding for a VPN. The VPN was PPTP (admittedly I never tried any other methods) on a Windows server. Despite countless hours searching and reading the results and numerous attempts of changing settings, I was unable to use the VPN (had worked previously with a paid firewall solution), whether this issue still stands or was entirely my fault still remains unsolved.
After approximately three years I have found pfsense to become slightly flaky. I have only experienced this with one box (the longest running). Whether this issue boils down to the physical server and/or components or whether this is due to changes over the course of time/corruption of configuration files, is again undetermined.
In reality I have not experienced any real downsides of the solution I cannot link back to me.
What problems is the product solving and how is that benefiting you?
The product has personally helped to act as a firewall protecting and controlling both internal and external traffic on the network.
It has allowed me multiple WAN connections. With aliasing I can quickly group servers, computers, security equipment etc. Using the aliasing I have been able to dedicate WAN connections for specific purposes ensuring the bandwidth is distributed as necessary with a single firewall rule.
Modules like bandwidthd help me check the hosts consuming the most traffic, squid to help me monitor traffic and squid guard to help me block or allow traffic, make this a great solution.
After moving from one paid licensed solution to another I have found pfsense to not only be free, but completely wipe the floor with anything paid for previously.
My experience with this product is extremely positive and I would definitely recommend it as a great solution.
It has allowed me multiple WAN connections. With aliasing I can quickly group servers, computers, security equipment etc. Using the aliasing I have been able to dedicate WAN connections for specific purposes ensuring the bandwidth is distributed as necessary with a single firewall rule.
Modules like bandwidthd help me check the hosts consuming the most traffic, squid to help me monitor traffic and squid guard to help me block or allow traffic, make this a great solution.
After moving from one paid licensed solution to another I have found pfsense to not only be free, but completely wipe the floor with anything paid for previously.
My experience with this product is extremely positive and I would definitely recommend it as a great solution.
Recommendations to others considering the product:
It's got a great fully fledged gui and it's linux for shell users. Install it, try it, any problems the docs or community will come through.
Easy to setup and checking Software Router
What do you like best about the product?
Resource utilization is really lower.
Have a good user interface that I can easily understand and learn how to use it.
Have a good user interface that I can easily understand and learn how to use it.
What do you dislike about the product?
No much user know this product that I can only access their forum for searching solution
What problems is the product solving and how is that benefiting you?
Main Network Router and VPN gateway.
I can use an old server to serve 50 peoples without lagging.
I can use an old server to serve 50 peoples without lagging.
pfSense is a capable and configurable software firewall solution
What do you like best about the product?
pfSense is relatively simple to configure and very powerful.
What do you dislike about the product?
Some features are only available with paid pfSense Gold.
What problems is the product solving and how is that benefiting you?
Many smaller clients need a firewall but don't necessarily need a full hardware firewall solution. pfSense on a VM is the perfect solution for this situation. pfSense has all the necessary features such as iptables filters, vpn tunnels, etc.
Recommendations to others considering the product:
pfSense may not be as featureful as a SonicWALL but if the advanced features aren't necessary then pfSense can save a lot of time and money. Keep it on its own VM or machine, however.
Great Enterprise Firewall
What do you like best about the product?
I think pfSense is performant, powerful, and stable. It's got active development, and while I think the pace of innovation is kind of slow. I believe it's one of the best open source firewalls made. It's FreeBSD base provides a great stable base and wonderful networking capabilities. This router really can do everything a Cisco can and more.
What do you dislike about the product?
I think the project tends to shy away from things like configuration management and newer "hot" technologies because they have alternatives coming down the pipeline. Which is great, and I look forward to things like pfCenter, but not having at least some hooks in Ansible is a problem. When things get brought up on forums, people can be nasty. But I guess that's the internet for you.
I wish the base OS was more vanilla FreeBSD w/pfSense packages that could be installed on top. Sometimes I want to do things and I'm afraid to add packages that are outside of the official pfSense package list because there's a fear it could bork the system.
I wish the base OS was more vanilla FreeBSD w/pfSense packages that could be installed on top. Sometimes I want to do things and I'm afraid to add packages that are outside of the official pfSense package list because there's a fear it could bork the system.
What problems is the product solving and how is that benefiting you?
Replacing more expensive firewalls and getting much more performance.
Recommendations to others considering the product:
Read the documentation, take the official training. Buy support if you have questions or need help.
pfSense is the my favorite firewall distribution
What do you like best about the product?
It's absolutely free and it's in my opinion better then many of the enterprise class firewalls I've been in contact with. It's easy to manage, easy to update to newer versions, and best of all it's easy to extend. For example you can extend it with IDS/IPS (Snort), reverse proxies, various tunnel services, network landing sites etc.
What do you dislike about the product?
I shouldn't say everything about pfSense is a walk in park, there have been hick-ups along the way. For example, not to long ago (3-4 years ago) there was a problem with Snort rules not being saved or overwritten with every update of the database. Also it's IPv6-support was a bit late (but on the other hand, so was a lot of other firewall vendors as well). Some services you'll have to tweak manually by editing files, but for most of the time (99.9%) you won't have to do this.
What problems is the product solving and how is that benefiting you?
pfSense it my goto firewall solution when either friends or customers is in the need of a firewall/router solution. Since it can run of old or cheap hardware (beware of the throughput though) it saves both myself and my customers money. And besides, it's great for security.
Recommendations to others considering the product:
A tip of advice, if you are to run pfSense on a flash drive, don't forget to enable a RAM-disk for the logs or you'll end up with a dead flash drive within weeks. Trust me, it happen to me. Go to System -> Advanced -> Miscellaneous and scroll down to RAM Disk Settings and the "Use RAM disks". Then pfSense will use your RAM for /var and /tmp. This prevents the system from constantly writing writing log files to the flash drive, which can me many thousand entries per second, which will wear out the drive very fast.
pfSense
What do you like best about the product?
What I like the best is how versatile it is and it performs as well as other name brand routing platforms. It is easy to customize for my client's needs.
What do you dislike about the product?
I am completely satisfied with pfSense and it has met all my expectations. I have not experienced an issue with pfSense.
What problems is the product solving and how is that benefiting you?
Making custom routers for my diverse clients. The benefit of pfSense is that it is quality software for a fraction of the cost of the competitors.
Recommendations to others considering the product:
Make the switch to pfSense and use reliable hardware. It is worth it. I have had less problems with pfSense than any other product I have used.
The one and only firewall
What do you like best about the product?
Many options for configure a free and open source firewall to protect and manage your private cloud
What do you dislike about the product?
Too many options and old style interface (a newer version with new UI is coming)
What problems is the product solving and how is that benefiting you?
Full mange of our private cloud
showing 311 - 320