pfSense 2.3 is out and it's Bootstrap'ing!
April 13, 2016
Yesterday pfSense 2.3 was release and it’s a fairly major UI change. The key is the conversion from the previous web-UI (that was tragically out of date) to a new Bootstrap based design. Not only does this make the UI look really slick, it also gains built-in responsiveness! The best part about the overhaul is that they really managed to maintain the same general look and feel while giving it a face lift. Anyone who’s familiar with pfSense won’t suddenly be left out in the cold.
Unblocking Private IPs from Public DNS under PFSense
September 3, 2015
My home network has a domain name, so I don’t have to remember all the IP addresses of my various servers. However, I publish all the DNS information using AWS Route 53 since $0.50/month is much more palatable to me than running BIND. This works flawlessly until you get a firewall like PFsense that blocks all DNS responses for private IP address blocks (e.g. 192.168.x, 10.x, 172.16.x). Fortunately, it’s very easy to fix this under PFsense.
Tutorial: Using VMWare ESXi and PFsense as a network firewall/router
August 31, 2015
vSphere In most networks, you will have dedicated hardware to function as your “edge” (firewall/router). This is typically for the best, but there are always cases where you can’t put out that dedicated hardware. Sometimes it’s for cost reasons and sometimes it’s for complexity. In my particular case, I was installing an ESXi server in a datacenter and only had 2 amps of power to work with, of which my server took up ~1.8amps at peak load. So cost came into play and we simply couldn’t afford to put in dedicated hardware that could push enough bits. In such cases, it is possible the setup ESXi on the network edge, in a reasonably secure fashion, with PFSense acting as a firewall.
Project “Falcon” – The DIY Router (server?) Experiment
April 14, 2015
As previously mentioned, I work in a “Cloud company” which typically means we claim we’re a “serverless” office. However sometimes I need a server-like machine to make a point. For this particular project we needed a machine that was, for all intents and purposes, a server… except I wanted to build it myself. It wasn’t so much to save money, but so I could customize the machine to get exactly what I wanted out of it (and because it was a fun diversion). The result of that was known as “Project Falcon”.
All Quiet on the Blog Front (again)
August 7, 2014
For those of you who might stop by semi-regularly, you’ve not seen me post in about 4 months. In fact, I’ve not regularly posted since January of this year and John has been carrying the weight. Work has “kept me out of trouble” as they say, or more correctly just been insanely busy. When I’m crazy busy at work I don’t have said time/energy to blog… which is quite unfortunate because that is the time when I have the best things to write about.