Pfsense Firewall

Hey everyone,

I’m planning on swapping out our dd-wrt firewall for pfsense box again. I haven’t done it yet as I still need to get the new pfsense box all configured correctly first before I make the switch.

The reason why I want to switch the box out is because of the shitty DHCP range limitation of dd-wrt. dd-wrt only supports a dhcp range between 172.16.0.0-172.16.0.255 which is a bit problematic for the amount of people who come into the space.

If we set the dhcp lease time to never expire we run out of ip addresses to lease.
If we set the dhcp lease to expire ip addresses start to change.

The solution is getting a new firewall that supports a dhcp range from 172.16.0.0-172.16.255.255. The new pfsense box supports that.

The new pfsense box is an old but never used hp 1u server. It’s got an intel pentium D d920 dual core, 8gb of ram, 2x1gbit nics built in, a pcie 2x1gbit network card, and an atheros wireless card with antennas mounted on the front of the server. It’s sitting in the rack right now.

Whats been completed:

  • 2x1gbe network card installed
  • PCI-E to mini-pcie card with an atheros wireless card installed
  • Newest version of PFSense installed using GEOM software raid1

What needs to be finished:

  • Configure wan port to use our static IP (info is on our modem)
  • Configure lan port to 172.16.0.1 netmask 255.255.0.0
  • Setup DHCP and internal DNS
  • Copy over static leases from dd-wrt router

Once it’s all configured and dns/dhcp is confirmed working we can make the switch. If anyone wants to jump on this go for it.

7 Likes

Hell yeah! Does this mean your network magic will put all of our wired and
wireless crap on the same subnet again?

that’s the plan! Gonna confirm its all working first before making the swap
tho as dhcp/dns/subnets have caused us a pain in the past. Really
considering buying some ubiquiti hardware to do this.

3 Likes

I’ll start on this and put a list of things that need to be done on the server.
What kind of Ubiquiti hardware do you think we need?

Steve

Perhaps this craigslist | canada at a better price but it doesn’t do ac (MIMO).

I bought an AP-PRO for home, haven’t looked back.

1 Like

Yeah, that’s kinda what im looking at but I think the “Ubiquiti Unifi AP-AC Lite” might be better value.

thanks so much dude! it’s much appreciated!

I have an AC LR and installed one this week.
A single Ubiquity AP would cover the whole space.

I buy from Lin Haw, it’s pretty much the same as retail but I’ll get them at my cost for VHS.
The one on Craigslist is slightly more than my cost (sans taxes) and is probably an older model

Steve

Are you saying you have an extra one or that you can get one for cheap? Or
are you saying you are going to buy one for vhs out of your pocket?

I can split the cost with you whatever the case is.

Would a 2.4 GHz only work? (vs a 2.4GHz & 5GHz combined?)
I have a 2.4 I use for demo’s

I’ll buy an LR for the space if people want to donate toward it.

Steve

1 Like

Lets go with the 2.4+5 one, cause on teusday nights we can get a lot of people in the space. I’ll chip in for half the cost. Or do you want to run a tilt for it?

I will chip in 20,

I don’t think it’s worth running a tilt for it. I’ll pickup an AC LR next week and drop it off at the space. Anyone who wants to can put a couple of $$$ into the kitty for it.
The LR has both 2.4 & 5 GHz. We will need a Linux box (Ubuntu) to put the UniFi software on. A cloud key is around $130.00 and not worth the cost in this case (money better spent on a 2nd AP)

Steve

3 Likes

Picked up a Ubiquiti “UniFi AP AC LR” today. just over $150 with taxes

3 Likes