Pfsense 2.4.5 paranoid setup

paranoid · July 3, 2020, 10:17pm

Hello!

I’ve been pwned via unauthorized LAN and Bluetooth connections running among my devices. I currently have no wifi setup With this in mind, is there a suggested avenue for setting up pfsense 2.4.5 on the 1100 to battle this issue more specifically?

I am new to setting up a pfsense firewall and am challenged with a non-sterile environment. I am not incredibly happy with the Netgate SG-1100 because of the way it forces configuration on the browser and doesn’t seem to allow a clean factory reset.

Every DNS setup I configure ends up getting changed and so far that’s the only configuration I’ve made outside the standard WAN block in/LAN all all ruleset.

neogrid · July 4, 2020, 10:56am

You can easily setup a RADIUS server and get 802.1x running so all network devices must be authenticated before joining the LAN.

Pfsense is opensource so you can do anything you want if you have the skills, however, I don’t see the issue with configuring in a browser.

Have a look at Diagnostics > Factory Defaults, looks like a clean factory reset can be performed.

Don’t think you can change the DNS in pfsense without accessing pfsense, of course DNS can be bypassed if using DoH on the client.