So I am curious, is it possible to setup routing in such a way that I can have a USG as my main firewall, but route web traffic to a pfSense firewall that has pfBlocker on it to filter web traffic? I figure it probably is, and that I can figure it out, but why bash my head on it when I’m sure someone else has tried it and can point me in the right direction.
If it works, now let’s one up this… and do it for only 1 specific subnet and not the whole network. How do you make it work?
Alright, now to spin up my first instance of pfSense…
What are you trying to accomplish? Yes it can be done if there is something needing extra isolation but it can be done through pf-Sense.
Ok so the goal is to keep the USG as I want the view on my UniFi controller, but use the pfSense/pfBlocker for web-filtering.
As far as doing one subnet it’s because the client is wanting to have an employee wireless network with some web-filtering to prevent employees from pirating movies on it.
I’m sure there are elegant and affordable solutions, but I don’t know what they are.
Ok, put the pf-Sense first then us a Unifi managed switch run the Unifi management software on a management machine bare metal or in a VM that will give you the view you need and control of the wifi and end points. The subnets or vlan you can setup on pf-Sense. Tom has some really good videos o how he does it. From what you have stated you are logging in from afar setup the VPN server on pf-Sense and once on the network your controller should see the Unifi switch. tPf-Blocker on pf-Sense should take care of blocking access to sites where folks would be temped to pirate movies music and the like.
Hope this helps you. When planning write it out, P to the seventh.