The Microsoft Exchange vulnerability debacle, which has been reported on to extensively by The Hacker
So I have a new weekend DIY project to work on over the next several days. I just bought a new pfSense firewall appliance along with some Ubiquiti WiFi access points for the house. I decided that it is time to get serious about securing our home network since we have so many IoT devices around these days.
At this point I have ordered the hardware and am beginning to get things planned out. for the install. I will continue to document the experience here as I go.
- QOTOM-Q190G4-S02 Barebone Industrial PC Gateway Router for pfSense – Intel J1900 4 Gigabit NICs
- Crucial 8GB Single DDR3/DDR3L 1600 MT/S (PC3-12800) Unbuffered SODIMM 204-Pin Memory – CT102464BF160B
- Dogfish Msata 120GB Internal Solid State Drive Mini Sata SSD Disk
- Ubiquiti Unifi Ap-AC Lite – Wireless Access Point – 802.11 B/A/G/n/AC (UAPACLITEUS)
- Ubiquiti Unifi Cloud Key – Remote Control Device (UC-CK)
First thing’s first, I had to open up my QOTOM PC and install the RAM and mSATA SSD in on the board. This was very easy to do, all that was required was to remove the four case screws using a Philips head screw driver. From there, the RAM and mSATA job just slide into their respective slots on the motherboard. You will need to hold the mSATA drive in place with a screw as well that is already on the motherboard when you open the PC case.
Once all of this was set, I downloaded (https://www.pfsense.org/download/) and burned a copy of pfSense to a DVD and connected a USB external DVD-ROM to the QOTOM PC along with a keyboard, mouse, and VGA based monitor. I powered everything up and… failure. The PC hung at the pfSense “booting” prompt. After some quick Google searching it was clear I was not the first to experience this with the latest version of pfSense. The short explanation is that the version of freeBSD that pfSense uses doesn’t like some graphics chipsets so the console hangs. To get around this you need to add the following line to your boot settings:
Once this was done everything very well. Installation proceeded without any other major issues. I essentially took all of the defaults in the installation and had the installer partition my SSD automatically.
pfSense Console Options
The QOTOM comes with four ethernet ports so you will need to tell pfSense what to do with all of them once the PC boots for the first time after installation. When the system has booted you will get to a menu with a list of console administration options to choose from. You will need to select the menu item for assigning interfaces for pfSense system. The console program will then walk you assigning your WAN, LAN and optional interfaces. In my case I did the following: