ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Project 1 : PFSense Routing

    Scheduled Pinned Locked Moved Water Closet
    willlearnswrcombspfsense router learning
    65 Posts 9 Posters 6.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • WrCombsW
      WrCombs @jmoore
      last edited by

      @jmoore said in Project 1 : PFSense Routing:

      @WrCombs I would learn by using Linux. The reason why is that Windows hides a lot of processes in the background. They get abstracted away. You wont understand them if you don't see them and have to interact with them. If you learn it the Linux way, Windows becomes mostly trivial.

      only way i would be able to do that at this point would be a linux VM..
      which flavor should I choose?

      jmooreJ 1 Reply Last reply Reply Quote 0
      • jmooreJ
        jmoore @WrCombs
        last edited by

        @WrCombs Here i found them.
        https://www.tutorialspoint.com/data_communication_computer_network/index.htm
        and
        https://www.computernetworkingnotes.com/networking-tutorials/

        Do some hands on stuff like Scott mentioned and read these and you should have a decent grasp of things.

        1 Reply Last reply Reply Quote 0
        • jmooreJ
          jmoore @WrCombs
          last edited by

          @WrCombs said in Project 1 : PFSense Routing:

          @jmoore said in Project 1 : PFSense Routing:

          @WrCombs I would learn by using Linux. The reason why is that Windows hides a lot of processes in the background. They get abstracted away. You wont understand them if you don't see them and have to interact with them. If you learn it the Linux way, Windows becomes mostly trivial.

          only way i would be able to do that at this point would be a linux VM..
          which flavor should I choose?

          It doesn't really matter and a vm is just fine. Whatever distro you are comfortable with. Fedora, Ubuntu, Mint, Opensuse.

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @jmoore
            last edited by

            @jmoore said in Project 1 : PFSense Routing:

            @WrCombs said in Project 1 : PFSense Routing:

            @jmoore said in Project 1 : PFSense Routing:

            @WrCombs I would learn by using Linux. The reason why is that Windows hides a lot of processes in the background. They get abstracted away. You wont understand them if you don't see them and have to interact with them. If you learn it the Linux way, Windows becomes mostly trivial.

            only way i would be able to do that at this point would be a linux VM..
            which flavor should I choose?

            It doesn't really matter and a vm is just fine. Whatever distro you are comfortable with. Fedora, Ubuntu, Mint, Opensuse.

            VMs will do the trick, but I have a feeling that the abstraction will make it so much harder. So many more moving parts, and so much harder when you can't put your hands on something. Physically having computers goes a long way. We were buying old computers for $20 back in the mid-1990s. They have to be all but free today.

            JaredBuschJ 1 Reply Last reply Reply Quote 0
            • JaredBuschJ
              JaredBusch @scottalanmiller
              last edited by

              @scottalanmiller said in Project 1 : PFSense Routing:

              but I have a feeling that the abstraction will make it so much harder.

              Make a tutorial on how to setup a private network in virtual box and then how to make that the only network on the VM's. That equates to the same thing.

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @JaredBusch
                last edited by

                @JaredBusch said in Project 1 : PFSense Routing:

                @scottalanmiller said in Project 1 : PFSense Routing:

                but I have a feeling that the abstraction will make it so much harder.

                Make a tutorial on how to setup a private network in virtual box and then how to make that the only network on the VM's. That equates to the same thing.

                From a purely "how human brains think", I don't think that it does. There is something really educational about touching wires and seeing where electrons have the opportunity to go that really helps you to understand flows.

                1 Reply Last reply Reply Quote 0
                • 1
                  1337
                  last edited by 1337

                  I think lab exercises to learn something are pointless to a large degree.

                  I think it is better to make use of technology and by installing, setting up and using things, you will encounter problems that forces you to learn more about the subject and what you need in order to get the job done.

                  You will learn more that way and what you learn will have real world applications. But perhaps more importantly, you will be motivated to learn and get immediate gratification of having accomplished something meaningful when you succeed.

                  scottalanmillerS 1 Reply Last reply Reply Quote 2
                  • 1
                    1337 @WrCombs
                    last edited by 1337

                    @WrCombs said in Project 1 : PFSense Routing:

                    @Pete-S said in Project 1 : PFSense Routing:

                    @scottalanmiller said in Project 1 : PFSense Routing:

                    @Pete-S said in Project 1 : PFSense Routing:

                    I have no idea what you want @WrCombs to accomplish. You should probably draw the network diagram.

                    I want there to need to be a non-default route 🙂

                    OK, one scenario I can think of is this:

                    You have an Edgerouter on your LAN, 192.168.1.0/24, that gives you internet access.
                    Now you want to add your server fleet (VM host) to the LAN and protect them behind a pfSense firewall/router.

                    All your servers are located on the server LAN, 10.100.1.0/24.

                    1. How can you let the W10 client have access to the server LAN, for instance 10.100.1.2, by changing the Edgerouter config?

                    2. How can you access the server LAN from your W10 client directly (without sending that traffic over the Edgerouter)?

                    static_routing.png

                    1. Wouldn't updating the Edgerouter Routing Table control that?
                      if not then I have No idea, This is a static routing environment so, My guess would be to change the routing table to show the next hop to 10.100.1.2 is to go through 192.168.1.123.

                    2. Assuming the switch is a dumb switch and is not programmed, I have no idea. How would you ?

                    The whole reason behind doing this is to understand it, and the more I do it the more and more I get confused, for what ever reason I can't learn networking outside of the basics.

                    1. Yes, updating the routing table on the Edgerouter will accomplish that. But you would do it with the entire server subnet. So 10.100.1.0/24 would be routed to 192.168.1.123. So that means when a device what's to access some IP address in the 10.100.1.0/24 network it will send that traffic to 192.168.1.123.

                    2. You would route traffic directly from the W10 client to the pfSense router by changing the routing table on the W10 client. Do a route print on the windows machine and you'll see what routes it have. The routing table is basically instructions on how to reach IPs that are outside the W10's own subnet. That's why you will find something like this:

                    IPv4 Route Table
                    ===========================================================================
                    Active Routes:
                    Network Destination        Netmask          Gateway       Interface  Metric
                              0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.33    266
                    

                    That's the default route. And it points to the Edgerouter.

                    To tell the machine it needs traffic that belongs to the pfSense router (and not everything to the Edgerouter) you would add routes on the windows machine by running route add.

                    There are some other tricks that can be done to accomplish this in other ways as well. For instance it's possible to automatically push static routes to the W10 machine from the Edgerouter if you are using DHCP. So when the W10 machine gets it's IP and other network info as it is booting, it also get the static route to the pfSense router.

                    1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @1337
                      last edited by

                      @Pete-S said in Project 1 : PFSense Routing:

                      I think lab exercises to learn something are pointless to a large degree.

                      I think it is better to make use of technology and by installing, setting up and using things, you will encounter problems that forces you to learn more about the subject and what you need in order to get the job done.

                      You will learn more that way and what you learn will have real world applications. But perhaps more importantly, you will be motivated to learn and get immediate gratification of having accomplished something meaningful when you succeed.

                      This is SO true. It's why I like building out your home as if it were a business. Something you use and rely on daily. Something other people (presumably) depend on, too.

                      Some things, like routing, will be much harder that way. But really, if you never learn static routing, you might never be affected by not knowing it.

                      1 Reply Last reply Reply Quote 0
                      • black3dynamiteB
                        black3dynamite
                        last edited by

                        Well If you have enough free time you can try taking advantage of one week trial of CBT Nuggets and try some of their virtual labs. If I remember correctly some of the instructors is using Cisco Packet Tracer when teaching and its free. Another nice tool is to use GNS3 (https://www.gns3.com/). I like using both the Cisco Packet Tracer and GNS3.

                        1 1 Reply Last reply Reply Quote 2
                        • 1
                          1337 @black3dynamite
                          last edited by

                          @black3dynamite said in Project 1 : PFSense Routing:

                          Well If you have enough free time you can try taking advantage of one week trial of CBT Nuggets and try some of their virtual labs. If I remember correctly some of the instructors is using Cisco Packet Tracer when teaching and its free. Another nice tool is to use GNS3 (https://www.gns3.com/). I like using both the Cisco Packet Tracer and GNS3.

                          I had a look at Cisco Packet Tracer and it looks like a nice tool for simulations.

                          Youtube Video

                          1 Reply Last reply Reply Quote 1
                          • RomoR
                            Romo
                            last edited by

                            @WrCombs For networking basics, I would also recommend using PacketTracer. You will need to have some basic Cisco routing and switching cli knowledge (guides and resources are available all over the web). Having the ability, to actually see packets travel to your lab network is super valuable when you are starting and will help you really understand routing. You can work with static routes or dynamic routing protocols like OSPF, rip v2, etc. inside packet tracer.

                            Here is a work in progress lab, using L3 switches as core internal routers and several vlans. Its simulating a network transitioning from a big flat 10.10.0.0/20 to several vlans
                            551f74f5-0b38-4d04-aca8-ebb633af6994-image.png

                            Computer objects have cmd terminals, webbrowsers and other stuff so you can troubleshoot network stuff via ping, tracert, etc.
                            0a41789b-e1dc-4a8f-a60c-f7d0fdf4add7-image.png

                            I really like it and use it quite a lot when I am troubleshooting network issues that I need to have a diagram and see how the packets can flow within the network.

                            1 1 Reply Last reply Reply Quote 1
                            • 1
                              1337 @Romo
                              last edited by 1337

                              @Romo said in Project 1 : PFSense Routing:

                              Here is a work in progress lab, using L3 switches as core internal routers and several vlans. Its simulating a network transitioning from a big flat 10.10.0.0/20 to several vlans
                              551f74f5-0b38-4d04-aca8-ebb633af6994-image.png

                              @Romo N2048-Stack, that's a stack of Dell switches.

                              I'm guessing you can't simulate that, only Cisco gear right?

                              RomoR 1 Reply Last reply Reply Quote 0
                              • RomoR
                                Romo @1337
                                last edited by

                                @Pete-S only Cisco gear that label along with the sonic wall was more as documentation for myself.

                                1 Reply Last reply Reply Quote 1
                                • 1
                                • 2
                                • 3
                                • 4
                                • 2 / 4
                                • First post
                                  Last post