7 Jan
2018
7 Jan
'18
6:32 p.m.
I'm using pfSense in it's default use except I'm nat forwarding the ipencap
to another machine in my DMZ which will act as my gateway. I don't know if
it'll work but I am seeing traffic at my AMPR gateway so I think I might be
onto something positive. I will fully document if I get it working.
--tom
On Sun, Jan 7, 2018 at 7:13 AM Luzemário Dantas <luzemario(a)luzemario.net.br>
wrote:
Hi Tom,
Some tome ago I was fiddling with pfSense to make it my gateway. I
abandoned this idea because there was a couple of key issues for me:
- BSD needs a device for each IPIP tunnel, this gets the things much
more harder to setup;
- PfSense does not have the protocols used enabled by default, needing
manual edit of the web interface after each update. You have to do it by
yourself every time;
- Linux has ready made scripts to get the job done. These scripts were
made by good hams here and tested by several other people. It is easier
to create a small virtual machine and put a 256MB RAM Devuan working
than creating a gateway using BSD.
- PfSense team is minded to get the commercial way of pfSense as a
product, so do not expect any support to get the things working. Their
support forum is getting more unconcerned every day.
If you are still inclined to use some type of BSD firewall as an AMPRNet
gateway, I suggest using OPNSense to start. It was a project forked from
pfSense, but today have only 10% of original code and have open source
as priority yet. Their forum is much more friendly and responsive.
OPNSense has all protocols listed in the web interface, so passing IPIP
traffic back and forth is more intuitive (I still would not use it as a
gateway anyway).
Hope this helps,
73 de PT2LDR
Luzemario
www.luzehost.com.br
--
73 de N2XU/Tom Cardinal/MSgt USAF (Ret)/BSCS/Security+/IPv6 Certified