checkout AnsibleFest ------- red.ht/networkchuck AnsibleFest is a free virtual and immersive experience that brings the entire global automation community together to connect communities and spark collaboration. Typically an in-person event, AnsibleFest was changed to a virtual experience last year due to the pandemic. A virtual environment allows for a larger attendance and expands the conversations to people around the world. EXTENDED VERSION (VLANs and NordVPN): ntck.co/3jXJUqJ LINKS --------------------------------------------------- pfSense Download: www.pfsense.org/download/ PIA on pfSense Official Guide: ntck.co/3tBrvmX turn your old router into an access point: ntck.co/38U2l9J What you (might) need: --------------------------------------------------- Protectli pfSense Router: geni.us/ghLjK (affiliate) NetGate pfSense Appliance: geni.us/CKLzn (affiliate) Switch (supports vlans): geni.us/sympWI (affiliate) 🔥🔥Join the NetworkChuck membership: ntck.co/Premium

Him: Get rid of your router now Video: stops

I remember when I was in a security competition in high school and had to make a security solution for home networks and it was pfsense with snort, pfblockerng, pihole. Unfortunately placed second because the judges said it was too complicated for non techy users... Still won $750 tho. Nice video!

Dude you are a blast to watch. I have been in Cyber forever and it's rare to come across someone that is both smart and able to communicate in a way folks can digest.

Wish I had a friend like this dude, imagine the amount of knowledge he could supply you with.

Nice work, happy to see some more love out there for pfsense and thanks for the shout out about my pfsense videos.

"it's slow, it's insecure and it's not very fun" wow I can really relate to my router. Didn't realize we had so much in common 😆

Dude, your enthusiasm is infectious and so fun! Thank you for your expertise, time, and attention.

Your content and enthusiasm in creating that content has tremendously motivated me to pursue my dream of working in IT. Because of you, I signed up for an IT degree program, paid for by my employer, and I am hard at work at that as well as working towards IT certifications. Thank you for your dedication!

"The ability to have fun with your network which is AWESOME" - Talk about the ultimate stay single for life statement lol (Great video -will look into)

I know close to nothing about networking but your sheer excitement made me watch this lol

I really appreciate this channel. The education you recieve and the fact that it's free. Most of all, I love his teaching style i.e. enthusiastic, he loves what he does and it comes across. So many teaches are jaded and act like government employees, meaning it's just a job. I don't take this channel for granted and I'm grateful for it. On a different but not unrelated topic, he makes that coffeee look so good, that I had to go this site and order some for myself.

Struggled with setup at first, realized I wasn't squinting enough during coffee breaks.. everything works great now..thanks for the help!

My friend I wish I would have had you as a teach back in college man. You explained this in the most simplest of terms and how everything works at operational levels. I even have mine set up with port forwards for remote access. Best day ever on configuring a pfsense router. Actually my first time ever too. You are the best! I'll be checking out more of what you have on here over time during my intervals of non interruption from everyone wanting help with IT or physical labor lol

My girlfriend was mad several times when I was playing with that new toy and overdid it :D... Redundancy and night shift are good thing. Gotta have that coffee!

I've been using pfsense for awhile. Idk. Most people may be better off with a generic router. A non-technical user can get oneself in trouble pretty quick, which is then really frustrating when all they want is to browse social media. For folks who like to tweak and upgrade performance, oh no doubt, it's great.

Great video! One thing I want to add is that I looked into devices like protectli, but you'll trade that nice, small size, for performance. For about the same price, you could get a mini or micro PC that is a good bit more powerful and has better cooling. I ended up with a new Mobo, slightly older i5, 8GB of RAM, threw in an SSD hard drive I had laying around and it blows those mini routers out of the water. I run a point to point VPN, and initially my PFSense box was running a weaker processor and the usage sat around 30-40% at all times. The mid consumer tier intels (older and newer) and some AMDs have built in encryption capabilities that PFSense can use for things like VPN. I bought an i5 off of eBay for about $50 and now my usage rarely goes above 10%. I really have liked PFSense with Unifi access points.

I just want to say that KZbin technical presenters could learn a lot from you. I love the other sources for deep-tech to be sure, but in comparison to even the "best", I think the balance you have found between providing concise information and the pace of your delivery is excellent, compared to the glacial pace at which most other "tutorial" videos provide their material, excellent as they may be otherwise. I also love the fact that I must pause/repeat during your presentations, rather than wait around for the next connecting concept to emerge from some irrelevant tangent that so many other channels seem to fall into as they attempt to have their material more easily "absorbed". Your delivery is fast, relevant, direct, and structured to be easily comprehensible to beginners, while being an excellent resource for FAST reference by more experienced students of the material, all while remaining very personable. People who do not produce for you will never know the creative process behind videos like yours, with endless decisions to be made about how to structure and present their chosen topic, so I applaud your choices, including the occasional "coffee breaks" and humorous B-rolls that do not interrupt the pacing in any real way. Anyway, thanks; not just for the materials being presented, but for your fast, concise method of video presentation. All training videos should study your method.

What I find amazing, is that while watching videos like these, I follow along just fine.. but when I try to do it myself, my mind goes blank ;)

chuck: costs about internet 350$ dollars *closes tab*

I've been getting so mad at my Netgear router and so pissed off that I couldn't get my speed or connection issues fixed. Thinking it was my ISP and causing hell with them for months. When I watched your video it hit me, "oh I am the problem". I got myself everything you told me to get (choose a different ap). Everything worked. Literally everything. In one day! I got the speed I wanted, IoT connection issues were gone, and I am the happiest dude in the universe! Thank you for making networking so much fun! I appreciate everything u do!!!!

"get rid of it! It's slow, insecure and not really fun" Exactly what my girlfriend said about me😓😅😂

Thank you Jedi for your splendid tutorials and your enthusiasm, which has no equal!

NOTE: You may have to power cycle a cable modem since it is only capable of leasing out one IP address, and it was already leased to the previous hardware. Power cycling will clear the lease.

just remember: fixed IP via DHCP is still just a reservation, not a fix assignment. Better: fix it in the device out of the DHCP-Range

Love the use of the pen on these fast moving tutorials. So much easier to follow. On some of the others (from others) the screen flips to the next before the viewer sees what was clicked (what the hell did he just do? - Rewind!). A great way to add value to your videos! I'm sold. Thank You.

Great work. I loved pfSense: I decided to replace an old Gentoo that I could barely administer with pfSense... In my job... With no experience in pfSense... Only following the documentation in 2014 and worked great. After I finish my house, I will replace the router with a tiny pfSense. Thanks for your video, it was really fun to watch you. Best regards from Argentina.

His love for coffee, coupled with playing the video at 2x, is awesome! Moreover, nice to see Lawrence Systems chiming in on someone else's video. I like seeing multiple channels checking out and supporting others.

The best teacher ever! If I had you as a professor, I would never cheat in your class!

First met PfSense about 10 years ago... It seems the interface and possibilities have evolved a lot ! Great video ;-)

Oh My God Chunk, your content is better than my teacher's courses,I wish that my teachers teach like you and make the student love and fall in love with IT. All me respect to you...

You sir are the teacher I never had in school; you make learning so much fun and simple. I’m going to get on this right now as I use UniFi access points for my wifi as well. Thank you so much

Instructions unclear: I was so quick to burn my terrible router that I did it before he said I could still use it.

Firstly LOVE your channel. Secondly, thanks to you my home is now protected by pfsense. I converted an old core i5 8gb ram workstation, added an extra lan card for $15, now all my home internet runs through it. Runs pfblocker and SNORT like a breeze. Amazing at all the stuff it detects and blocks. Feels like i have the safest home network in my city.

0:01 i have that router :(

Hi @NetworkChuck Awesome what you do BTW! What would be very interesting is to go into the details of IPv6 on pfSense (some hints there.. Prefix delegation, Security topics, what should be allowed per default, how to keep track of all the devices, how to allow for certain ports, etc.). In my eyes, this can get very messy really fast.

Thank you for clarifying how things actually connect from a hardware sense. Feels like so many helpful nerds assume I’m already a master of the fundamentals but that means there are less opportunities to actually learn the fundamentals lol. I found this super helpful

"I love when things make noises" - network chuck

For those who find pfsense a bit complicated, ipfire is a great choice. I been running ipfire for many years and switched to running it on a protecli device a year ago. The bad thing about protecli though is many of their lower end devices (2 ports and 4 ports) have many hardware vulnerabilities due to the old intel chips being used. I have the 2 port version and it is plagued with hardware vulnerabilties. Ipfire has a built in checker to check for hardware vulnerabilities unlike pfsense, which is an awesome feature to inspect the hardware to ensure it is not vulnerable. I am working to look at different hardware since my current protecli i bought a year ago has to many hardware vulnerabilities on it now. If you get protecli, get coreboot bios, since all their stuff is made/flashed in china, but at least with coreboot you get opensource firmware vs who knows what extra stuff is included in the china flashed firmware.

Thank you for this video! I recently purchased the Protectli Vault (8gb ram, 120mSATA) and I was a bit lost in the understanding pfsense. You made it not only easier to understand but did it with great humor! If I had you as a network instructor it wouldn't even feel like school. Thanks again!

The coffee probably has something to do with the fast pace. 😂

Great video and walkthrough, wish I had you as my IT instructor you explain things very well! Can’t wait to try this! Enjoyed your enthusiasm and energy!

Big fan of PfSense, deployed hundreds of them. Personally I use the Ubiquiti Dreammachine Pro now, cheapest way to get SFP+ connections. If you want next-gen firewall protection with Pfsense, you can setup Suricata on it for even better protection.

Thank you for the raspberry pi comment! This is one of the most important information when I watch videos about such server tools.

Just set my pfsense router using the appliances you recommended. Everything is running like a breeze! I appreciate this tutorial video very much thank you!

I noticed SHA1 when you were setting up your VPN. Wasn't that deprecated a few years back? Great video, by the way!

Lol! That’s funny. I immediately thought installing PF on a raspberry pi and you swiftly answered that question. Great video.

Appreciate you doing a supplementary video on VLAN's - particularly with a focus on segregating IOT devices. Thanks :)

chuck, you are one of the very few youtubers in networking that doesnt make me feel like an idiot

Great video. Long but worth it. Would love to see you do a similar video on OpenWRT running on a Raspberry Pi4 (now supported on the latest version of OpenWRT). PfSense is more polished it seems but for me it's amazing to do similar stuff all on a Pi4.

I just finished the Google IT Support Cert networking section. I fell in love with it. I can't believe it only took a week and almost everything you did makes sense to me. Like 100%. I'm so buying the exact setup, and will follow along. Then, I promise I will get into trouble lol. Wish me luck. Excellent content. I was thrown off by the guy fawks mask, so glad I clicked on your vids. Great content man

One thing I think is neglected on most networks is the use of traffic shaping. On the network I used to run, I could have a couple machines running torrents full blast with zero slowdown for any of the traffic that needed low latency. Traffic shaping is also a great way to get around buffer bloat effects from ISPs using buffers that are much larger than they have any reason to be. If you can shape the whole network's maximum traffic to 95% of your ISP's maximum bandwidth, then you can prevent traffic coming in from or out to the internet bottlenecking on the ISP side because the buffers are overrun.

Sometimes I really wish I could like your videos more than 1 time. You have a very cool way of explaining Networking concepts/Tech and also simplifying everything. Thank you Network Chuck for all you do for the community

I’m currently using a MikroTik router at home. It has lots of capabilities, similar to PfSense, but GUI is not as good.

Hey Chuck, minimizing the single use USB and use Ventoy, Im going to try to see if i can put Pfsense on it an see if i get boot. Thanks for diversifying your content!

I LOVE IT. I learned tons of things. And now, im gonna research and learn more. Thanks for this great content 😊

Great video!! As an old Cisco Pix, Checkpoint Firewall, BayNetworks Networking & Security Engineer, I’m blown away by what pfsense can do these days. I’m long been retired but in the tail end of my career years I was working with pfsense in about 2007 -2009. There were two other products named Untangle & I can’t remember the other name I had worked on for some time testing which were pretty solid at that time also. Now, I no longer get involved much with networking even as hobby but I do occasionally browse to see where things are at like tonight and I’m glad I did. You might have just inspired me to to build a little cube and dump pfsense on it to play with at home. Thank you for this fantastic chock full of info and demonstration. I owe you a cup of joe. 🤟

Chuck, or anyone really, what are the pros/cons of going with Protectli vs a Netgate?

The picture of the TP-Link TL-SG105E that he said is managed literally says "unmanaged" on it. :)

OpenWRT is also an option as an AP for a old router as well.

“Not very fun” is an excellent reason.

I literally just bought one of these last month and am running PFSense on it! I migrated from using on old beat-up dell optiplex to this, and transition was SUPER EASY

how cool is it that you’re doing this just when I started to use pfSense at work. your content ROCKS!!

Another upload from our amazing Chuck! Will watch it when I am back home!

how does one get the host name in Cloudflare? I'm a little confused on that part.

That exact router you had in your thumbnail is a great router for a 2 room apartment. Great coverage, even on the balcony. Switched to DDWRT, payed some 15-20$ 5 years ago. Why would I destroy it? (did subscribe to you because of the enthusiasm about networks you show)

Hey Chuck - just found your videos and they're great! 1 thing tho - I don't think you need the block rule if the PIA gateway goes down. In my experience, the rule you set to push traffic out the gateway will still kick in try to push out and get stuck... (so no traffic gets to internet).

With Gb+ internet service becoming readily available the 2 proposed pfsense routers are becoming obsolete ( and the one shown on this video is $720+ in Canada...). Any updated suggestions? Thanks.

I followed the instructions exactly, even took coffee breaks when instructed. Thanks for the great tutorial.

Time for a Update

I can imagine there are few more literal "something secure" passwords now.

Your tutorials are amazing you explain every aspect of it, your a great teacher, thank you very much I learned a lot and still learning!

Chuck, I love the enthusiasm, you are great teacher. The only concern I have is about the recent reviews for the recommended devices. A large number of users complaining about overheating and not lasting long. What has been you experience since the launch of this video? I've never been this inspired with network. Thanks for your videos.

Love your videos Chuck. Thanks for helping so many people get into IT.

Mikrotik it's the fairest firewall does everything a pfsense does and more, an RB750gr3 costs $60, with $200 you buy an RB4011iGS+RM (10xGigabit port router with a Quad-core 1.4Ghz CPU, 1GB RAM, SFP+)

We are live. Just did a huge network switch. Hitting 1.4 gbps now thanks to this video. 2.5gbe ports on the appliance. A lot more to learn now. Very exciting. thanks so much!!!!

Chuck, You are a great teacher. And the love you put into this is amazing. Its effen funnn man. Keep it up. and now, coffe brake! Siiiiiip lol

"It's slow, insecure, and not very fun." Sounds like someone I know :/

Just learned this in school. Great recap here; thanks!

@networkchuck Can you provide an update if you are still using the same software/hardware or are their better options now?

The option shown here is actually really cheap for a PfSense router. If you were to build a cheap PC with new components, the most expensive part would be the Network Card which has the network interface for SFP+ or RJ45 (usually), they're usually as expensive as a budget GPU at the moment. Intel network cards are pretty much the best, be they Wi-Fi cards for laptops or ethernet network cards for PC/Servers so if possible, get one of those. Ideally you should get a network card with a minimum of 2 interfaces, one for input (from your ONT) and one for output (which goes in your switch), from your switch you can connect to the internet everything, Smart TVs, Wireless Pots, PCs and so on (depending how you made your network structure around the house/company building). Thing is more than 2x RJ45 or SFP+ ports used at the same time, can overload your router's CPU and the network speed will go down so don't think about replacing the cost for a switch with a multiple port network card, it's not gonna be good. As for the CPU and RAM, well, a Pentium is better than a Celeron and are pretty much the same price so get that (for socket LGA1700, those are the latest gen so it's gonna be perfect) and probably 2 sticks of 4GB RAM are gonna be plenty, 3200 MT/s frequency and 22CL to keep things cheap. Use a mITX motherboard for everything and use the stock cooler, so that everything fits in a Cube Tower case, and you can place the router anywhere, it won't be that big, noisy and ugly sitting somewhere in sight.

If you’re worried about your WAN IP getting out, you need to be a little tighter on your editing. There are still sections where its clearly visible when the dashboards start sliding around

I wonder why you never talked about Mikrotik Routerboard routers. They are amazing.

although I like pfsense, come to find out it does not handle multiple vlans. I tested and setup 3 vlans, and communication did not happen. The only way for pfsense to work is on a single vlan.... too bad it can not route / communicate more then 1

Love your videos but the continues "Coffee Break" inserts are annoying. Everything else, you're brilliant!

What about Mikrotik? I've been working more and more with Mikrotik and its super cool and fun and rewarding to figure out and setup

Thanks for this. Other recommendations (including other comments) are for OPNsense as a fork of pfSense. I'm behind an IPv4 CGNAT, but with a /64 IPv6 static allocation. I'd love to see something from you about IPv6 and DHCP/Static/DDNS.

Sometimes this guy is like "get this get that" like we can afford to get this and that...

Bro the drastic camera angle changes are toooooo much

this is a certified hood classic.

I'm curious how the routing everything through vpn impacts network speed?

Thanks! Just used your video to setup a few things on my pfsense machice including routing all traffic through VPN.

Outstanding video. You teaching style is always on point. Would love to see how you integrate your Ubiquiti/Unifi hardware into the mix. Thinking of moving from the UDM-Pro to a Protectli (already have a FW6E) based PFS setup but not quite sure of the best method for getting it to play nice with my current Unifi setup. Thanks again for your great videos!

I used to use refurb dell optiplex's with extra NICs to connect branch offices together. I would have loved to see some kind of comparison between PC vs hardware like you used.

Great video. One thing I would love to see (maybe a tip for next video) is how to set it up in a way so you don't bridge the ISP router, so it works as your 1st fw and pfsense is your 2nd fw. Hopefully and theoretically increasing the overall security by introducing different layers. Also bit on zoning (family devices in one zone, NAS in another, your rPi web server in another, etc.) in case the sh** hits the fan, would be lovely.

I just love how your coffee cup just automagically refills mid-video. There's more to that pfsense wizard than you've initially told us, ey😅

Something to keep in mind. PfSense is not trivial for some smart home scenarios. I had a lot of issues with things like Philips Hue bridges, Home Assistant, etc.. I think this is great if you're accustomed to configuring a Linux firewall and/or have some more advanced network config experience. I don't think this is great for someone who is trying to replace their Netgear all-in-one router/modem/wifi with a couple of port forwards.

This is going to be part of my first feat now that we own a forever home; I want to get this running & figure out Virtualization on TrueNas Scale. Haven't tried myself with a major project since leaving IT in 2k6ish. There's a ton of change, I'm in dire need of major Crash Courses. Keep up the Great Work

Trouble with VPN is, more and more sites will not let you in if they detect VPN.

Just finished configurating it thanks to you. Lovely tutorial, professional yet entertaining