italk(IT)

You can use port forwarding for any service port such as RDP, FTP, SSH, HTTP, HTTPS. Port forwarding improve easy to access any service on private network from any where but port forward have not authentication for check authorization so it is low security. In some case such as HTTP, HTTPS (public website only) port forwarding are accept because HTTP,HTTPS is public service user around the world should be access from any where. In this case I will show port forwarding  for RDP. Step As Video   

Bandwidth internet from ISP are limited. If you have many client and you are not control bandwidth. Finally, total bandwidth are insufficient. Recommendation, you should enable captive portal for filter client to use your internet and limit bandwidth per user by captive portal.  Limitation bandwidth on captive portal do not exempt by user it apply to all user. Step As Video   

Internet bandwidth from ISP are limited from your packet that you pay. You should manage bandwidth internet of your organization for enough to use. Sometimes bandwidth internet is enough for general usage but someone may be use torrent or infected a virus effect to extra use bandwidth. How do you know who are use extra bandwidth? On pfsense have add-on package "Bandwidthd". Bandwidth show dashboard Top user usage in day, week, month. You can use information from bandwidthd to verify usability of your user and warn their to reduce bandwidth usage. Step As Video  

Sometimes Captive Portal would not show automatic when client access to the internet In my case I found problem about DNS on client. If client have external DNS such as 8.8.8.8, 8.8.4.4 client may attempt to resolve domain from external DNS but client cannot access to the internet affect to captive portal would not show automatic You can solve this problem by use internal DNS or use LAN IP of pfsense   Step As Video

WAN loadbalance is bundles bandwidth of all WAN. It is not increase speed of internet but it balance 2 internet from WAN. Assume, 1 WAN is 1 lane road ,2 WAN are 2 lane road. WAN loadbalance allow traffic on both lane rode. It can support more than car on a road but it cannot increase speed of car. Fail over is function to swap internet between WAN if WAN 1 down fail over will swap all traffic  to WAN 2. Client can continue to access the internet. Step As Video  

Basic installation and configuration pfsense2.4.2 64bits on VMware. Step As Video   

DHCP server can distribute static IP address to client by using MAC address device but static IP should not duplicate with IP pool on DHCP server. This feature may help you for easy to manage IP address in your organization. Step as Video 

Redirect website feature can bundle with captive portal feature. You can specific website that user must redirect after authen on captive portal such as Intranet website, search engine website , webmail and company website. Redirect website feature can help comfortable more for user to access frequency website automatically Step as Video

When client want bypass authentication for access to the internet but you cannot get MAC address of each client Another solution you can bypass by using client's IP address because you get client's IP address on DCHP server Step as Video

When you enable feature captive portal that force client must authenticate before access to the internet but you want to exempt some client such as VIP, Admin, Board, President. You can exempt captive portal for them by add MAC address device to captive portal configuration Step as Video

You can use DHCP server to distribute IP address to your client. When client plug-in network and not config static IP address a DHCP server will distribute IP address to client. If client have an IP address client will access to your network such as Internet, RDP, File sharing or etc. I have a video to show "How to enable DHCP server on pfsense"  Step as Video

If you need exempt distribute some IP in subnet or distribute many IP range. You should be use IP pool feature because you can created many IP range on one interface but IP range must is in subnet of network interface. Example LAN interface IP: 172.16.0.1/24 Available IP pool range: 172.16.0.2 - 172.16.0.254 Unavailable IP pool range: Exempt! 172.16.0.2 - 172.16.0.254 Amount IP pool: Many Step as Video

When client need to access the internet. First step you enable captive portal feature.Client must be authentication on captive portal and check authorization for  access into the internet You can use feature of captive portal for control user such as Upload/Download bandwidth. Bypass device from captive portal(use MAC address). Create voucher. Redirect URL after authentication. Do not login duplicate.  You can use captive portal on hotspot solution or control internet usage on your organization. Step as Video