Each device has its own TLS cert and the free radius validates their mac address before letting them on the network, I’ve covered how to do that here.
PFSense comes with a certificate authority so you can create the client certificates in the UI and you just need your common name to be the same as the username in the free radius configuration, you can do all of this through the UI, super easy.
I like the signal provided by the AP-LR, it isn’t all that overkill given my house is reasonably big and we have a shed in the back garden where my housemates smoke and watch Netflix so it works out well.
I did have one bad update to the device but they fixed it pretty quickly and rolling back required asking for a previous image which sucked but it wasn’t too time-consuming. I’m not a hardware expert so I didn’t try to build my own PFSense which I occasionally feel regret over but the support provided by Netgate is really handy. Ubiquiti UniFi US-8 PoE: Switch with one PoE out port.TP-Link TL-PA7017P: Passthrough Powerline adapters with encryption.Here is a description of my setup warts and all, and some of the things I couldn’t get working. I decided I wanted to secure my home network so I decided to go as extreme as possible without the major inconvenience and while it was frustrating at times it was also a lot of fun. Securing my home network with PFSense - Eva Lacy Home Subscribe Securing my home network with PFSense
0 kommentar(er)
