Hacom pfSense Setup and ConfigurationPfSense (http://www.pfsense.org/) is a complete, embedded firewall software package that provides all the important features of commercial firewall boxes (including ease of use). Please refer to the on-line Quick-Start Guide and the Deployment Guide for additional information beyond the scope of this document.

On-Line Documentation

● The M0n0 Users Manual (http://m0n0.ch/wall/docbook/)● M0n0wall Quick Start Guide (http://m0n0.ch/wall/quickstart/)● pfSense FAQ (http://faq.pfsense.com/)● pfSense tutorial (http://www.pfsense.com/index.php?id=36)● Hacom pfSense Quick-Start Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense

%20Quick-Start%20Guide.pdf)● Hacom pfSense Deployment Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense

%20Deployment%20Guide.pdf)

Requirements to Access to pfSense's Console.

You will need a keyboard and a monitor to access the console of Hacom's pfSense. Serial console is available on certain models.

Input/Output Phoenix Mercury Mars

Systemboard ES466B CV700A CV700A CV763A CI852A

Monitor VGA

Keyboard USB USB or PS/2

Serial Console

Optional(Required hardware

modification at factory!)

Optional(Required a serial-console enabled BIOS update)

Setup Using pfSense Console

When the system is booted up, a Grub screen is shown. There is a five (5) seconds delay for user to access Grub directly. At the first boot up, pfSense was not configured. User will see a setup screen asking for network interface configuration. Follow the direction on the screen to set up and to configure at least the first two (2) interfaces: LAN and WAN.

Hacom systems typically have at least three (3) network interfaces. Depending on the systems, they are typically based on the Realtek chipset and will be detected by pfSense as:

rl0: first Realtek 10M/100M Ethernet adapter

rl1: second Realtek 10M/100M Ethernet adapter

rl2: third Realtek 10M/100M Ethernet adapter

rl4: (optional) fourth Realtek 10M/100M Ethernet adapter

For the Intel Gigabit Ethernet systems, pfSense will detect the following network interfaces, instead:

em0: first Intel Gigabit 10M/100M/1G Ethernet adapter

em1: second Intel Gigabit 10M/100M/1G Ethernet adapter

em2: third Intel Gigabit 10M/100M/1G Ethernet adapter

em3: (optional) fourth Intel Gigabit 10M/100M/1G Ethernet adapter

Once the network interfaces are set up, pfSense is ready and the console menu is shown as in the following.

Web Administration

The web administration is accessible through the LAN IP. For example, if the LAN IP is 192.168.1.1, go to http://192.168.1.1/. By default, username is “admin”, password is “pfsense”.

Firmware Update

There are several ways to update the firmware.

1. For Hacom systems prior to pfSense version 1.2.1, it is recommended: (a) to back up the configuration, (b) to flash the new firmware., and (c) to restore the configuration.

2. Starting from version 1.2.1, firmware can be updated reliably on-line.

Important notes:

● Hacom pfSense systems are based on the full firmware, including headless systems. When updating the firmware, use the full-update version. The “embedded” version will disable the display and keyboard access to the console.

● The compact flash (CF) based systems require the platform information to be changed from “embedded” to “pfSense” before the updating process. It should be changed back to “embedded” after the update.

● The DOM based platforms are “pfSense” and ready to use just like a solid state drive.

Maximum Firewall States

It is recommended to change the maximum firewall state from the default 10,000 to at least 100,000 for systems with 256MB RAM memory, or 200,000 for systems with more than 512MB RAM, or 400,000 for systems with more than 1GB RAM. Each state uses about 1k of RAM memory.

Sometimes, the maximum number of firewall states is also referred as maximum number of concurrent connections.

From the Web Administration, go to System → Advanced, and scroll all the way to the bottom to see the option.

Technical Support Contact

If there are any questions, please contact us at support@hacom.net or 714-564-9932.