44).pdf30 3 3.1 ˘ˇˆ˘ˇˆ ˙ ˇ˝˛ ˚ ˇˇ ˜ˆ !"˙ˇ ˘˘ ˜ˇ˝ #" ˜˝ ˇ˙ ˘ˇ% ˇ˙ ˇ & ˆ ˘ '()*" + ˇ˜

30

�� 3

��

3.1 ��

�� !�"��#�"

�� % �� &��'()*"�+ �� '() #�� &�� ,��

��%��-�� .� /..0��+ ��1�*�*�"+��#2 ��

"%��3�.��14��#�"��-�"� %��3��"#��%"��"#��#��" '�� /..0��

*� ��#�"�%��(��)��(��-�" 4�� 5�1+�"��1#��'() 14��+��'()1+��#��-�

� %��3��"#��#��"��#-��,��0��"#��1��,�� .��,�� /6�� &�

��'()1+��#�� -��)��#��+3 .��.�14��#�"�� '()1+��#�� -��)��

��,��3�� 1#��1�� #-��,��&��'()��3�7��#��3�� -��,14�

�� log file (�� .�.�. 92550 ��14� ��(��.-�� &��'() ��(#�� =��

��14��%��(#��+ ��1#��1+��( (#��

�� .� �%��(��)��(��-�� 5��-#��*"

��#��1��%��(��)��(��.� * �� Internet Explorer ��&� search

Engine �� *"�#��1�� www.google.co.th *"�&��4��+3 Internet, Pf Sense

firewall, �� !�"��#�" �� 14� ��1+� �#��

��(�� 1+��,��.��4��1+��14� ��+"��+"��%��)��.�14�

�� -��*��

3.2 ��

�� !�"#$%&'()�*$+,�-.+)/-�0.'!�+12(345)267(1"%282(�9-�:�+,�-.+)/-�0.�� $(� ;<(�!'3(�

;=( !�'()>?'@( +3A/')B(A)!C +3A/')B(A-+'*� 6)D+4%$4.2',�'()EDF+G(1.2(3H -5DI+�6$%&A8(%�7+#B!1

��'()-G$(*%-80 "E./479'()-G$(=?3G$+%J7E?I3��)9682(3'()-G$(*%-80 "E./-)("%2;(%()=)J$"#$82(-�DF+6(

G$+%J7G+3-80 "E./ �9-�:�-�DF+6(G$+%J�)9-BK�# LJ$5!M�(�?3"#$��<( Pf Sense firewall %(�*$��'()A!#')+3

31

G$+%J7G+3-80 "E./ -5DI+-5,I%A8(%)8#-)08��'()-G$(=?3G$+%J7.(%K&I.$+3'()"#$ LJ$5!M�(�?3"#$�<(O�)4')%

PfSense firewall %(K<('()5!M�()9 -A)D+G2(1 K&I%&A�P;% !.,��'(A!#')+3-80 "E./ 479'()log file -5DI+

A8 A�%'()'()K2+3-80 "E./K&I"%2-6%(9;% 479;(%()=.)8�-*0A'()-G$(-80 "E./B(1�+'+3A/')"#$-�:�

+12(3#&479%&�)9;,KQ,B(5 479�+'�('�&F1!3;(%()=*281�6$'()-)&1'-80 "E./K&I-A1-G$(=?3%('2+�K<("#$

)8#-)081,I3G?F� -�DI+3�('%&G$+%J7 (3;28�G+3-80 -5� 479*281�6$'()-G$(=?3G$+%J7"#$+12(3�7+#B!1 -5)(9%&

Pfsense firewall -�:�.!8A!#)+3-80 "E./K&I"%25?3�)9;3A/

3.2.1) �� !� "��!#��$%��#� %�&

3.2.1.1) Hardware

) PC/Notebook Computer .4�� 2 ��

�) CPU 700 MHz ��3�

�) Switch 10/100 .4�� 1 &0

�) Hard Disk 2 GB ��3�

.) LAN Card 2 (��3�

3.2.1.2) Software

) �� >%��(% �� Pf Sense firewall

� ) �� >%��(% �� Windows XP 3.3 ��'()"��

3.3.1) G!F�.+�'().,#.!F3O�)4')% PfSense firewall -),I%.$��(''() Boot -A)DI+3�('

CD- Rom

*�'�� 3-1 4;#3 B(5�(''() Boot -A)DI+3 �(' Cd-Rom

32

3.3.2) �95 6�$(�+4;#3 Logo

*�'�� 3-2 4;#3 6�$(�+ lcgo

3.3.3) -%DI+=?36�$(�&FK<('()'#��j% N

*�'�� 3-3 4;#3 '()'#��j% N

3.3.4 ) �6$'<(6�#*DI+G+3 LAN Card E?I3��)J�-)(%& 3 LAN Card AD+ lnc0 ( LAN) lnc1 (WAN) 479 lnc2(OPT1)

*�'�� 3-4 4;#3 '()'<(6�#*DI+47�'()/#

33

3.3.5) 67!'�('�!F��95 6�$(�+4;#3 *DI+G+3 LAN Card K&I-)('<(6�#"�47$8 .2+�('�!F�

�� Y ��4��%� ��3�(#�

�� 3-5 �-�&�� )

3.3.6) �6$�;2 99 -5DI+-),I%K<('().,#.!F3

�� 3-6 �-� ��%��14� ��(%(�3� 3.3.7) �6$-7D+'K&I Accept these settings (-)(�9�*$A2( default G+3 pfsense �?3-7D+' accept "#$

�� 3-7 �-� Accept these settings

34

3.3.8) �� Install pfSense ��%�� Install

�� 3-8 �-� ��%�� Install

3.3.9) -7D+' Harddsik K&I.$+3'().,#.!F3 (da0-Primary IDE)

*�'�� 3-9 4;#3 '() Harddsik K&I-)(.$+3'().,#.!F3

3.3.10 ) -7D+' Format this disk -5DI+K<('() Format Harddisk)

*�'�� 3-10 4;#3'() Format Harddisk

3.3.11) 4;#3G�(#G+3 Harddisk 82(=J'.$+36)D+"%2 =$("%2%&+9")L,#�6$-7D+' Use this Geometry

35

�� 3-11 �-� �� Harddisk �#�,� (��#

3.3.12 ) �('�!F�1D�1!�'() Format Hardisk

*�'�� 3-12 4;#3 1D�1!�'() Format Hardisk

3.3.13) -7D+' Partition Disk

*�'�� 3-13 4;#3'()-7D+' Partition Disk

36

3.3.14 ) -7D+' Accept and create -5DI+K<('();)$(3 Partition G?F�%(�6%2

�� 3-14 �-� ��-�� Partition ��3��#

3.3.15) 1D�1!�'() ;)$(3 Partition

�� 3-15 �-�"��"�� -�� Partition

3.3.16 ) ,��#�+��%��.��.��+3

�� 3-16 �-� ��#�+��%��

3.3.17) '#K&I accept -5DI+;)$(3 bootblock

�� 3-17 �-� ��-�� bootblock

37

3.3.18 ) -7D+' Primary Partition -5DI+73 pfsense

�� 3-18 �-� ��-�� Primary Partition

3.3.19) 1D�1!�'().,#.!F3 67!3�('�&FG$+%J7�� Harddisk �96(16%#

�� 3-19 �-� ��(%(�3� ��.� �+3�� Harddisk

3.3.20) '() format -;)0�47$8

�� 3-20 �-� �� format �-��.��

3.3.21) G!F�.+��&F-�:�'()4 23 Partition ��)9 FreeBSD E?I3'<(6�#%(�6$47$8 ;(%()=

K<(.(%"#$-71

38

�� 3-21 �-� �� #� Partition �� FreeBSD

3.3.22) G!F�.+�.2+"� )9 �9 install �6$)+��A) 100 %

�� 3-22 �-� �� install

3.3.23) -%DI+)+��A) 100 % 47$8 �9.$+3K<('() Boot -A)DI+3

�� 3-23 �-� �� Boot ��

39

3.4 �� Config Pfsense

3.4.1) �6$-)(-)&1'�*$3(��6$-)(-�w# IE -A)DI+37J'G2(1G+3-)(47$8-)&1' http://192.168.1.1

�('�!F��6$-)(�;2 User : admin Pass : pfsense '0�95 6�$(67!' #!3)J�

�� 4-1 �-� �� B�&�� Pfsense firewall

3.4.2 ) '<(6�# Homename, Domain 479 DNS

�� 4-2 �-��14� ��'()'<(6�# Homename, Domain 479 DNS

3.4.3) �6$'<(6�# Time Zone-�:� Asia/Bangkok

�� 4-3 �-� ��'<(6�# Time Zone

40

3.4.4) �6$-)('<(6�# IPAddress 479 Gateway G+3-;$� WAN

�� 4-4 �-� ��'<(6�# IP Address G+3 WAN

3.4.5) �6$-)('<(6�# IPAddress G+3-;$� LAN

�� 4-5 �-� ��'<(6�# IP Address G+3 LAN

3.4.6) '()'<(6�#Password G+3 admin �6%2

�� 4-6 ��'<(6�# Password �� Admin 3.4.7) �6$A7,'K&I��j% Reload -5DI+-),I%'()K<(3(��6%2

41

*�'�� 4-7 4;#3'() Reload

3.4.8) ,��#�+��% (%.��.��.��+3

*�'�� 4-8 4;#36�$(�+"%2%&+9")L,#57(#

3.4.9) (#�.� ��3��%��) http://192.168.1.1 ��-# User Name : admin Password : (1+��(�3� ��#) .��-�#��.� (%��.� 4�� IP Address ��-�� Internet *" ��% 1+� �� Interface + OPT1 '��(��&��#.� OPT1� 5� Internet �� Type � 5� Static

*�'�� 4-9 4;#36�$(�+'().!F3A2( Interface

3.4.10) 1+��.� OPT1 ��3�� 4��#� IP �� Gateway ��,� (�� Enable

Optional 1 interface

42

*�'�� 4-10 4;#3'()'<(6�#A2( IP 479 Gateway

3.4.11) 4�� NAT 1�3�2 -�" *" ��% 1+� �� Firewall + NAT ��% 1+� outbound

��(%E 1+� Enable Advanced outbound NAT �� SAVE .��

�� 4-11 �-� �� 4��#� NAT

3.4.12) -)(�9K<( NAT G+3;(1 Internet O#1'() A7,'K&I -5,I% ()J�-A)DI+36%(1 8')

3.4.13) �6$-)(�;2A2(.(%)J� AD+�;2 NetNumber G+3 192.168.1.0

�� 4-12 �-� �� 4��#� IP �� NAT

43

3.4.14) ��% 1+� Apply Changes

�� 4-14 �-� ��% �� 1+� Apply Changes

3.4.15) -)(�9"#$'()K<( NAT K!F3;+3-;$� #!3)J�

�� 4-15 �-� ��% �� 1+� NAT

3.4.16 ) ��(�3� Rule ��" ��14�� Net + Game ��.(�� +3 ��&�� port 80 (http://) port 21(ftp://) �� port 443 (https://) �� 1+� Gateway 192.168.10.1 (�%��(��)��() �� .� ��3�� 1+� 192.168.20.1 ( WAN) ��% 1+�� Firewall + Rules + LAN ��% 1+� Add ( ��"�� )

�� 4-16 �-� ��(�3� Rule

44

3.4.17) '().!F3 Rule G+3 port 8080 �6$4'$.(%)J�

�� 4-17 �-� ��(�3� Rule �� port 8080 3.4.18 ) ��(�3� Rule �� port 21 (Ftp) �� (��

�� 4-18 �-� �� Gateway �� 5� 192.168.10.1 (Internet)

3.4.19) ��14� ��(�3��#� Rule �� https:// ��" ��14� ��"��" rule �� ftp ,http ,https ��

�� LAN ��

�� 4-19 ��"��" rule �� ftp ,http ,https �� LAN

45

3.5 �� PFSENSE

3.5.1) '()-)&1'�*$3(��6$-�w# IE -A)DI+37J'G2(147$8-)&1' http://IPAddress -*2� http://192.168.1.1

�('�!F��6$�;2 username : admin Password: K&I.!F3"8$ '0�95 6�$(�+67!' #!3)J�

*�'�� 5-1 4;#3'() +';=(�9G+3)9 (System Information)

3.5.2 ) -,�� LAN Card �&�� #� LAN Card �#�14��"�#��# 14�*" ��% 1+� �� status+ Interfaces .��.� ��

*�'�� 5-2 '().)8�;+ ;=(�9G+3 LAN Card

3.6 �� Log File

3.6.1 �&�� Log File 14�*" ��% 1+� �� Diagnostics+System logs .��.� ��

�� 6-1 �� Log File

46

3.7 �� (AddOn)

3.7.1 ) �6$A7,'K&I -%�J System + Packages �95 package K&I;(%()=.,#.!F3-5,I%"#$

�� 7-1 ��(%(�3� Packages

3.7.2) ��(%(�3�* �� -�%�� squid

�� 7-2 ��(%(�3� Squid

3.7.3) ��% 1+� Add ( ��"�� ) ��% 1+� 0K� OK .��%�� (%(�3�* ��

�� 7-3 �-� ��%�� (%(�3�

47

3.8 � �!�� (Uninstall-AddOn)

3.8.1) ��% 1+� �� System + Packages + Installer Packages .�� package 1+�-��,(%(�3� ��

�� 8-1 �-� ��" ��% ��(%(�3� Packages 3.8.2 ) �� % 1+� Remove

3.8.3 ) ��% 1+� # 0K� OK .��%�� ,�� (%(�3�* ��

�� 8-1 �-� ��%�� " ��% Packages

Documents

44).pdf30 3 3.1 ˘ˇˆ˘ˇˆ ˙ ˇ˝˛ ˚ ˇˇ ˜ˆ !"˙ˇ ˘˘ ˜ˇ˝ #" ˜˝ ˇ˙ ˘ˇ% ˇ˙ ˇ & ˆ ˘ '()*" + ˇ˜