Initial Configuration

Plug the power cable into the power port (shown in the Input and Output Ports section) to turn on the Netgate® Firewall. Allow 4 or 5 minutes to boot up completely.

Warning

If the ISP Customer Premise Equipment (CPE) on WAN (e.g. Fiber or Cable Router) has a default IP Address of 192.168.1.1, disconnect the Ethernet cable from the WAN port on the Netgate 2100 Security Gateway before proceeding.

Change the default LAN IP Address of the device during a later step in the configuration to avoid having conflicting subnets on the WAN and LAN.

Connecting to the Web Interface (GUI)

  1. From the computer, log into the web interface

    Open a web browser (Google Chrome in this example) and enter 192.168.1.1 in the address bar. Press Enter.

    ../_images/initial-01-browserurl.png

    Enter the default LAN IP address in the browser

  2. A warning message may appear. If this message or similar message is encountered, it is safe to proceed. Click the Advanced Button and then click Proceed to 192.168.1.1 (unsafe) to continue.

    ../_images/initial-02-certinvalid.png

    Example certificate warning message

  3. At the Sign In page, enter the default pfSense® Plus username and password and click Next.

    • Default Username: admin

    • Default Password: pfsense

The Setup Wizard

This section steps through each page of the Setup Wizard to perform the initial configuration of the firewall. The wizard collects information one page at a time but it does not make any changes to the firewall until the wizard is completed.

Tip

The wizard can be safely stopped at any time for those who wish to perform the configuration manually or restore an existing backup (Backup and Restore).

To stop the wizard, navigate away from the wizard pages by clicking the logo in the upper left of the page or by choosing an entry from one of the menus.

Note

Ignore the warning at the top of each wizard page about resetting the admin account password. One of the steps in the Setup Wizard is to change the default password, but the new password is not applied until the end of the wizard.

  1. Click Next to start the Setup Wizard.

    ../_images/initial-03-wizard-start.png

    Setup Wizard starting page

  2. Click Next after reading the information on Netgate Global Support.

  3. Use the following items as a guide to configure the options on the General Information page:

    Hostname

    Any desired hostname name can be entered to identify the firewall. For the purposes of this guide, the default hostname pfsense is used.

    Domain

    The domain name under which the firewall operates. The default home.arpa is used for the purposes of this tutorial.

    DNS Servers

    For purposes of this setup guide, use the Google public DNS servers (8.8.8.8 and 8.8.4.4).

    Note

    The firewall defaults to acting as a resolver and clients will not utilize these forwarding DNS servers. However, these servers give the firewall itself a way to ensure it has working DNS if resolving the default way does not work properly.

    ../_images/initial-04-wizard-general.png

    General Information page in the Setup Wizard

    Type in the DNS Server information and Click Next.

  4. Use the following information for the Time Server Information page:

    Time Server Hostname

    Use the default time server address. The default hostname is suitable for both IPv4 and IPv6 NTP clients.

    Timezone

    Select a geographically named time zone for the location of the firewall.

    For this guide, the Timezone will be set to America/Chicago for US Central time.

    ../_images/initial-05-wizard-time.png

    Time Server Information page in the Setup Wizard

    Change the Timezone and click Next.

  5. Use the following information for the Configure WAN Interface page:

    The WAN interface is the external (public) IP address the firewall will use to communicate with the Internet.

    DHCP is the default and is the most common type of WAN interface for home fiber and cable modems.

    Default settings for the other items on this page should be acceptable for normal home users.

    ../_images/initial-06-wizard-wan.png

    Configure WAN Interface page in the Setup Wizard

    Default settings should be acceptable. Click Next.

  6. Configuring LAN IP Address & Subnet Mask. The default LAN IP address of 192.168.1.1 and subnet mask of 24 is usually sufficient.

    Tip

    If the CPE on WAN (e.g. Fiber or Cable Modem) has a default IP Address of 192.168.1.1, the Ethernet cable should be disconnected from the WAN port on the Netgate 2100 Security Gateway before starting.

    Change the default LAN IP Address of the device during this step in the configuration to avoid having conflicting subnets on the WAN and LAN.

  7. Change the Admin Password. Enter the same new password in both fields.

  8. Click Reload to save the configuration.

  9. After a few seconds, a message will indicate the Setup Wizard has completed. To proceed to the pfSense® Plus dashboard, click Finish.

    Note

    This step of the wizard also contains several useful links to Netgate resources and methods of obtaining assistance with the product. Be sure to read through the items on this page before finishing the wizard.

Finishing Up

After completing or exiting the wizard, during the first time loading the Dashboard the firewall will display a notification modal dialog with the Copyright and Trademark Notices.

Read and click Accept to continue to the dashboard.

../_images/initial-07-copyright-trademark-notices.png

Copyright and Trademark Notices

If the Ethernet cable was unplugged at the beginning of this configuration, reconnect it to the WAN port now.

This completes the basic configuration for the Netgate appliance.