1. Download pfSense:
   • Go to the pfSense website (https://www.pfsense.org/download/) and download the appropriate installation image for your hardware. Choose between the Community Edition (CE) or pfSense Plus.
2. Create Installation Media:
   • Burn the downloaded image to a CD/DVD or create a bootable USB drive using software like Rufus (for Windows) or dd (for Linux).
3. Boot from Installation Media:
   • Insert the installation media into the computer where you want to install pfSense and boot from it. You may need to change the boot order in the BIOS settings.
4. Install pfSense:
   • Follow the on-screen instructions to install pfSense. You’ll be asked to select the installation mode (e.g., Quick/Easy Install, Custom Install), configure network interfaces, set up disk partitions, and create an admin password.
5. Reboot:
   • Once the installation is complete, remove the installation media and reboot the computer.

Configuration:

1. Initial Setup:
   • After rebooting, pfSense will start up and present you with a console menu.
   • Use the keyboard to select ‘1’ to boot pfSense in multi-user mode.
2. Access the Web Interface:
   • Open a web browser on a computer connected to the same network as pfSense.
   • Enter the IP address of the pfSense firewall in the address bar (default is 192.168.1.1).
   • Log in with the username ‘admin’ and the password you set during installation.
3. Initial Configuration Wizard:
   • The first time you access the web interface, you’ll be guided through the initial configuration wizard.
   • Set the WAN and LAN interfaces, configure the LAN IP address, set the time zone, and configure the admin password.
4. Configure Interfaces:
   • Navigate to ‘Interfaces’ in the web interface to configure additional interfaces if needed (e.g., DMZ, OPT interfaces). Assign interfaces and configure IP addresses.
5. Firewall Rules:
   • Set up firewall rules under ‘Firewall’ > ‘Rules’ to allow or block traffic between interfaces. Configure rules for the WAN, LAN, and any additional interfaces.
6. NAT (Network Address Translation):
   • Configure NAT rules under ‘Firewall’ > ‘NAT’ to translate private IP addresses to public IP addresses. Set up Port Forwarding, 1:1 NAT, or Outbound NAT rules as needed.
7. DHCP Server:
   • If you want pfSense to act as a DHCP server, configure DHCP settings under ‘Services’ > ‘DHCP Server’. Set up the range of IP addresses to lease, DNS servers, and other DHCP options.
8. VPN:
   • Set up VPN connections (e.g., OpenVPN, IPsec) under ‘VPN’ > ‘IPsec’ or ‘OpenVPN’. Configure VPN settings, certificates, and user authentication.
9. Packages:
   • Install additional packages for extra functionality under ‘System’ > ‘Package Manager’. Popular packages include Snort (for Intrusion Detection/Prevention), Squid (for web caching), and HAProxy (for load balancing).
10. Save Configuration:
    • Click on ‘Apply Changes’ to save your configuration.
11. Final Steps:
    • Test your configuration to ensure everything is working as expected.
    • Consider setting up backups of your pfSense configuration under ‘Diagnostics’ > ‘Backup & Restore’.

1. Using cron:

The cron method is convenient for running commands or scripts at startup. The @reboot directive in the crontab allows you to specify tasks to be run when the system starts.

Open the crontab file

crontab -e

Add the following line:

@reboot /path/to/your/script.sh

Save and exit the editor. This ensures that your script will run each time the system reboots.

2. Using rc.local:

The /etc/rc.local file is traditionally used to run commands at the end of the system boot process.

Open the rc.local file

sudo nano /etc/rc.local

Add your command or script just before the exit 0 line:

/path/to/your/script.sh

Save and exit. Make sure the file is executable:

sudo chmod +x /etc/rc.local

This method may not be available on all distributions, as some are moving away from using rc.local in favor of systemd.

3. Using systemd:

Systemd is a modern init system used by many Linux distributions. You can create a systemd service to execute your script at startup.

Create a new service file, for example, /etc/systemd/system/myscript.service:

[Unit]
Description=My Startup Script

[Service]
ExecStart=/path/to/your/script.sh

[Install]
WantedBy=default.target

Reload systemd and enable/start the service:

sudo systemctl daemon-reload
sudo systemctl enable myscript.service
sudo systemctl start myscript.service

This method provides more control and flexibility and is widely used in modern Linux distributions.

4. Using ~/.bashrc or ~/.bash_profile (for user-specific commands):

If you want a command or script to run when a specific user logs in, you can add it to the ~/.bashrc or ~/.bash_profile file.

Open the .bashrc file

nano ~/.bashrc

Add your command or script at the end of the file:

/path/to/your/script.sh

Save and exit the editor. This method is user-specific and will run the script when the user logs in.

Remember to replace /path/to/your/script.sh with the actual path to your script or command in each case. The appropriate method may vary depending on your distribution and system configuration.

Unboxing:

1. Inspect the Package:
   • Open the shipping box and check for the following components:
     • FortiGate 80F unit
     • Power adapter
     • Ethernet cables
     • Mounting hardware (if applicable)
     • Documentation and setup guide
2. Connectivity:
   • Identify the WAN (Wide Area Network), LAN (Local Area Network), and DMZ (Demilitarized Zone) ports on the FortiGate 80F.
   • Connect the appropriate network cables to these ports based on your network architecture.
3. Power On:
   • Connect the power adapter to the FortiGate 80F and plug it into a power source.
   • Power on the device and wait for it to complete the boot-up process. You can monitor the status using the indicator lights on the unit.

Initial Configuration:

1. Access Web Interface:
   • Open a web browser and enter the default IP address of the FortiGate 80F (e.g., https://192.168.1.99).
   • Log in using the default credentials (usually “admin” for both username and password).
2. Initial Setup Wizard:
   • Follow the prompts of the setup wizard to configure basic settings:
     • Set the system name and administrator password.
     • Configure the time zone and date/time settings.
3. Network Configuration:
   • Set up the WAN and LAN interfaces:
     • Assign IP addresses to the interfaces.
     • Define DHCP settings if applicable.
     • Configure any additional interfaces based on your network design.
4. Security Policies:
   • Define security policies to control traffic flow. This includes inbound and outbound rules based on source, destination, and services.
   • Implement firewall rules, NAT (Network Address Translation), and security profiles (antivirus, intrusion prevention, etc.).
5. Update Firmware:
   • Check for firmware updates in the web interface.
   • Download and apply the latest firmware to ensure security patches and feature enhancements.
6. VPN Configuration (Optional):
   • If your organization requires VPN connectivity, configure VPN settings:
     • Set up IPsec or SSL VPN tunnels.
     • Define VPN users and access policies.
7. Monitoring and Logging:
   • Configure logging settings to capture events and monitor network activity.
   • Set up alerts for critical events.
8. User Authentication (Optional):
   • If applicable, configure user authentication:
     • Integrate with LDAP or RADIUS for centralized user management.
     • Implement two-factor authentication for additional security.
9. Wireless Configuration (Optional):
   • If the FortiGate 80F has wireless capabilities, configure wireless settings, including SSID, security protocols, and access controls.
10. Testing:
    • Perform thorough testing to ensure that the firewall is functioning as expected.
    • Test internet access, VPN connections, and the enforcement of security policies.