Hacom pfSense Setup and Configuration

PfSense (http://www.pfsense.org/) is a complete, embedded firewall software package that provides all the important
features of commercial firewall boxes (including ease of use). Please refer to the on-line Quick-Start Guide and the
Deployment Guide for additional information beyond the scope of this document.

On-Line Documentation
● The M0n0 Users Manual (http://m0n0.ch/wall/docbook/)
● M0n0wall Quick Start Guide (http://m0n0.ch/wall/quickstart/)
● pfSense FAQ (http://faq.pfsense.com/)
● pfSense tutorial (http://www.pfsense.com/index.php?id=36)
● Hacom pfSense Quick-Start Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense
%20Quick-Start%20Guide.pdf)
● Hacom pfSense Deployment Guide (http://www.hacom.net/catalog/pub/pfsense/Hacom%20pfSense
%20Deployment%20Guide.pdf)

Requirements to Access to pfSense's Console.

You will need a keyboard and a monitor to access the console of Hacom's pfSense. Serial console is available on certain
models.

Input/Output Phoenix Mercury Mars

Systemboard ES466B CV700A CV700A CV763A CI852A
Monitor VGA
Keyboard USB USB or PS/2
Optional
(Required
Optional
Serial Console hardware
(Required a serial-console enabled BIOS update)
modification at
factory!)

Setup Using pfSense Console

When the system is booted up, a Grub screen is shown. There is a five (5) seconds delay for user to access Grub directly. At
the first boot up, pfSense was not configured. User will see a setup screen asking for network interface configuration.
Follow the direction on the screen to set up and to configure at least the first two (2) interfaces: LAN and WAN.
Hacom systems typically have at least three (3) network interfaces. Depending on the systems, they are typically based on
the Realtek chipset and will be detected by pfSense as:
rl0: first Realtek 10M/100M Ethernet adapter
rl1: second Realtek 10M/100M Ethernet adapter
rl2: third Realtek 10M/100M Ethernet adapter
rl4: (optional) fourth Realtek 10M/100M Ethernet adapter
For the Intel Gigabit Ethernet systems, pfSense will detect the following network interfaces, instead:
em0: first Intel Gigabit 10M/100M/1G Ethernet adapter
em1: second Intel Gigabit 10M/100M/1G Ethernet adapter
em2: third Intel Gigabit 10M/100M/1G Ethernet adapter
em3: (optional) fourth Intel Gigabit 10M/100M/1G Ethernet adapter
Once the network interfaces are set up, pfSense is ready and the console menu is shown as in the following.
Web Administration
The web administration is accessible through the LAN IP. For example, if the LAN IP is 192.168.1.1, go to
http://192.168.1.1/. By default, username is “admin”, password is “pfsense”.

Firmware Update
There are several ways to update the firmware.
1. For Hacom systems prior to pfSense version 1.2.1, it is recommended: (a) to back up the configuration, (b) to flash
the new firmware., and (c) to restore the configuration.
2. Starting from version 1.2.1, firmware can be updated reliably on-line.
Important notes:
● Hacom pfSense systems are based on the full firmware, including headless systems. When updating the firmware,
use the full-update version. The “embedded” version will disable the display and keyboard access to the console.
● The compact flash (CF) based systems require the platform information to be changed from “embedded” to
“pfSense” before the updating process. It should be changed back to “embedded” after the update.
● The DOM based platforms are “pfSense” and ready to use just like a solid state drive.

Maximum Firewall States

It is recommended to change the maximum firewall state from the default 10,000 to at least 100,000 for systems with
256MB RAM memory, or 200,000 for systems with more than 512MB RAM, or 400,000 for systems with more than 1GB
RAM. Each state uses about 1k of RAM memory.
Sometimes, the maximum number of firewall states is also referred as maximum number of concurrent connections.
From the Web Administration, go to System → Advanced, and scroll all the way to the bottom to see the option.

Technical Support Contact

If there are any questions, please contact us at support@hacom.net or 714-564-9932.