Why Web Filter
Nowadays, it is common to setup a Web filter to effectively filter out harmful websites from being visited. Aside from the usual use of web filter as a parental control, a good web filter can also protect your network and your devices whenever you are browsing.
If you are using pfSense in your network, a web filter can be easily setup using OpenDNS.
OpenDNS is a service that extends DNS by adding extra features like phishing protection and content filtering.
Setting up webfilter using OpenDNS
It is easy to setup your own web filter, even at home, using pfSense. In case you haven’t installed PFsense yet, you can check out this tutorial here: https://www.pandoralabs.net/pfsense-tutorial-part-1/
- First register an account in OpenDNS.
Once registered, configure the settings of your OpenDNS account. Add the public IP address of your network.
2. Input a network name. Remember the name you’re inputting here, you will use it later when configuring the OpenDNS as the Dynamic DNS in pfSense.
3. Customize the Web Content Filtering level per public IP that you input. You can input the domains individually or use the default filtering of OpenDNS.
4. The block page is configurable. You can set a custom message that will appear whenever an end user attempts to access a blocked website.
Once you have configured your OpenDNS account, next is your pfSense.
Configuring pfSense to use OpenDNS
5. Login to your prSense admin account and go to Services > Dynamic DNS. Add a new entry.
Configure the following entries:
- Set the Service type to OpenDNS.
- Set the Hostname to the name you have previously assigned for your network. In our case, we set it to ‘home’.
- Set the Username and Password to your OpenDNS account.
- Don’t forget to save the configuration
6. After setting up the Dynamic DNS client. Go to System > General Settings and set the DNS to 126.96.36.199 and 188.8.131.52. These are the Name DNS server of OpenDNS. Do not forget to save the changes you have made by pressing the save button at the bottom of the page.
7. It is also important to configure the DHCP Server. Go to Services>DHCP server. Set the DNS servers to the same IP address we have inputted in the General Settings. Again do not forget to save the changes.
8. Once configured, you can check www.opendns.com/setupguide to determine whether if the configurations made were correct. Click the ‘Test Your settings’ on the right of the page. If your configuration is correct, this will appear on the right side of the website.
Testing out the Web Filtering
Time to test out the web filtering capabilities of OpenDNS. On your browser, visit a website that you have blocked in your OpenDNS account. If you have not setup a message for a blocked page, the blocked website will appear like this:
On the other hand, if you have setup a message for a blocked website, it will look like this:
In conclusion, effective web filtering doesn’t need to be hard to configure. Being able to setup a decent web filter together with the pfSense can make your network more secure from possible phishing and malware infection.