You NEED to learn about FIREWALLS!

Thank you for putting these tutorials together. Very helpful given how esoteric pfSense can be.

sorry but my OPT 1 OPT2 has still no internet... hardware problem?

Does pfsense come with Deep Packet Inspection by default?

You can actually just setup a trunked uplink and virtual interfaces for VLANs and only use 1 port. Using the OPT aka OPTIONAL ports are better suited to manage additional switches, for those of us that have over-provisioned switches.

Great video though!

Just to make sure, when adding a second router is it's address 137.3 or 138.2

Am I missing something?
If my LAN devices can not access my OPT1 network, then how can I watch movies on my NAS or backup files from my notebook to my NAS?

Great video ... AND made me smile 😊

Good, simple and clear vid. But I'd say the only thing that is not communicated here is that anything on your "untrusted" network which. while it may be blocked from your regular LAN, or whatever you configured, the devices on that network will not only be able to talk to the internet, but will also be able to talk to the other devices on that network as well.

So while you can protect your regular computers on your trusted LAN network from these less trustworthy IoT devices, but this won't protect and isolate one IoT device from any other IoT device on that same network.

Great tutorial...but the management GUI is still accessible on the dangerous network. Can you explain how to make the management gui only available on the trusted network?

There's always a way around these things. You only need one slightly more creative device to bypass it and compromise your whole network.

Better to copy the idea and roll your own. Arduinos and SBCs are ubiquitous at this point. IoT is not worth the risk.

Most attacks are not prevented by simply adding a firewall now. They maybe could be stopped in the early 90s, but the way systems are attacked and people get in to networks and whole systems has changed. It can be anything from text, email, social engineering, misuse of credentials, faults in software, old software in use, people being careless etc.
It is the same for antivirus now, it doesn't stop attacks that often. We have all moved on and attackers are always finding new ways to exploit entire networks and systems. Home users are most at risk from pirated software with backdoors, Windows exploits, also opening attachments and running files or giving remote access. Some will even follow instructions to "temporarily disable antivirus to prevent false positives" !
A firewall can help, but what is the Protectli Vault or Firewalla Purple or Gold doing that your home router or computer protection is not. Has anyone done a test side by side?

I am tempted to buy the Protectli Vault as it has 2.5Gbps ports, unlike the Mikrotik that limits throughput to 100Mbps - which is useless for most users today. The £320 puts me right off I must admit, but I will still probably buy one.
What I do want to ask is what the router firewall I have is actually doing? Many reports I used to get were those that got past the various WiFi router firewalls I had. I was always getting alerts stating that I had attackers, ZoneAlarm used to be always alerting me.
Was it a fake alert or was every one of my WiFi routers supplied by ISPs and now an expensive one absolutely useless?

I love it that you are bringing PFsense to the common people !

What video do I need to watch to set up PFsense? I'm so confused, I've watched 5 different videos and each time it says go to this other video and it still doesn't explain what to do!

What if my ISP is providing me an integrated modem/router and so I dont have my own separate router? Can I still use a PFsense device?

So I got to the step to copy allow rule to both OPT1 and OPT2, however after testing it, I cannot traffic between LAN and OPT1 and OPT2. I have not setup any block rule yet, am I missing something? I can ping the IP address but cannot access devices across.

I watch my firewall carefully.
But I control IoT much more simply. Won't suffer it in my home. And no Alexa, etc, either.
It took several 1000 years to reach the convenience of switches and buttons. When did we become too idle even for those?

great! love it! tnx!