Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Netgate pfSense Plus Firewall/VPN/Router

Netgate | 24.11.0

Linux/Unix, FreeBSD 14 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

10 AWS reviews

External reviews

317 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    jstanley

Works well with AWS networking

  • March 16, 2019
  • Review verified by AWS Marketplace

I used the pfSense Netgate firewall/VPN/Router to help study for the AWS Advanced Network Specialty exam. Simple to set up, I used it to build VPNs w/BGP between two VPCs and a remote network using pfSense on two sides and a VGW in the middle. The latest version supports VTI interfaces so you can use route-based VPN instead of policy-based VPN. Without VTI interfaces you can set up a VPN but BGP doesn't work as expected. I had no problems setting up VTI interfaces in the VPN configuration, installing OpenBGPD, and routing traffic using CloudHub VPN and BGP to connect the two VPCs and my remote network together.

In my opinion, the pfSense firewall was easy to set up and the interface is fairly intuitive if you're familiar with networking and security. I've used the community edition for a while and the AWS version has the same look-and-feel. There's also a number of open source options that can be added to extend the functionality of the product.

I think the only downside is the pricing. I wish the t2.nano and t2.micro were both priced the same. The t2.nano is great for a trial run. However, if you install any options you'll probably want something larger than a t2.nano and that will create a significant price increase. Then again, Netgate's pricing seems to be much lower than comparable products in AWS marketplace so it looks like it cost less to run than other products with similar functionality.

I would recommend Netgate pfSense if you are looking for a low-cost stateful firewall that is built using open source software and can do VPN and routing too.

1 person found this helpful

    Miguel Angel H.

Great option of perimeter firewall

  • January 15, 2019
  • Review provided by G2

What do you like best about the product?
The pfSense is an Open Source project that is being supported by Netgate and offers great perimeter security for small businesses that do not have the money for an ASA, FortiGate or other similar device. The application of traffic policies is very easy to do and personalization of these is very useful with the tools available to the system. It is great the system of packages that extend the functions, for example the package for IDS / IPS Snort is great, the OpenVPN for VPN is very easy to use and so other options that can be incorporated for free.
What do you dislike about the product?
In the last version the support to the unofficial packages was removed, this decision is very annoying because there are many very good packages that are not included in the pfSense library. Another point not so remarkable is the traffic monitoring options that pfSense has, however it fulfills its function for non-demanding users.
What problems is the product solving and how is that benefiting you?
The main advantage of pfSense is the cost, which is 0 and thanks to this, contracts were obtained with external clients that did not have enough funds for a commercial perimeter firewall. The function of VPN with OpenVPN and the application of Snort are the best features that have significantly improved the performance and productivity of our customers' networks.
Recommendations to others considering the product:
Consider the pfSense in case your network needs port security and minimal protection from the outside. If an active and more granular management of the threats and the traffic that passes through it is required, think about accumulating more resources to acquire another superior product.


    Robert G.

Great open source firewall

  • January 03, 2019
  • Review provided by G2

What do you like best about the product?
Open source professional level firewall. Particularly features like multi-wan and how that is implemented into standard features like NAT etc.
What do you dislike about the product?
Many of the services I would like to run are add on packages not truly part of the system. Those have non-standard configs and interfaces because of it. They can be broken or unstable because of it.
What problems is the product solving and how is that benefiting you?
Multi-wan internet supplied by multiple ISP's and used directly without most staff even knowing it. Provides various switching and failover methods for bandwidth or times when an ISP is unreliable.
Recommendations to others considering the product:
While I really like this product, I have moved on to a fork of it called OPNSense that I would recommend over pfSense. pfSense a is good product but much has changed with the project and the company behind it. I put them in second place because that is where there software falls based on most usage. Hope their next release release with all the drastic changes announced a couple of years ago will change my mind.


    Andrew

Will not launch in the US-WEST-2 region

  • October 24, 2018
  • Review verified by AWS Marketplace

I've successfully launched this in other regions, but it will not launch in the US-WEST-2 region. Please fix this! The system log shows the operating system halting and rebooting constantly.


    Adrian

Great for Site-to-Site

  • October 17, 2018
  • Review verified by AWS Marketplace

Very easy to use.
The UI is Intuitive.
Site-toSite VPN is very stable.
You can upgrade to a newer version from the UI.
Strongly recommended!

1 person found this helpful

    Quinn

IPsec VPN routing issue

  • May 30, 2018
  • Review verified by AWS Marketplace

GUI is very easy to use, site-to-site VPN tunnel established easily.

However, it seems miss routing config, I could not find a way to route traffic into this VPN tunnel.


    Jamie M.

Very easy to install out of the gate and a robust routing platform.

  • October 30, 2017
  • Review provided by G2

What do you like best about the product?
Can't believe how easy it is to set up out of the box. Fire up the server, install the platform and then you assign a LAN/WAN interface... DONE!
What do you dislike about the product?
I would like to see more analytics or an easier way to get to client based data from the dashboard.
What problems is the product solving and how is that benefiting you?
I am looking for a secure, but easy and highly configurable platform that just plain WORKS. This seems to fit the bill.


    Joseph N.

So powerful

  • October 30, 2017
  • Review provided by G2

What do you like best about the product?
With this product being open source it amazing how powerful the features you get with it and the ability to configure to your needs is great!
What do you dislike about the product?
It can be hard to get the configuration you want at the start but you get there in the end!
What problems is the product solving and how is that benefiting you?
Free open source protection for your network what more could you want!


    Jonathan H.

Pfsense a worth while firewall

  • October 19, 2017
  • Review provided by G2

What do you like best about the product?
The best things of this product is how modular it can be and the community support it offers.
pfsense has a range of modules/plugins that can be added in order to shape pfsense to your needs, there is a wide selection and you are sure to find something to do the job. If for any reason you are unable to find a module to do what needs to be done, more than likely a question has been asked on the subject and an answer is easily found, if not you can pose a question on the forums and you will be met with a very patient community.
One of the main benefits is the capability for multiple WANs, allowing you to route traffic how you see fit or even load balance.
You can add squid guard and block/allow websites on a whitelist/blacklist.
Aliasing allows you to add multiple IP's/networks/hosts under a single alias and make firewall rules based on this, so rather than creating 250 firewall rules for 250 nodes, simply alias all 250 and make a single rule for that alias.
There are pages devoted to graphs so you can monitor your network traffic, your physical NICs and the server itself.
There are a ton of features and all the basic/advanced networking needs are met.
What do you dislike about the product?
There is very little I have found I do not like about pfsense, although I have not tested every single possible feature, my experience has certainly been very positive. There are two things however that do spring to mind.

I was unable to achieve port forwarding for a VPN. The VPN was PPTP (admittedly I never tried any other methods) on a Windows server. Despite countless hours searching and reading the results and numerous attempts of changing settings, I was unable to use the VPN (had worked previously with a paid firewall solution), whether this issue still stands or was entirely my fault still remains unsolved.

After approximately three years I have found pfsense to become slightly flaky. I have only experienced this with one box (the longest running). Whether this issue boils down to the physical server and/or components or whether this is due to changes over the course of time/corruption of configuration files, is again undetermined.

In reality I have not experienced any real downsides of the solution I cannot link back to me.
What problems is the product solving and how is that benefiting you?
The product has personally helped to act as a firewall protecting and controlling both internal and external traffic on the network.
It has allowed me multiple WAN connections. With aliasing I can quickly group servers, computers, security equipment etc. Using the aliasing I have been able to dedicate WAN connections for specific purposes ensuring the bandwidth is distributed as necessary with a single firewall rule.
Modules like bandwidthd help me check the hosts consuming the most traffic, squid to help me monitor traffic and squid guard to help me block or allow traffic, make this a great solution.
After moving from one paid licensed solution to another I have found pfsense to not only be free, but completely wipe the floor with anything paid for previously.
My experience with this product is extremely positive and I would definitely recommend it as a great solution.

Recommendations to others considering the product:
It's got a great fully fledged gui and it's linux for shell users. Install it, try it, any problems the docs or community will come through.


    Allan L.

Easy to setup and checking Software Router

  • September 06, 2017
  • Review verified by G2

What do you like best about the product?
Resource utilization is really lower.
Have a good user interface that I can easily understand and learn how to use it.
What do you dislike about the product?
No much user know this product that I can only access their forum for searching solution
What problems is the product solving and how is that benefiting you?
Main Network Router and VPN gateway.
I can use an old server to serve 50 peoples without lagging.