Help! I've fallen down the Protectli rabbit-hole and I can't get up!

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.

Where can I learn about firewall theory?

  • There's this excellent book (mention in comments)

    Votes: 0 0.0%
  • Here's a wiki that will answer all of your questions (mention in comments)

    Votes: 0 0.0%
  • Bless your little cotton socks

    Votes: 0 0.0%

  • Total voters
    1

ethom

New member
Aug 3, 2021
1
0
Hello!

I found myself in a little over my head recently. I've been learning about computer and network security as a hobby for the last two years (often inspired by "Security Now!"). Out of an abundance of caution, I purchased a Protectli "Vault" so to keep my network secure while setting up a personal server.

Usually with new devices I can fiddle with settings, experiment and, falling those, find guides online. I got into my "Vault" and didn't recognize a single setting. I tried to read the docs but found them very short and pretty unspecific. I think that I need a more general introduction to firewall theory.

So, in-order to proceed on my task, I ask you:
 

ChrisQuinn

Member
Oct 3, 2020
7
2
I have been thinking about getting one of these to play with. In fact I have had one on my wish list so long it is now out of date. Hopefully one of these days I will actually get one to see how much fun you can have.
Generally speaking I would check out pfsense. Regardless of your experience level I think you will find the community around it very helpful.
 

PHolder

Well-known member
Sep 16, 2020
769
2
359
Ontario, Canada
In order to understand the basics, you need to understand how TCP/IP works. Know what IP addresses are, what packets are, what ports (of the IP kind) are. Then you need to know some info about some protocols, and which ports they're used on. You may also need to understand DNS a bit. Beyond that, unclear what the issue is. A firewall is just rules. You don't need any rules if you don't have traffic. So what's your traffic that you're having problems making rules for? (Granted I have never used this Protectli thing you mention, but I presume all firewalls are kind of the same.)
 

jeff3820

New member
Jan 4, 2021
1
0
I have 2 Protectli boxes running Pfsense. Lots of videos on setting up Pfsense. Look on YouTube for ones by Lawrence Systems...Tom is excellent!
 

Greg S

Member
Sep 16, 2020
22
9
Northeast Ohio, USA
Before you get too involved with configuring it (the default installation of pfSense should work as is), I would make sure it can maintain an internet connection before you decide to keep it. I purchased a Protectli FW4B late last year and a few months ago started experiencing constant internet connection problems. It turned out to be the Protectli device. When connected directly to my cable modem, it just can't maintain an internet connection for more than a few minutes at a time. The WAN interface constantly cycles up and down.

Protectli support was very helpful. They first sent me a replacement unit, which didn't help. Then there were many messages back and forth with suggestions on settings to tweak, logs to look at etc. I talked to a guy on the phone, he remotely connected to the device, I provided packet captures. All to no avail. He finally admitted defeat and offered a refund.

I decided to keep the device because it does work perfectly when I have my old Asus RT-AC68U router in between it and the cable modem. So, it is in the DMZ of the Asus. I am hoping that one day an update to pfSense and/or FreeBSD will get the FW4B working again and I can put it back on the front line.
 

PHolder

Well-known member
Sep 16, 2020
769
2
359
Ontario, Canada
I decided to keep the device because it does work perfectly when I have my old Asus RT-AC68U router in between it and the cable modem
Weird. Having looked at the Protectli devices on Amazon, it appears they're NUC styled devices with passive cooling. I wonder if the amount of broadcast traffic on the direct cable model was causing the NIC to work too hard, and overheat? Unless there is some magic packet that the NIC would choke on and reset, I can't think of any reason for the weird behaviour. And if it was some bad packet, you'd expect you wouldn't have been the only one to suffer in that way. I have an ASUS router that had the same problem as your Protectli. It would keep randomly rebooting. It wasn't until the most recent patch that that weirdness finally stopped (which I am lucky to have received as my device is now out of support.)
 

MichaelRSorg

Well-known member
Nov 1, 2020
88
13
RouterSecurity.org
One option for someone looking to step up from consumer routers (good choice) is the Pepwave Surf SOHO. Its $200 US for a professional router with WiFi. The big limitation is the 110Mbps speed. Also, running the OpenVPN client on the device will probably stress it greatly. Read details about it here

As for configuring a professional grade device, I created a cheat sheet here

Its not for everyone, no one router is appropriate for everyone, but after reading those two pages, you should know for sure whether it is right for you or not. If speed is holding you back, the next Peplink model up is $400 and its rated for 900Mpbs. They all have a very similar UI.