No, really.
I have been working on creating a configuration for pfSense that would almost completely anonymize the user. It offers a few bypasses via squid proxy in order to prevent as many captchas or quicker performance to core services.
Features
- Secure VPN:
- VPN aggregation with WAN fail over.
- OpenVPN with hardware acceleration.
- Wireguard with hardware acceleration.
- Details on how to connect to ExpressVPN and NordVPN.
- Load Balancing.
- Dedicated connections for media devices to bypass VPN.
- VPN Passthrough for IKE/IPSEC/OpenVPN.
- Dial-in VPN Support
- DNS over SSL/TLS
- Squid Proxy for sites that do no like VPNs:
- Includes instructions to set up a CA for HTTPS.
- Includes wpad.dat / wpad.da / proxy.pac configuration via DHCP.
- Custom DHCP options:
- PXE.
- Custom iPXE Menus.
- Custom NFSroot options for NFSv3/v4.1.
- Automatic proxy configuration.
- Containerized PXE boot with netboot.xyz:
- Includes how to customize Windows PE to chainload Win10 and Win11 installs.
- Includes how to create dynamic NFS root configurations via pfSense that iPXE reads from DHCP information.
- Includes how to create custom dynamic netboot.xyz menus for iPXE.
- Diskless Debian:
- Uses NFS from your fileserver and will run on anything that supports PXE.
- pfSense Configuration Migration.
- Network Analysis via Traffic Totals.
https://github.com/celesrenata/pfsense-ultimate-config
https://github.com/celesrenata/netboot.xyz-custom
I have published a few demos on YouTube for PXE boot.
