Firewalls

Source of truth: data/devices.yaml → firewalls

fw-01

Field	Value
Model	TBC
Vendor	Netgate
Management IP	10.10.10.1
Location	TBC
OS	pfsense
Connection	ssh
Notes	—

Access

Method	Details
Web UI	https://10.10.10.1
SSH	ssh admin@10.10.10.1
Console	Physical serial port on the Netgate unit

Warning

Change default credentials on first boot. Do not leave defaults in place on deployment.

---

WAN interfaces

See Internet Connections for provider and IP details.

Interface	Uplink	IP assignment
TBC	starlink	dhcp
TBC	cte
TBC	cellular	dhcp

Assigning WAN interfaces

Starlink (WAN1 — DHCP)

CTE fibre (WAN2)

Cellular dongle (WAN3 — DHCP)

---

VLANs & DHCP

See VLANs and IPAM for VLAN IDs, subnets, and gateway addresses.

Creating VLANs

Assigning VLAN interfaces

Configuring DHCP pools

---

Multi-WAN failover

Gateway configuration

Gateway group

Firewall policy routing rule

DNS failover

---

Common tasks

Checking gateway status

Viewing active firewall rules

Rebooting safely

Backing up config

---

Troubleshooting

No internet on a WAN interface

Failover not switching

Client not getting DHCP

Can't reach management UI