wiki:pfsenseinstall

Version 16 (modified by admin, 8 years ago) ( diff )

--

Pfsense Initial Setup

The pfSense project is a free, open source tailored version of FreeBSD for use as a firewall and router with an easy-to-use web interface. There are two ways of installing pfSense.

  • Full installation
  • Embedded Installation

Here you are going to create a pfSense virtual machine using full installation method to install pfSense.

Setting up virtualbox

Installation of virtualbox and Downloading pfSense iso image

Download and install virtualbox 5.0.x

Download pfSense image from the LEARN mirror

Note down the location of downloaded iso file

Creating PFSense VM

Start virtualbox and Click on New button (at top-right) to create new virtual machine

Enter name of the VM as: pfsense.'your domain'.ws.learn.ac.lk. You can get your domain from here

eg:

  • pfsense.user1.ws.learn.ac.lk

Select OS Type: BSD

Select Version: FreeBSD (64-bit)

Then click on Continue button

Set VM's memory size to 512MB and click on Continue button

Set VM's hard disk option to Create a virtual hard disk now

and then click on Continue

Select disk type to VDI

Select storage type to Fixed size and Continue

Make sure virtual hard disk file name in following format

pfsense.'your domain'.ws.learn.ac.lk

adjust the disk size to 8.0GB

and click on Create to create the VM

This might take couple of minutes

(Note down the location of vdi image file when virtualbox flashes it on the screen)

Setting up Network Interface

Select the VM from left panel on Virtual box, right click and open Settings

Click on the Network title

On Adapter 1 While Enable Network Adapter selected choose Attached to be Bride Adapter. This virtual interface will work as the WAN port of the firewall (Can be connect from out side).

On Adapter 2 While Enable Network Adapter selected choose Attached to be Internal Network. Default name is intent. keep it that way. This virtual interface will work as our LAN port (Can't connect from out side).

Setting up boot device and Booting

Click on Storage title and select CD ROM icon under the Controller:IDE Click on CD ROM icon under the Attribute on the left side to select

Choose Virtual Optical Disk File

Locate the PFSense CD image file you downloaded from the LEARN ftp

Right click on VM to make a Normal Start VM. You should now see a separate window with PFSense Installation screen

Pfsense Installation

Initial Installation

As the pfSense starts booting, a prompt is displayed with some options and a countdown timer. At this prompt, press 1 to get install pfsense by default. If we don’t choose any option it will start to boot option 1 by default.

Next, press I to install fresh copy of pfsense,

On the next screen, it will ask you to Configure Console, just press Accept these settings to move forward for installation process.

Choose Quick / Easy Install option to take make things easier. Once you are familiar with pfsense installation you can try Custom Install.

The install will proceed, wiping the target disk and installing pfSense. Copying files may take some time to finish.

After the files have been copied to the target disk, a choice is presented to select the Console Type. Standard Kernel defaults to the VGA console. Embedded Kernel defaults to serial console. Choose Standard Kernel

Now the Installation is finished So it will ask to reboot. Choose Reboot and remember to remove the disc from vm so it will not fall back to the installation (Some times your vm might hang when you remove your disk. If this happens Right click your vm ( pfsense.'your domain'.ws.learn.ac.lk) on virtualbox manager window. Go to the close attribute and click on power off. It will shut down your vm. After it shuts down Right click your vm (pfsense.'your domain'.ws.learn.ac.lk) on virtualbox manager window and Click start. It will start your vm again.

First Bootup

note : If you reboot your vm manually you will be prompted straight to the pfSense configuration user interface. But do not worry it will not effect on your firewall

After rebooting, you will get the a screen with available interfaces to configure the network.

The first option is presented as VLAN’s, simply here say No by pressing n and enter.

There are two interface’s em0 and em1, pfSense will ask which interface to use as WAN and which interface to use as LAN. Press a and enter to auto configure the interfaces. please note that in this case pfSense is intelligent to assign correct virtual interfaces as WAN and LAN ports, Because only one interface can be connect from out side. Even if the interfaces are wrong you can assign them correctly later.

It will ask for the confirmation and you can proceed with Y and press enter to continue to the

pfSense Console Configuration

pfSense console configuration interface has the basic configuration options in pfSense. You can select these options by typing there index number and pressing enter.

Assign WAN & LAN Interfaces

Note that WAN and LAN Interfaces are assigned by PFSense itself. To change that press 1 and enter

The first step is presented as VLAN’s, simply here say No by pressing n and enter.

To select em0 as WAN interface type em0 and press enter

To select em1 as WAN interface type em1 and press enter

We do not need optional interfaces so press enter at the next step

Do you want to proceed? press y to say yes and enter

Assign WAN IP addresses

To change the interface IP address press 2 and enter

WAN IP is set by DHCP by default. To change the WAN interface IP Address press 1 and enter.

We are going to have a static IP for WAN Interface. So press n and enter to avoid pfSense to configure the interface IP by DHCP.

Enter the WAN IP address assign to you and enter. Give subnet mask and gateway in the next steps. You can find your IP allocation from the IP table

We are going to have an IPv address by DHCP. Press y and enter to let pfSense get an IPv6 address

Press n and enter to disable http on WAN interface

You will be prompted back to main interface.

Assign LAN IP addresses

To change the interface IP address press 2 and enter

To change the WAN interface IP Address press 2 and enter.

Enter the LAN Ip address as 10.1.1.254. Enter subnet mas as 24. We are going to have this IP address as our LAN's gateway IP. Do not give any parameters to gateway on LAN. Just press enter.

We are not going to have an IPv6 address for LAN. So just Press enter.

To enable DHCP server on LAN press y and press enter

For this workshop our LAN DHCP range is 10.1.1.1 to 10.1.1.50. Give start and end IP addresses in next steps.

You will be promted back to main interface.

You have now set up both WAN and LAN IP addresses.

Reset WEB Configurator password

This step is optional as This step will reveal you the default user name and password for the webconfigurator. Press 3 and enter.

Above the line 'Do you want to proceed' you will see the default username and password on the web access. Press y or n and enter

Note: See TracWiki for help on using the wiki.