How to install and configure pfSense within a Hyper-V VM : wmatthyssen
by: wmatthyssen
blow post content copied from Wim Matthyssen
click here to view original post
In this blog post, you’ll learn the process of installing and configuring pfSense inside a Hyper-V virtual machine (VM).
In a previous blog post, I have already demonstrated how to create a Hyper-V virtual machine (VM) to run pfSense, the open-source firewall and routing software, using a PowerShell script.
You can access that blog post here, and if you prefer to download the script directly, it is available on GitHub.
But in this blog post, let’s delve deeper into the installation and configuration of pfSense.
Prerequisites
- A Hyper-V host running Windows Server 2019 or 2022.
- Two Hyper-V virtual switches, one for your internal LAN connections (Private) and the other for your WAN connections (External).
- A Hyper-V VM with all the required settings, like the one from the blog post
Download and install pfSense
Once the VM is ready and set up, the next step is to download pfSense, which you can do through this link.
For the architecture, choose AM64 (64-bit), and for the installer, select DVD Image (ISO) Installer. As for the mirror, pick the location that is closest to you; in my case, it’s Frankfurt, Germany. Click the Download button to begin the image download, and save it to a location where you can later unzip the .gz file.
Next, use 7-zip or any other zip utility to unzip the .gz file. Once this process is complete, copy or move the resulting ISO file to a (shared) folder location that the Hyper-V host can access. After that, make sure to attach the ISO to the VM’s virtual CD/DVD drive. Also, don’t forget to set the correct boot order, ensuring that when the VM is started, it boots from the DVD drive first.
Next, start the VM, and if all configurations are correct, the pfSense setup should begin. If it does, click “Accept” on the first screen.
On the following screen, simply click “Install” to initiate the pfSense installation.
For the disk partitioning, choose “Auto (UFS)” and then press OK. Afterward, choose “Entire Disk” to allocate the entire disk for pfSense.
Choose “GPT GUID Partition Table” as the partition scheme and then press OK.
Click Finish.
When prompted for confirmation, simply click Commit.
Click Reboot, to complete the installation.
Configure pfSense
After the VM reboots, respond with ‘n‘ (no) to the first question asking if you wish to set up VLANs now.
Next, configure the WAN interface, which, in my case, is hn1, and the LAN interface, which, in my case, is hn0. Once done, click ‘y‘ for yes to proceed.
If you are uncertain about which interface is which, you can identify them by checking their MAC addresses.
Once all configurations are complete, you will be greeted by the Welcome screen. Here, you can also find the current WAN and LAN IP addresses that were assigned via DHCP.
Further configuration using the pfSense webconfigurator
To further proceed with the configuration, we will use the pfSense webconfigurator. For this purpose, I will make use of a management VM that is connected to the same vSwitch for its LAN connectivity, just like the pfSense VM.
If we look at the NIC configuration of this VM, you’ll notice that its IPV4 IP Address resides on the same subnet as the pfSense VM’s LAN Configuration. Next to that, the LAN IP of the pfSense VM (192.168.1.1) is set as the default gateway for this management VM. Additionally, its DNS is also temporarily set to the LAN IP of the pfSense.
Open the Edge browser within this VM and go to https://192.168.1.1. You will likely encounter a certificate error. Simply click on “Advanced” and choose “Continue to 192.168.1.1 (unsafe)” to proceed.
At the login screen, use the following default credentials to sign in:
- username: admin
- password: pfsense
Once logged in, the wizard page will open; click “Next” there.
Click “Next” once more.
At this point, you can already change the hostname and domain if you wish, but make sure to leave both DNS server fields empty. Then click “Next.”
If needed or preferred, adjust the Network Time Protocol (NTP) settings, then click “Next.”
You can find an extensive list of public NTP servers through this link.
On the page to configure your WAN settings, you have the option to select Static, DHCP, PPoE, or PPTP as the network type. In my setup, I chose a static IP. Next to that, for this setup, I left all the other fields blank (default).
Keep in mind that if you are using a different type of WAN link, you may need to fill out some of these sections accordingly.
Click “Next” to apply your settings.
On the page for configuring your LAN settings, you can either specify your desired LAN IP Address and LAN subnet mask or leave both as they are. If you make any changes, remember that you will need this IP Address to connect to the pfSense webconfigurator after reloading or restarting your pfSense.
Click “Next” to apply your settings.
On the following screen, you can set a new admin password. Ensure it is as secure as possible since, in almost all cases, this device is exposed to the Internet.
Click “Next” to apply your settings and proceed.
Click “Reload” to apply all the changes to your pfSense configuration.
If you have modified any of the IP addresses, whether from the WAN or LAN connection, it’s advisable to reboot the pfSense VM. To do this, simply choose “5” from the pfSense welcome menu and press Enter.
Next, type “y” to initiate a normal reboot, and then press Enter once more.
Once you have reloaded and rebooted the pfSense VM and connected from a management or any other VM in the same LAN where the IP settings (LAN) of the pfSense VM were changed too, you should be able to access the pfSense web configurator using its new LAN IP address.
Next to that, you should also have Internet connectivity.
Also know that if this is your first login to the webconfigurator after completing the configuration wizard, you’ll need to accept the license agreement before you can make any additional configurations.
Conclusion
Configuring pfSense is a straightforward process if you follow the necessary steps, especially when using the webconfigurator wizard. If something is wrong, it’s often related to your IP settings or DNS configuration.
I hope this step-by-step guide can assist you in configuring pfSense on a Hyper-V VM in your on-premises environment.
Should you have any questions or suggestions regarding this blog post, feel free to reach out to me through my Twitter handle (@wmatthyssen) or simply leave a comment, and I’ll be more than happy to assist.
August 05, 2023 at 05:51PM
Click here for more details...
=============================
The original post is available in Wim Matthyssen by wmatthyssen
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
Post a Comment