The pfSense software is an open-source firewall and router solution based on the FreeBSD operating system. Suitable for small and mid-range companies, the pfSense provides a low cost, dedicated firewall, and router solution for physical and virtual computer networks.
The software, which can run on either a physical or virtual computer, provides a wide range of powerful features, almost similar to what the commercial firewall devices offer. It also supports other third-party solutions such as Squid, Snort, and others to increase its capabilities further. Benefits of using pfSense firewall software include;
- Does not require high levels of technical expertise
- Has a web-based interface for easy configuration or upgrade or adding functionalities
- Low total cost of ownership
- Avoids vendor lock-in
- Flexible deployment options, including physical hardware appliances and computers, as well as virtual machines.
Typical pfSense applications include;
- Wireless access point
- VPN endpoint
- DNS/ DHCP server
- Load balancer
- Traffic shaper
- Web content filter and more
Installation of pfSense
The pfSense software is an operating system itself, and you cannot install it on top of another OS. You either reserve an entire physical computer or deploy it as a virtual machine within a physical system such as a server. Virtual deployment eliminates the need for an extra computer on your network.
In this article, we will show you how to install the pfSense software on a virtual machine on either Ubuntu or CentOS. To do this, you need a machine that supports virtualization.
We will begin by creating the virtual machine in which we will then install pfSense. You can use VirtualBox, VM Ware, KVM, or any other compatible virtualization software. In this guide, we will work with VirtualBox.
As long as the machine has the VirtualBox, the installation of pfSense is the same as below, regardless of the host operating system. This means that you will follow the same steps on Ubuntu, CentOS, and other Linux distros, macOS, or Windows.
Installing pfSense on Ubuntu and CentOS using VirtualBox
- Physical or virtual computer running Ubuntu or CentOS
- Sudo user rights
- Virtualization software such as VirtualBox, VM Ware, KVM, Virtuozzo, Xen, etc. For the purpose of this article, we will work with Oracle’s VirtualBox.
- Two network cards
Step 1: Download pfSense installer ISO
As you create and configure the virtual machine, you will require the pfSense ISO installer file, which we recommend you download from the official website before you begin setting up the VM.
The download page offers various options, and the particular file depends on the computer hardware and installation process.
- Choose the Architecture, the type of installer file, and the appropriate mirror site to download from.
- In our case, we will select AMD64 (64 bit) architecture, CD image (ISO) installer, and mirror in New York City, USA.
- Click Download and note the location of the file.
The file is usually compressed in gzip (gz) format, and you will need to extract it to an ISO. Note the download location since you will need this file after setting up the virtual computer.
Step 2: Create pfSense and configure Virtual machine
On your Ubuntu or CentOS server,
Open VirtualBox and click New
Type the name you want to use for the pfSense VM, and then choose the operating system type and version. In this tutorial, we will use the following details;
- Name: pfsvm
- Type: BSD
- Version: FreeBSD (64-bit)
- Once set, click Next.
You will be prompted to size the memory using the slider. Click Next to use the recommended memory. In this guide, we will use the recommended 1GB, out of our server's 4GB RAM.
Create the virtual disk and choose type and size
The next step is now to create a virtual hard disk for our pfSense VM. The recommended is 16 GB but you can change it depending on your resources.
Select Create a virtual disk now, and click Create. On the Hard disk file type screen, select VMDK (Virtual Machine Disk) and click Next.
Select the Dynamically allocated storage option and click Next to proceed. Provide a name for the virtual disk file and adjust the size or use the default as necessary. In our case, we leave the suggested name which is the same as the pfSense virtual machine name, and the recommended 16GB hard disk size. Use the slider, type the number in the box to adjust the size. Click Create.
This will create the pfSense VM and then take you back to the VirtualBox main page.
In the next steps, we will set up the networks, network interface cards, and bootable disk options. We will first create a network within the VirtualBox environment.
Step 3: Create and Configure VirtualBox networks
On the VirtualBox Manager, click on File and then preferences.
If you have other networks, they will appear on the screen, and we can use them; if not, we need to create one. Click on the green + button on the right-hand side.
This will add a NAT network with the name NatNetwork.
Ensure that the network is active. Use the button at the bottom to change the network properties. In our case, we will leave it at the default.
Click OK to save the settings and continue. We will now add a host network. To do this, go to File, and click Host Network Manager.
Under the Host Network Manager dialog box, click Create, and then Properties to set the IP addresses for the resulting vboxnet0 internal LAN network.
Ensure that the DHCP Server is enabled and that it has the correct configuration.
We have now created the network within the VirtualBox virtual environment, and we can now configure our pfSense VM network cards. The WAN adapter connects through the NAT network while the LAN will connect to the vboxnet0 network.
Step 4: Configure pfSense VM network interface adapters and connections
On the left-hand column, highlight the new pfSense virtual machine (pfsvm), click Settings, and then Network.
Ensure that Adapter 1 is enabled and using the drop-down arrow on Attached to: field, select Nat Network. Our NatNetwork appears by default at the Name field. If you have more than one network, use the one where you want to use the pfsense firewall. Adapter 1 will work as the WAN interface card. After this, you will configure a second adapter for the LAN.
Click on Adapter 2, tick the checkbox to Enable Network Adapter. In the attached to: drop-down box, select Host-only adapter, and host network Name as vboxnet0. Click OK once set. You can also use other options such as Bridged adapter or any other depending on your requirements
Step 5: Configure VM to start from pfSense installer disk
The next step is to configure the startup disk options. You will configure the pfSense virtual machine to start from the installer ISO disk image.
Go to Settings, and open Storage
Click on the Empty CD icon.
On the right-hand side, click the small arrow next to the CD icon.
Click on the Choose Virtual Optical Disk File option.
Navigate to the location where you saved the downloaded pfSense ISO installer file. In our case, it is in the Downloads folder.
Select the pfSense ISO installer file and click open.
This CD part will change from Empty to the name of the pfsense iso file.
Step 6: Install pfSense software on the virtual computer
After configuring the virtual drive, clicking OK will take you back to the VirtualBox Manager's main page.
With the pfSense VM (pfsvm) highlighted, click start.
The VM starts from the pfSense bootable ISO virtual CD and begins the installation process. For this guide, we will use the default values. You can always change these after the setup is complete.
To accept the distribution notice terms. Click Accept.
Enter OK to continue with the default Install pfSense option.
Select the keyboard map you prefer. Press Enter to continue with the default US keymap settings.
Choose how you want to partition your disk. Use the recommended Auto (UFS) guided installation option.
The installation will begin. Wait until it completes.
Once the installation is complete, you will be asked whether you want to make changes or not. For now, choose the default No unless you want to modify some options.
The installation is now complete, and you need to restart the system. Before doing so, eject the installer CD for the computer to start from the pfSense installed on the hard disk.
To eject the disk, navigate to Devices, Optical Drives, and click on the Remove disk from virtual drive.
Click Force Unmount.
With the disk ejected, select Reboot and press Enter to restart the pfSense firewall virtual machine.
Step 7: Access and configure pfSense Firewall
After reboot, the pfSense VM will give the output below if the installation was successful. You can now customize the firewall.
- From the command prompt using the respective numbers
- Through a web GUI using another computer on the same network and LAN connection
- Web GUI over the internet and WAN interface.
Step 8: Access pfSense using web GUI
The web GUI provides an easier method and options. To access the pfSense through a web browser, you need a machine on the same network. Open the web browser and type the LAN IP address. In our case, it is 192.168.1.1
Type in the username as admin and password as pfSense and click SIGN IN. This will give you a wizard that guides you through the initial setup process.
Follow the steps and change where necessary. Initial settings include the admin account password and LAN interface.
Once complete, click Finish.
After clicking Finish, you need to accept the No Commercial Distribution agreement, after which you see the pfSense status dashboard. With the initial setup complete, you can now access the menu and modify a wide range of parameters. This includes the Interfaces, Firewall, VPN, and other features.
Learn more about pfSense here. If you are not interested in spending time on installation, then you may consider getting a cloud VM with pfSense pre-installed.