Defensive Lab Series: PFSense Installation
This is the first blog for defensive lab environments set up for corporate and home users. In this blog, we will learn about PFsense Installation in VMware workstation.
A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network.
pfSense® software is a free, open-source customized distribution of FreeBSD specifically tailored for use as a firewall and router that is entirely managed via the web interface. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. In this post We’ll be performing PFSense router installation as a virtual machine.
- VMWARE OR VIRTUAL BOX
- PFSENSE ISO
- FAIRLY POWERFULL SYSTEM
NOTE: We are going to replicate Netgate SG-3100. So all the configurations and system resources are going to be the same as of the SG-3100 but can be changed according to the user’s needs easily.
For Product specifications and details
Before we install and configure the pfsense router we need to configure virtual network ports so that the whole network has stable interconnectivity and also has access to the internet. To do so we need to create 3 more virtual networks in the virtual network editor.
Open VMware and go to edit > Virtual Network Editor
To edit the settings, we need admin privileges if not already then give VMware for once.
We already have 3 preconfigured we do not need to change anything in them.
Click ADD NETWORK > select a virtual network from the menu > click OK
To make it less confusing we are renaming it as LAN
Now select Host-Only as it also says in the description it will create a VM’s internal network. Do not enable DHCP service here as we are going to do that in our pfsence configurator so for now, leave it unchecked.
IN Subnet IP: 10.0.0.0
Subnet Mask: 255.255.255.0 Click apply
As mentioned in the beginning we are going to add total of 3 networks
To create a new network for LAN 2
Subnet IP: 192.168.3.0
Subnet Mask: 255.255.255.0
Subnet IP: 172.16.0.0
Subnet mask: 255.255.0.0
Once Done click ok and clocse the Network Editor.
NOTE: If you are using Virtual Box same settings needs to be done. To do so
TOOLS > NETWORK ADAPTERS
And from there the configurations will be the same
PFsense Virtual Machine
Donload the latest build from here:
Create a new virtual machine Use Default settings for now as will change them afterward before installation.
OS type: FreeBSD 11 64-bit
Hard Disk: 32 GB, Split ( because SG-3100 supports max 32 GB with m.2 SSD )
Click Finish and Edit virtual machine settings
IN Memory assign 2GB
Processors: 1 x 2
Now add pfsence iso
IN this case, we do not need a USB Controller and Sound card so we are removing them but depends on user needs.
In options set snapshot preferences to avoid future problems and reverting to the previous state easily.
Now we need to add 3 more network adaptors to assign the networks we created at the beginning Click add
Now assign the networks that we created
Once that is done our machine’s virtual hardware is configured and we need to install our pfsense on the machine.
Installation is just a basic click next procedure as shown below.
As this is the first installation so select INSTALL
Rescue Shell will be useful if in future our machine crashes then it will give a recovery shell.
Recover config is for if we need to import our configurations from any previous install.
Now either you can choose you Keymap or continue with your system default.
Go with the auto as in future changing any hardware resources like disk expansion etc will be easy or if you are sure you won’t need that in future and you know what you need and are doing than chose from the other 3 but in this doc, we are going with auto.
We don’t need to make any modification here so go with no.
Now reboot the system to complete the installation.
[…] Read part 1: http://blog.certcube.com/corporate-pfsense-installation-lab […]