NeoDude Posted November 12, 2016 Share Posted November 12, 2016 I know that there has been posts about this in the past but I'm just about to take the plunge with replacing my ASUS router with a Pfsense VM and wanted to check if there are any updated guides for how to do this? Also, I'm looking at buying a Dual NIC card for use by Pfsense and I'm slightly confused at the vastly differing prices on Amazon. Would this or this do the job if passed through to my Pfsense VM? Any reason to go for the other cards costing 4 or 5 times as much? Quote Link to comment
3605481mah Posted November 12, 2016 Share Posted November 12, 2016 I'd recommend a miniPC with 2 lan for this (I went this way) or VM in ESXI (had this before going bare metal) Sent from my SM-G920F using Tapatalk Quote Link to comment
NeoDude Posted November 12, 2016 Author Share Posted November 12, 2016 I want to avoid having extra boxes and PCs. I'd prefer to have it running under UnRaid as a VM. I understand the limitations regarding losing internet access when UnRaid is down. Quote Link to comment
CateFul Posted November 12, 2016 Share Posted November 12, 2016 go ahead and do it, I did it with a Mikrotik CHR vm and it works flawlessly with pppoe connection. Though I only have 2 ports on my unRaid box so I had to use the old router as a switch. If you have the right wifi module you can even pass it to the vm and set it up as a wireless AP as well. Quote Link to comment
NeoDude Posted November 12, 2016 Author Share Posted November 12, 2016 I have a Ubiquiti AP I'm planning on using for WiFi and I've just ordered a PCI Dual NIC that I plan on using passed through to pfSense. I just now kinda need a step by step on how to get it all working. I've downloaded the FreeBSD & pfSense ISOs but unsure where to start, lol. Quote Link to comment
NeoDude Posted November 12, 2016 Author Share Posted November 12, 2016 Do I even need to install FreeBSD first? Can I not just install pfSense to the VM? I'm planning on 4GB RAM, is that enough? How much HDD space is needed for pfSense? Quote Link to comment
CateFul Posted November 12, 2016 Share Posted November 12, 2016 not sure about pfsense, I use mikrotik. I would imagine just install it with the iso and pass through the network device Quote Link to comment
ezhik Posted November 12, 2016 Share Posted November 12, 2016 I'd recommend setting up a dedicated box rather than hosting pfSense in a VM (you might check out opnsense.org as well ) for security reasons that is. Quote Link to comment
NeoDude Posted November 12, 2016 Author Share Posted November 12, 2016 I managed to work it out. I have pfSense running as a VM now, just need to wait for my NIC to arrive to start setup. ezhik, in what way would running pfSense as a VM have security concerns? Quote Link to comment
ezhik Posted November 12, 2016 Share Posted November 12, 2016 Remember that since you are emulating it, the actual packets are received by the host. The concern is breaking host security before it even gets to your pfsense VM. Quote Link to comment
NeoDude Posted November 12, 2016 Author Share Posted November 12, 2016 How are the packets received first by the Host? The host has it's own network connection to the LAN, it has nothing to do with the WAN interface which would be used only by the pfSense VM. Quote Link to comment
ezhik Posted November 12, 2016 Share Posted November 12, 2016 Only if you are going to do passthrough for the nic then your VM will be receiving if it directly, unless you virtualize it. Quote Link to comment
NeoDude Posted November 13, 2016 Author Share Posted November 13, 2016 Yep, I stated in my first post that the plan was to pass through a NIC. Keep up man! Quote Link to comment
ezhik Posted November 13, 2016 Share Posted November 13, 2016 Yep, I stated in my first post that the plan was to pass through a NIC. Keep up man! Quote Link to comment
greg_gorrell Posted November 13, 2016 Share Posted November 13, 2016 I currently have pfsense running as a vm on my unraid box with an Intel dual nic passed through. It works very well, the only issue you may experience is if you lose power to unraid, you lose your network. Make sure to keep a machine set up with a static ip or you won't be able to connect in that situation. The host will not receive any packets from the nic if you have it passed through to pfsense vm, so no security concerns there. Sent from my SM-N910V using Tapatalk Quote Link to comment
NeoDude Posted November 14, 2016 Author Share Posted November 14, 2016 Greg, do you use the second port on your NIC as the LAN connection back to your switch? or do you use the VLAN for the LAN connection? Quote Link to comment
bigjme Posted November 14, 2016 Share Posted November 14, 2016 As a side note to overcome the ip access issue if your on a newer unraid just leave a screen etc. connected and access unraid directly via the gui - removes the issue of being unable to connect as it's all localhost then Quote Link to comment
NeoDude Posted November 14, 2016 Author Share Posted November 14, 2016 Yep, I have the UnRaid GUI on a different input on my monitor. UnRaid and most of the machines on my network are all using static IPs anyways. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.