BelgarionNL Posted June 21, 2018 Share Posted June 21, 2018 Hi First off thank you for the videos. because of those on youtube I decided to try unraid first for my new server and so far I am absolutely loving it. On 5/2/2018 at 9:01 PM, Tal said: Just spent the last few hours rattling my brain after watching part 3. My board (MSI P55-GD65) has 2 network ports so I was thinking I could use one for the connection to the internet and the other to my internal network but I just cannot get it to work. If you could suggest where I'm going wrong that would be mighty helpful. Awesome videos by the way. You're videos are the reason I'm using unraid at all. ? Tal had the same idea I had and I was hoping I could get it work with the 2 nics on my board first for more testing to see if I actually like having pfsense on my server instead of a physical device. Would you be able to help us out and point us in the direction on how to use one for wan and the other for lan. this must be possible right? Quote Link to comment
tr0910 Posted June 25, 2018 Share Posted June 25, 2018 (edited) My dual 2670 report AES enabled repeating the following 32 times. But when I change pfSense to support Cryptographic Hardware I get the following on pfSense 2.4.3-RELEASE (amd64) on noVNC: pfsense padlock0 no ace support root@Tower:~# grep flags /proc/cpuinfo flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm epb pti ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid xsaveopt dtherm ida arat pln pts I changed it back to disabled for now pending advice on this error. Is AES enabled in spite of this error? Edited June 25, 2018 by tr0910 Quote Link to comment
L0rdRaiden Posted June 30, 2018 Share Posted June 30, 2018 Do we need to install openvm tool package? Or this is only for VMware hypervisor? Quote Link to comment
bobokun Posted July 5, 2018 Share Posted July 5, 2018 Thanks for the video series. I've been trying to get everything set up on my unraid server and everything seems to be working except for one thing. My unraid server doesn't seem to be getting an ip address from the pfsense VM. I have passed the 4 port Gigabit Network Card to the VM but my original Gigabit NIC that unraid uses is not being passed to the pfsense. Could that be the reason why it's not assigning my unraid server an ip address? I also have a separate physical network card for IPMI which doesn't seem to be getting an ip address either from the pfsense VM. I've assigned static IP addresses for both my unraid server (under network settings) and also my IPMI in my bios but I don't see it anywhere under DHCP leases in the pfsense menu. Quote Link to comment
JonathanM Posted July 5, 2018 Share Posted July 5, 2018 20 minutes ago, bobokun said: My unraid server doesn't seem to be getting an ip address from the pfsense VM. Can you describe your physical connections? For example, port 1 of 4 port nic plugged into 16 port gigabit switch, port 2 plugged into ISP modem, etc. Quote Link to comment
bobokun Posted July 5, 2018 Share Posted July 5, 2018 (edited) 12 hours ago, jonathanm said: Can you describe your physical connections? For example, port 1 of 4 port nic plugged into 16 port gigabit switch, port 2 plugged into ISP modem, etc. My Unraid server has 2 eth ports (On Motherboard) + 1 IPMI Port + 4 port NIC (Intel PCIe Gigabit card). Only the 4 port NIC has been passed to the pfsense VM. 4 Port NIC: Port 1 = WAN Port 2 = LAN (Direct connection to PC) -> This is used to connect to pfsense to configure settings Port 3 = WIFI/SWITCH (Using my old router AC68U in Access Point mode, it also has 4 ports + WAN port which I want to utilize as a switch) Port 4 = Empty The 2 eth ports on my motherboard and IPMI are not physically connected to anything, but I have also tried physically connecting the ethernet port on motherboard and the IPMI port to my AC68U which is connected to port 3 of the 4 port NIC. Ideally I want to avoid physically connecting anything from my motherboard/IPMI port to anything in order to save ports/ethernet cables on the AC68U Edited July 5, 2018 by bobokun Quote Link to comment
JonathanM Posted July 5, 2018 Share Posted July 5, 2018 Any interface that needs an IP address assigned has to be physically on the same segment of the passed through port that pfSense is running a DHCP server. If you have DHCP assigned on port 3, then you have to plug your server and IPMI into that same segment. Since you have 2 LAN interfaces defined in pfSense, you could have 2 different sets of firewall rules and such on the 2 ports, for example you could have a switch plugged in to port 2 and have both your IPMI and pfSense on the same segment, with extremely restrictive rules, while putting your general network traffic on the other interface. There is no way that I am aware of to software bridge the passed through ports to the unraid box, you have to physically connect them somehow. If you want to save one port, you could define a LAN segment on port 4 for your unraid box, and just connect a short bit of cable from the motherboard port to port 4. If the particular LAN port as defined in pfSense doesn't have a DHCP server running with valid settings, you won't get an IP address assigned to anything plugged into it. Quote Link to comment
SpaceInvaderOne Posted July 17, 2018 Author Share Posted July 17, 2018 Heres the next part in the pfSense series added to the top of this thread post. Part 7 - Firewall rules, Portforwarding/NAT, Aliases and UPnp Quote Link to comment
SpaceInvaderOne Posted July 23, 2018 Author Share Posted July 23, 2018 Heres the next part in the pfSense series added to the top of this thread post Part 8 Open NAT for XBOX ONE and PS4 Quote Link to comment
sse450 Posted August 12, 2018 Share Posted August 12, 2018 (edited) I am trying to get pfSense up and running using the Part 3 of the video series. The video is fantastic, but still I am clueles at some point. I have 4 ethernet ports on my unRAID server: eth0: Broadcom on the MB. Before installing pfSense, unRAID normally used this port (192.168.1.100). Currently nothing is connected eth1: Broadcom on the MB. Nothing. eth2: Intel NIC on PCIe (pfSense WAN) eth3: Intel NIC on PCIe (pfSense LAN) This is connected to the switch. All seems OK. 2 port intel nic is passed through to the pfSense VM. I can reach pfSense VM on 192.168.1.1 but cannot get unRaid on 192.168.1.100. The video gives a solution on DNS resolver page. But I don't use any domain name for unRAID. How can I access to unRAID from LAN which had an IP of 192.168.1.100 previously. If I connect eth0 to the switch separately, unRAID becomes accessible. But, surely this is not an elegant way. Thanks for any support. Edited August 12, 2018 by sse450 Quote Link to comment
MyKroFt Posted August 13, 2018 Share Posted August 13, 2018 On 4/24/2018 at 11:12 AM, gridrunner said: Hi @joelones Just set in the bios of the pfsense to enable wake on lan. When the machine is off it will still power the lan port for wake on lan. I use @Squid excellent user script plugin to send a wol ping using etherwake command This script runs on array stop etherwake 00:01:3e:4e:5a:b8 I also use another script for when the array starts This uses ssh to login to the pfsense machine and shut it down this way only one pfsense is running at a time ie ssh [email protected] /etc/rc.halt You will need to generate some ssh key pairs on unRAID and copy the public key to the admin user in pfsense. All of this will be covered in my pfsense videos Did this video ever get made, this is exactly what i am looking for, I have a seperate 1u box in the rack that is my pfsense, would love to run it in a VM environment. Did you also think of a good way to update the configuration on the physical box? Thanks Myk 1 Quote Link to comment
ijuarez Posted August 14, 2018 Share Posted August 14, 2018 Did this video ever get made, this is exactly what i am looking for, I have a seperate 1u box in the rack that is my pfsense, would love to run it in a VM environment. Did you also think of a good way to update the configuration on the physical box? Thanks MykI think this is still in his queue as he developed a full vm install that can be replicated to bare metal. Next video might be the fail over process. Sent from my BND-L34 using Tapatalk Quote Link to comment
MyKroFt Posted August 14, 2018 Share Posted August 14, 2018 2 hours ago, ijuarez said: I think this is still in his queue as he developed a full vm install that can be replicated to bare metal. Next video might be the fail over process. Sent from my BND-L34 using Tapatalk That is what I am hoping, and want to do with my setup Quote Link to comment
MyKroFt Posted August 14, 2018 Share Posted August 14, 2018 Another question trying to set this up, what would be the best way to have the unRAID machine and bare metal machine connected to the modem so they can auto switch? Can you put a small switch after the modem and have both hooked up since only one at a time would be trying to connect to the modem? Quote Link to comment
ijuarez Posted August 14, 2018 Share Posted August 14, 2018 Another question trying to set this up, what would be the best way to have the unRAID machine and bare metal machine connected to the modem so they can auto switch? Can you put a small switch after the modem and have both hooked up since only one at a time would be trying to connect to the modem?if you look back at his first video I think he made a diagram on how he had them connected and that's how I think he was going to do the videosSent from my BND-L34 using Tapatalk Quote Link to comment
adamfritzsche Posted August 25, 2018 Share Posted August 25, 2018 Okay, so I have a dumb question. I have pfSense as a VM in unRaid. I have a quad Intel nic passed through to the VM. Port Designated WAN goes to cable modem, LAN goes to switch, which then goes to all my wired devices and wireless AP's. One of these ports on the switch goes back to the unRaid server onboard nic, which is used to give unRaid network access. This all works great until I restart the unRaid Machine. Obviously, unRaid starts before the pfSense VM can, resulting in the unRaid machine getting assigned a 169.xxx.xxx.xxx address which then results in not being able to access unRaid, have to put the old router back in place to get access again. Am I missing something? / Is there a way to resolve this? Quote Link to comment
1812 Posted August 25, 2018 Share Posted August 25, 2018 1 minute ago, adamfritzsche said: Okay, so I have a dumb question. I have pfSense as a VM in unRaid. I have a quad Intel nic passed through to the VM. Port Designated WAN goes to cable modem, LAN goes to switch, which then goes to all my wired devices and wireless AP's. One of these ports on the switch goes back to the unRaid server onboard nic, which is used to give unRaid network access. This all works great until I restart the unRaid Machine. Obviously, unRaid starts before the pfSense VM can, resulting in the unRaid machine getting assigned a 169.xxx.xxx.xxx address which then results in not being able to access unRaid, have to put the old router back in place to get access again. Am I missing something? / Is there a way to resolve this? Set a static IP address in unRaid network settings and make it locked/registered to the MAC address of your unRaid server in pfsense. you can always access it via hostname tower.local or whatever you set it too. Just might a little longer to resolve without a dhcp server on the network. Quote Link to comment
adamfritzsche Posted August 25, 2018 Share Posted August 25, 2018 37 minutes ago, 1812 said: Set a static IP address in unRaid network settings and make it locked/registered to the MAC address of your unRaid server in pfsense. you can always access it via hostname tower.local or whatever you set it too. Just might a little longer to resolve without a dhcp server on the network. Ah, yes. That makes sense. Thank you. Quote Link to comment
Raz Posted September 1, 2018 Share Posted September 1, 2018 Hello! Yuo helped me a lot with your videos and after all your tutorials i followed i pulled the trigger on an intel 4 1gb ports nic. The problem is that i realized too late my 2500k doesn't support vt-d, so i can't passthrough the PCI-e card to the VM. Are there any ways i can install pfSense on a VM? The hardware configuration is like this: ISP Modem/Router -> Switch -> unRaid Machine at eth port on motherboard. I am not a pro in networking and i can't figure out how to configure the 4 ports nic. Quote Link to comment
Mlatx Posted November 6, 2018 Share Posted November 6, 2018 (edited) Hi All, I'm trying to install this and am not able to boot into the vm. It won't connect via vnc and gives me a message saying login to server failed. I've tried OVMF and Seabios with no success on either. On OVMF, I've tried all the Q35 versions. I'm able to pass through my 4 port NIC. Everything was done exactly as in video part 3. What could be the issue? It's f'ng Safari that is the problem. Works with Chrome. Go figure. Edited November 6, 2018 by Mlatx Quote Link to comment
Mlatx Posted November 7, 2018 Share Posted November 7, 2018 Hi All, I successfully have offense running as a vm on unraid. I just need to get a cheap backup device. I’m having issues connecting to https with internal sites and through let’s encrypt. I other words, I can’t connect and no message to proceed with caution. I have nextcloud setup according to spaceinvader’s video. It’s running under my own domain and proxynet. With my old isp router, port forwarding worked, and I was able to connect. Now with offense, I cannot. I don’t get any errors within let’s encrypt’s logs. I can’t connect to my OpenVPN server either. I put in the rule for private domain equals unraid.net in DNS resolver. What could I be missing here? I’ll continue to search but found nothing yet. Quote Link to comment
repomanz Posted December 30, 2018 Share Posted December 30, 2018 Hi @SpaceInvaderOne. First off thanks for all of your videos. They have been beyond helpful! Quick question about pfsense in particular to part 3 of your video. I have the same 4 port intel nic you have; instead of applying the pci patch to separate out the nic is there any reason why we couldn't do the host dev method you've mentioned in another one of your videos? Quote Link to comment
Moose_Flunky Posted January 2, 2019 Share Posted January 2, 2019 Hello All You Helpful People!! (hint, hint) I want to run pfSense in a VM under Unraid 6.6.6. I followed SpaceInvaderOne's videos, but I'm a bit stuck. I'm trying to get cute with my setup. I have a SuperMicro server with 4 onboard Intel gigabit lan ports AND a two port 10 gigabit pci card. All of this is connected to a Cisco L3 3560e switch, which I have configured vlans on. Now, I'm trying to do the following. My WAN port from my cable modem goes into switchport 1 (Vlan 80) on my switch. All my devices can reach the internet because I have InterVlan routing configured. VLAN 10 is for computers. VLAN 20 is for cameras. VLAN 30 will be for ubiquity. VLAN 50 will be for IOT. Now, I think I can configure the 10 gigabit ethernet ports to be bonded and set up as a trunk port, which I can then use as the LAN port in pfSense. But, I'm fuzzy as to how/what to configure as the WAN port. Can I use VLAN 80 as my WAN port, or does it have to be a discrete interface (like one of the gigabit ports)? Where do I plug in the gigabit port(s)--in VLAN 80, or in VLAN 10 with computers? And finally, how do I route all traffic through pfSense? Set it as the default gateway? Or does running the trunk port through it do this for me already? Any help would be appreciated. Thank you Quote Link to comment
whipdancer Posted January 3, 2019 Share Posted January 3, 2019 1 hour ago, Moose_Flunky said: Hello All You Helpful People!! (hint, hint) I want to run pfSense in a VM under Unraid 6.6.6. I followed SpaceInvaderOne's videos, but I'm a bit stuck. I'm trying to get cute with my setup. I have a SuperMicro server with 4 onboard Intel gigabit lan ports AND a two port 10 gigabit pci card. All of this is connected to a Cisco L3 3560e switch, which I have configured vlans on. Now, I'm trying to do the following. My WAN port from my cable modem goes into switchport 1 (Vlan 80) on my switch. All my devices can reach the internet because I have InterVlan routing configured. VLAN 10 is for computers. VLAN 20 is for cameras. VLAN 30 will be for ubiquity. VLAN 50 will be for IOT. Now, I think I can configure the 10 gigabit ethernet ports to be bonded and set up as a trunk port, which I can then use as the LAN port in pfSense. But, I'm fuzzy as to how/what to configure as the WAN port. Can I use VLAN 80 as my WAN port, or does it have to be a discrete interface (like one of the gigabit ports)? Where do I plug in the gigabit port(s)--in VLAN 80, or in VLAN 10 with computers? And finally, how do I route all traffic through pfSense? Set it as the default gateway? Or does running the trunk port through it do this for me already? Any help would be appreciated. Thank you *** IANANA/E (i am not a network architect/engineer) *** Have you planned out your network? Literally drawn up a map for it? I'm not good enough at network architecture to do anything beyond basic configuration without drawing up a diagram/map/<something> to make sure I'm not missing something. How do you plan on connecting VLAN 80 to pfSense? Quote Link to comment
jetkraus0 Posted January 24, 2019 Share Posted January 24, 2019 Hi, I love the guide, however, I am having an issue with starting the VM. I am on step 3. This pops up internal error: process exited while connecting to monitor: 2019-01-24T03:29:45.614726Z qemu-system-x86_64: -device vfio-pci,host=07:00.0,id=hostdev0,bus=pci.3,addr=0x0: vfio error: 0000:07:00.0: failed to setup container for group 15: failed to set iommu for container: Operation not permitted Thanks Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.