Interesting idea gi-minni Have you also looked at VMware NSX? what do you think your solution would bring to the table over integrating the router/firewall directly into the Hypervisor level? maybe you could also look at using pfSense + the vmware API for layer 3+ features from pfSense and turn pfSense into a awesome competitor for the juniper and arista networks gear. most of the NSX is based on Nicira's Open vSwitch so here's hoping for compatibility :)

Don't assign the same subnet for each nic.  Configure a BRIDGE in your interfaces section.  That bridge should give you in the end, ONE interface to assign an IP to.  That is how you would manage the box.

Yes, I presently have any to any passing all.

first hello to all :-) i'am new here. ok, i have an working pfsense as router/firewall and a debian installation as client on virtual box. both NICs are configured with static addresses in pfsense (lan and wan and just ip4 network). setup values: first ethernet adapter is the NAT (select him as first NIC). second ethernet adapter is Host-Only (allow access for vms and host). pfsense config (i didn't use dhcp and configured both nics with static ips) wan config: ip is 10.0.2.15/16, gateway 10.0.2.2, dns 10.0.2.3 and 192.168.*.1 (my physical router outside virtualbox u have to choose your router ip etc…) lan config: ips is 192.168.1.1/24 and it workes fine. a nice day for all mahadev

The host in question has some 256GB, I asked one of the VM admins to to set me up a test machine to use and this is what I got  ;D  once I have spent some time working out the configuration I will be looking to reduce the memory and storage.  I might be looking to see at least 8/10GB as we have a requirement for keeping web access logs

Hi, I haven't much time to simulate the lesson on the wiki but I have printed for my keep. I have attached the expanded storage, then erased the previous saved cached files. This are my observation: In just the whole day it filled my storage up to 85%. This is the status 4 hrs ago. Now I checked and it became 83%, I don't know what it means. But it seems to me it auto grows as it fills the storage. I have allocated 100G as you advice and put a cache cap of 40G. So I'm still observing. Anyway, I have 2 another question as attached. Image 1 refers to the WAN traffic but I'm not really sure how to interpret it. Also with image 2, the LAN traffic. How to interpret those data? [image: WAN.jpg] [image: WAN.jpg_thumb] [image: LAN.jpg] [image: LAN.jpg_thumb]

I read the chapter 6 of the VirtualBox Manual and played with the different network configuation. I found that in Internal Networking, my Linux VM would report "The Network Connection has been disconnected". In Host-Only, the connexion does establish itself in the VM but the web is not accessible and the Host (Windows) lose the connexion too. Maybe there is a conflict between the Bridge and the Host-Only network adapter. From the documentation of VirtualBox : "Internal Networking is similar to bridged networking in that the VM can directly communicate with the outside world. However, the "outside world" is limited to other VMs on the same host which connect to the same internal network." Since my pfSense VM does access the internet, does the rule still apply? smcclos - You say you did a setup like this, how did you proceed exactly? Thank in advance.

I think I have the same problem as your only that my is the latest version of pfsense. http://forum.pfsense.org/index.php/topic,66646.0.html I am not sure where the problem is and how to debug this, but it is impossible to use this in a production setup.

@gi-minni: … change easily tmpsize, varsize, etcsize (there is a GUI way for this but is only defined for embedded platform) Actually not true with 2.1 [image: 20k3p4x.png]

I'm not using VirtualBox, so I won't be able to help much. First step, I'd say is to use a newer version of pfSense. Looks like you're trying with 2.0.3, while 2.1 was just released. If it's not a requirement to use 2.0.x, there is no use to try with an older version when such a shiny new one is available ;) You might want to post more info about your HW (mostly what CPU and network cards), which might be relevant. For example, under Hyper-V, pfSense 2.0.x would panic when running on an amd64 CPU (you had to edit boot.conf) and you had to reset the network interfaces after the boot was completed. There might be something like that for VirtualBox that might have been fixed in 2.1.

Just for the benefit of anybody watching this thread. I did a new build with the Hyper-V aware kernel and pfSense 2.1 Release. See http://forum.pfsense.org/index.php/topic,56565.msg362435.html#msg362435 and following posts (check out the complete thread for troubleshooting tips and issues others have found).

(guessing your meaning using Google Translate) Actually, this is a newer version (currently 2.1 Release or 2.0.3p1-Release) http://forum.pfsense.org/index.php/topic,56565.msg362435.html#msg362435

Hi emcel, I'm just starting to scratch the surface and learning about this stuff and I maybe wrong on this but I believe there is a difference in this particular setup when you use the loopback adapter. In our scenario, the wireless NIC in my laptop is a layer 3 device, and the Loopback Adapter is layer 2, the two virtual NICs from virtualbox, one is bridged to a layer 3 device and the other to a layer 2. Your setup is different but I don't fully understand the implications in terms of paranoid security. I suspect that in your case it didn't  work because you had the loopback adapter facing the outside world. (to your switch) When I installed the looppback adapter I set it up as follow: IP 192.168.100.2 SM 255.255.255.0 GW 192.168.100.1 (Later used this ip to configure pfsense (LAN em0) In Virtualbox this is bridged to Adapter 2

Edit: http://tinypic.com/view.php?pic=8x7gw4&s=5 Yes, the WAN NIC has been set as external.

Yeah - Thats all kind of complicated.  It has to be done, but I think first getting pfsense working, then bridge fios. Anyway  - the order isn't important if it doesn't confuse OP.

So I got it solved through hours and hours of research… basically I got rid of MSLB and reconfigured everything. I now have a working server and network that connects to the net via pure software pfsense. Now it's time to connect diskless nodes to this server...