Thanks! Worked! Appreciate the help!

Kind regards!

pfSense 1.2.2 and 1.2.3 won't install on Windows 7 Virtual PC, either.  Can't even pass disk format and disk partition part.

Will try earlier version later.

Both installed fine under VMware Workstation, however.

You need to ensure that you've configured Windows with 10.0.0.50 on Local area network 2 and removed TCP/IP from Local area network 1.

Thx, I did it!

I am waiting sunday for getting similar network traffic  …..
to be continued  ;)

The latest I read is they are still working on getting the kernal to work.
RC

If there is support in FreeBSD for those options, it may be possible in the future. I don't think virtio is supported even in the most current versions of FreeBSD though.

Ive put a tad more traffic on the network…

LAN interface (le1) Status up MAC address 00:0c:29:6b:26:f4 IP address 10.10.10.1  Subnet mask 255.255.255.0 Media autoselect In/out packets 728395/1259410 (113.04 MB/1.70 GB) [b]In/out errors 125/0[/b] Collisions 0 WAN interface (le0) Status up MAC address 00:0c:29:6b:26:ea IP address 216.151.xxx.xxx  Subnet mask 255.255.255.192 Gateway 216.151.xxx.xxx ISP DNS servers 4.2.2.2 4.2.2.1 Media autoselect In/out packets 1301400/726785 (1.70 GB/116.27 MB) [b]In/out errors 70/0[/b] Collisions 0

@EddieA:

Here's how to set up your VMs on ESXi with 2 NICs.  As they say, a picture is worth a thousand words:

Cheers.

I like the setup.  I am going to setup like yours :).

One NIC going to the WAN port of the FIOS router.  The other NIC for internal connections with VMs.

tnt

This thread may possibly be of interest to you, especially if your ISP supports what is being discussed there: http://forum.pfsense.org/index.php/topic,23094.0.html

Congrats doomsday, you've gotten yourself banned. It's rather obvious you have absolutely no idea what you're talking about, and not the slightest clue about networking. Then you attack someone who is trying to help you and clearly knows what he's doing from his 1400+ posts here.

I did it with proxmox, working pretty good.  Was wanting untangle for some utm stuff since i cant keep the l7 stuff in pfsense 2 working without blocking everything or crashing.  Works exactly as planned, i just created a dmz and didn't do a tbridge, w/ two physical nics for in/out interfaces.  Untangle pissed me off since there are no good reports for the webfilter w/ out paying for esoft.  So was looking at redesigning and putting a pf+squid back in front of untangle and converting to tbridge.  So it would be a dual pf setup w/ an untangle tbridge in the dmz mostly for layer 7, av.    its really neat, a vrouter appliance.  i can redesign on the fly, etc.  I have 4 gbit intel mobo so i have enough adapters to come back out to the real world for dmz's + portals + extra router/wan interfaces, + i can add to more to my appliance pretty quickly and cheaply.  I had to combine all the diff products to get all the functions i wanted, just had to use more hardware. i added a 2nd 2.5" 160gb 7200 drive just for the untangle vm to run on as it used the disk quite a bit, it took a few mins to boot all the way up on 1 disk, 2-4 or so, still waiting for 2nd drive to arrive.  running on a c2d e8400. would like to get it down to roughly a min and and add a vm or so… .  didn't seem to affect my internet connection at all, im only 10/1 mbps though.  like to do some real world thruput testing, vpn etc...  kinda fun project.  Slap one of those new 1156 chips deskop or server, and that would be some serious firewalling power for SMB if it can perform well.

It is no problem hardware wise….:)

In this case you want to use 1:1 NAT settings and not the Virtual IP settings.

with the Virtual IP settings you have, you're telling pfSense to respond to the global IP addresses, but there's nothing to corolate them with the internal IP addresses.
with 1:1 NAT, i believe you shouldn't need the Virtual IP settings (although you may)

Hello

After some research i found a workaround for this problem.
I want to share this if somebody else encounters my problem.

I added the following line in /boot/loader.conf
kern.hz="100"
I rebooted the machine and after that cpu usage is 10-14% from 50-60%

@mali:

I have installed Pfsense on Vmware esx server 4 with 2 Physical Nic.
(WAN) em0–-->vswitch0-----Pfsense
(LAN)  em1---->vswitch1-----Pfsense

VM1-----vswitch1
      VM2-----vswitch1
      VM3-----vswitch1
      VM4-----vswitch1

I want to Protect my 4 Virtual Machines whcih are behind Pfsense.
All 4 Virtual Machines having Public IP Address .

Pfsense (Wan) ----- 202.61.42.15

VM1 ---202.61.42.18
VM2 ---202.61.42.19
VM3 ---202.61.42.20
VM4 ---202.61.42.21

I want to protect these VM through Pfsense.

I donot want NAT or Port Forwarding.

Can any body help me in configuring or designing this.

Not sure if you figured it out yet, but I will answer your question in case anyone else searches for this :)

There are 2 scenarios:
1: Using pfsense as a router/firewall with NAT (internal IP's behind pfsense)
2: Using pfsense as a transparent firewall (external IP's behind pfsense)

You are talking about scenario #2. For both scenarios, the VM and vSwitch configuration is actually the same. The exception of how you setup pfSense.

First of all, you will need to configure pfsense as a transparent firewall, which includes bridging the LAN interface with the WAN. There is a good tutorial on how to do this located at http://pfsense.trendchiller.com/transparent_firewall.pdf

On the ESX server you will need to create the following:
vSwitch-1 (connected to a physical NIC)
vSwitch-2 (not connected to any physical NIC)

For vSwitch-1, connect the pfsense WAN interface
For vSwitch-2, connect the pfsense LAN side interface

Put all your VM's on vSwitch-2.

You may need to configure the actual vSwitches to be in "Promiscuous Mode" - you do this inside ESX in the "Configuration" tab via the VI Client.

Now add all your firewall rules accordingly. That's it!

Hope this helps.

-Sean