Great that it works now, but have you seen my comment on VirtualSMP in Vmware?

You should not use this with something like a firewall where SMP doesn’t bring huge performance improvements anyways(and timing is important).
Not only will it perform much worse, it will slow down you’re entire host.

With 1.2 release I get only 64MBs recognized out of 512MBs that I have configured in virtualbox. With one of the 1.2.1 snapshots I have tried I get full 512MBs recognized.

Someone interested in doing a little research digging should look into using the free vm tools that FreeBSD has under
ports/emulators/open-vm-tools. these are the open source versions of the VMWare tools binary blobs.
http://open-vm-tools.sourceforge.net/about.php

this might actually lead closer to just having a VMWare support package as it will be just another port added to the list to precompile.

Falcon4 - while you're entitled to your opinion, you might want to try to avoid coming across like a troll ;)

FreeBSD has a massively smaller developer base than Linux, and companies like VMWare put less effort into supporting it.  As with any open source project, only the things the developers care about have work put into it.  With few developers the rate of change can't be the same as with Linux.  The support it gets from commercial vendors tends to be focused on the server space (Intel, 3Ware and others produce and support drivers for their products).

That said, if you enable the e1000 network driver instead of the default then you can use the em driver for FreeBSD, which is supported by ALTQ.

I had the same problem with my network. my two routers is connected to the backbone and to the pfsense. i was having duplicate name errors. i made 3 rules blocking 3 kinds of netbios on LAN, WAN1 and WAN2.

i put he load balance rule below the 3 (netbios block) rules in the LAN. so far i have'nt found any problems..

please post any problem you might think i encounter by doing this settings.

I am having this exact same issue. However, I made the changes that you made, and it still doesn't work. The thing is, I removed one of the NIC's. So the machine NIC and PFSense's LAN NIC are the same physical NIC. (I needed a NIC in one of my other machines).

I'm thinking that is the problem, but I was wondering if anyone has any ideas. Or do you know on a more technical level, as to why that fixed it?

Not sure if anyone is paying attention to this thread, but I just found something new. It looks like I only experience this problem when I connect to the RDP console session(using mstsc /console). If I start the terminal services client without the /console switch, it works just fine.

I still can't figure out why that is the case.

@karsteb:

Linux kernel based virtualization (kvm) was introduced into the kernel in linux version 2.6.20.

So now, linux have full virtualization (but no paravirtualization) built into the kernel. Anyone tried to get pfsense running under it?

It seems that XEN has problems under Intel hw, and wmare ESX is costly, but according to this page http://kvm.qumranet.com/kvmwiki/Guest_Support_Status kvm seems to support BSD's just fine…

k

Interesting.  Give it a shot and report back!!

Nice card, didn't know they made anything like this.
In my case though the onboard gigabit NIC is probably much better than this 5$ card, but for lower end server I always take cheap Realtek cards.
Thanks for the link.

I've localized the problem, it is in OpenVPN over PPTP. I created new  thread in OpenVPN forum
http://forum.pfsense.org/index.php/topic,9168.0.html (hope it allowed by forum rules :) )

Everything seems to be working just great over here!

I have now the 3 internet connections working of a single pfSense router on a VM, and all with only one physical NIC on the computer. I have one connection for WOW, Warcraft3, Quake3, UT, Guild Wars, Warsow, and some more, another connection for BF2, Steam games, CS, TF2, and a third one with more bandwidth but worse latency for web, IM, and any kind of unknown traffic. I love it! :D

When I have the time I will take a look if it is possible for me to implement failover, so if one connection is offline traffic can be redirected automatically to another one, and I would also like to try to use pfSense on a physical computer, to see if there are good improvements vs running it on VM.

Many thanks!
Aitor

Ah ha! You are right. That is the piece that I was missing. Cool. Thanks for your help.

Whitney

Hi,

I'm not sure if you have this resolved or not, but if not I have one piece of advice. I noticed that you have your two pfSense networks configured on the same network segment (182.168.1.0/24). Since pfSense acts as a router, this will not work. You need to have two different network segments. It looks like 192.168.1.0/24 is the network you are getting from your (other) router. So this can be your WAN network. For your LAN network you could set up a host only network. That is what I did. You will need to configure vmware to use host only networking. It will give you another (virtual) network that you can use. Then you will be able to put vms that you want behind pfSense on that network. This works for me.

Let me know if you need more information about this.

Whitney

i want to set up the radius server using the pfsense in vmware. but i don know how to configure the network interface for vmware and window xp. can some1 show me the guide/tutorial how to setup radius server?

Yes, if it does not exist and you want e1000 or vmxnet you should add it manually.

No, that's the point.  All you have to do is break the security of the virtualisation layer, which may be easier with local/interactive access to the pfSense host, but it won't be required.

For instance, take a look at the vulnerability found in the MacOS wireless layer (last year ISTR).  That kind of approach would allow somebody to target a (theoretical) vulnerability in the VMWare networking layer, completely bypassing the pfSense (or other OS) install to gain access to the underlying host.

This has been discussed in depth on various forums and mailing lists - if you're really interested go look at the paper written by Theo (as mentioned by submicron).

I think i solved the problem now.

The vmNet2 adapter was supposed to get an IP from pfSense´s DHCP server but it didnt obtain any. The solution was to go into the "Propterties" of vmNet2 network connection i windows and select "TCP/IP" Properties and under "Advanced". Here I added a gateway, the IP number of pfSense´s DHCP server. Then Windows was able to accuire an IP adress.

Both the physical network cards are bridged directly to a virtual adapter. The only options checked under windows properties is "vmWare Bridge". This to isolate the host from the world and forcing all communications to go through the firewall.

Thans for trying to help me out!
/zonar

PS
Its proberbly a good thing to set up the host with a static IP. This since it cant obtain a IP at startup since the firewall must be started first…

I had to bridge the created vmnet 2 to one of my physical network adapters and put it on the same ip range :/

and the default u/p is admin/pfsense :/

pfSense is not disk I/O intensive, so making a dedicated partition will not improve anything.

Throughput is your problem, and the vmxnet driver provides the fastest throughputs in Vmware.
All the information on how to get vmxnet working is provides in this thread, and is 2 minutes work, so good luck ;)