Please see: https://forum.pfsense.org/index.php?topic=119934.0

@firefly: Linode does not officially provide support for any OS other than Linux. Some guides for installation of FreeBSD do exist and the install does work. I'm installing pfSense v2.3.2 on Linode (KVM) VM in paravirtualized mode (have also tried full virtualized). The installation completes. Linode VMs are provided a public IP (WAN) and and optional private IP. The problem is that a single network interface is used (single MAC). On Linux the public and private IPs are configured as "eth0" network interface and "eth0:1" sub interface. When pfSense boots on Linode VM only a single network interface is configured "vtnet0". I can then manually create the sub-interface as follows: "ifconfig vtnet0.1 create" I then configure the private IP address as follows: "ifconfig vtnet0.1 inet 192.168.180.200/17" If I launch the Webconfigurator, I can see both network interfaces, so I know I'm going in the right direction. My questions are: In pfSense, how do I manually restart the network and routing services following the creation of the sub-interface and private IP assignment? How do I save the above sub-interface configuration and private IP assignment so that they persist following a reboot? In Webconfigurator, I can assign the sub-interface "vtnet0.1" as LAN. I disable IPv6 and assign an IP. When I try to ENABLE the sub interface an error comes up the DHCPv6 Service is running. I attempt to disable IPv6 from the WAN interface and the Webconfigurator appears to hang and lose the configuration entirely. Lastly, is use of pfSense with two interfaces where one is actually a sub-interface an security concern (essentially a FW on a stick) - it is not intended for any production use. Any guidance/suggestions appreciated. Hello, I am in the same situation, I need to have a firewall in front of my other vm, but I need two interfaces wan and lan . Have you made any progress? my best regards!

Ironic, I manually rebuilt the config and when I added the Shaper it crashed.  the 2.2.6 Shaper must not be compatible in 2.3. Thanks!!

Hi, Because in my home pfsense have 4 LAN interfaces, I wanted to have all CISCO AP on the same physical interface LAN trunk configured with 2 VLANs for Private-Guests wifi. First I configured 2 interfaces on /25 range but I don't like to have IP changed from one segment to another one when AP is changed. Then I was thinking to bridge the interfaces but is no point to add this load to pfsense, I did not have a managed switch at home, so I made an experiment: I used a dumb switch to connect all AP CISCO configured with 2 VLANs and the LAN trunk interface with the same VLANs of pfsense. Result SUCCESS ! everything work perfect, looks like I don't need a managed VLAN switch just to pass/carry trunk traffic to all ports of the switch; I tested: 1GB switch DLINK GO-SW-5 and 100Mb TP-LINK TL-SF1005D, both work OK to carry trunk traffic.

The web server on pfSense is not intended to be used for anything but pfSense, not for hosting custom pages/code. If you absolutely must host a web server on the firewall, you'll have to setup a separate instance manually with whatever custom config you want. Dig around the forum and you'll find some examples where people have done just that.

Indeed and you should switch now if you're still running 32bit before it becomes an issue. 2.4 is still beta….. for now. Steve

@Jon: Is this some sort of mirror issue or something else? Is the issue still happening?  If so, we'll need some more details and any diags you've already tried It sees to be a connectivity issue, as it's intermittent and only seems to affect pfsense. The only oddity now are the version numbers, as shown in the images above, which is still happening.

It looks like it's having trouble reading from the CD-ROM there but I could be mistaken.

If I had to guess then your CF card is not too happy: /dev/ufs/pfsense0: FREE BLK COUNT(S) WRONG IN SUPERBLK (SALVAGED) /dev/ufs/pfsense0: SUMMARY INFORMATION BAD (SALVAGED) /dev/ufs/pfsense0: BLK(S) MISSING IN BIT MAPS (SALVAGED) /dev/ufs/pfsense0: 15885 files, 873983 used, 2906045 free (2597 frags, 362931 blocks, 0.1% fragmentation) /dev/ufs/cf: FILE SYSTEM CLEAN; SKIPPING CHECKS /dev/ufs/cf: clean, 99618 free (42 frags, 12447 blocks, 0.0% fragmentation) Warning: file_get_contents(/etc/version): failed to open stream: No such file or directory in /etc/inc/globals.inc on line 88 pfSense  on the 'nanobsd' platform… Try another one - they are pretty cheap - or run a thorough test on the current one on another machine and try again.

It worked!! Last thing i could see before seeing it crashing was something about not being able to lock on a database. Anyway its up and running now Thank you very much

Funny ??? I just try to run a new install from a USB with a fresh download (pfSense-CE-2.3.2-RELEASE-amd64.iso & pfSense-CE-2.3.2-RELEASE-i386.iso) both .ISO file's are not bootable as rufus said. Even burned one of the ISO's to a CD-R and it booted but a few mins in at "Trying to mount root /cd9660/dev/iso9660/PFSENSE [ro]…" it spits out preparing crash dump and reboots. I used this doc to see if I was doing anything wrong: https://doc.pfsense.org/index.php/Installing_pfSense Even looked over this one as well!!! https://oitibs.com/pfsense-usb-install-guide-rufus/ :o I have been booting .ISO's & running PF for yrs now and I feel like a nub [image: Screenshot_158.png] [image: Screenshot_158.png_thumb] [image: Screenshot_159.png] [image: Screenshot_159.png_thumb] [image: 20161112_211942.jpg] [image: 20161112_211942.jpg_thumb]

@Numenor: @johnpoz: "6. I then went to Bridge tab and bridged them with the LAN interface." Huh???  Your wanting to use these as switch ports???  That is NOT a good idea at all… If you need switch ports, go get a switch!  Get one that supports vlans is what I would suggest if you want to start putting your stuff on vm and running a more complicated type of network.  Vlan supported switch will allow you to segment your network for control and security.  As to your wifi I would suggest you get a real AP vs some card your going to install in your VM host and then try to pass through to a vm?? Dude if you want to run VMs on hardware.. Why would you not run esxi or actual hyper-v version of windows vs just the hyper-v that is included in the windows 10?  Or any of the other hypervisors out there??  What you want is a VM host, then run type 1 not type 2. Hyper-V in Windows 10 does have type 1. [image: Gppf2CD.png] Also what you're saying makes no sense at all. How would getting switch help at all? When they would still require Ethernet ports to be hooked up to the PFSense box that is acting as a router. Network doesn't need anything fancy since its only meant to be a home network, it only has 3 computers that need Ethernet ports. It just needs wifi for a couple of phones, 1 laptop and a smart TV. Also the reason why I am running PFSense on a PC VM instead of ordinary router is because hardware upgrade ability, power efficiency since it would only require one device to running all the time, instead of multiple. Also your post really doesn't offer any real help. I just need the Ethernet ports from the PFSense box to give internet access to the devices that get plugged into it right now. Isn't that the whole point of PFSense? To act as a router? If you're telling me I should of just gotten ordinary wireless router, then what is the point of having PFSense at all? Type 1 and Type 2 hypervisor is not the same as Generation 1 and Generation 2 virtual machines which is a Hyper-V only.

thank you, bro!

The way I normally do it that works every time and makes sense from a networking perspective: WAN - Bridged (to your real LAN network) LAN - Custom: VMnet2 OPT1 - Custom: VMnet3 For your virtual LAN clients, make sure their NIC is also on Custom - VMnet2.  Your DMZ virtual servers go on Custom - VMnet3. Set pfSense WAN to get a DHCP address or set it manually.  Set LAN to some other private network space outside of your real LAN.  Enable DHCP on LAN and give it a range.  Your virtual LAN clients should have no trouble getting to the WebGUI. [image: vmw.png] [image: vmw.png_thumb]

Bug reported: https://redmine.pfsense.org/issues/6904

I'm just that good  ;D

If you have the same config (or at least the same starting point) on the same hardware just connect to 192.168.1.1 and upload the config. Done.

Sure, provided you can predict their MAC addresses. You can do it in one of two ways: 1. Use static mappings for all of the different ones and set the option there 2. Create a second pool with the setting you want, and use the MAC address allow/deny controls to influence who pulls from a specific pool. Deny them from the main pool and allow them in the second pool.