Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense Install & Configuration Esx Server

    Scheduled Pinned Locked Moved Virtualization
    9 Posts 5 Posters 13.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mali
      last edited by

      Hi,

      I am new bie to Pfsense. I have ESX Server 4 (vsphere) having 2 NIC .
      Right Now only 1 NIC is connected to Internet and having PUBLIC IP say
      202.33.44.2
      I want to secure Virtual Machine running on it.
      What should i know to configure PFsense on ESX Server(Vsphere).

      Is there any tutorial or recommendation for it.

      Regards,
      mali

      1 Reply Last reply Reply Quote 0
      • H Offline
        heitor.lessa
        last edited by

        HI there,

        Actually I´m using pfsense under VMware ESXi with 2 nic*, both internal network and works fine.

        What kind doubt do you have exactly?

        How to configure 2 nic on pfsense under ESXi?

        First you need to know what nic is from internet (public address), on this case will be WAN nic
        Second you need to adjust one more nic on "Configuration" –> "Networking" on VMware to add your LAN nic.

        To install choose what nic is WAN e what nic is LAN.. for example:

        em0 -> LAN
        em1 -> WAN

        About security, pfsense uses pf firewall and you´ll need to know how to configure policies, rules, nat. But this ... deppends of you.

        Anyway, I´m here for any questions about installation and configure under ESX.

        Regards.
        Heitor Lessa

        1 Reply Last reply Reply Quote 0
        • M Offline
          mali
          last edited by

          First of all i THANKS for your reply.

          I have 2 Virtual Machine on Vmware ESXi and i want to protect it from Pfsense.

          I have installed Pfsense on Vmware ESXi with One Physical NIC.

          I have assigned em0 to LAN & em1 to WAN Interface.

          em0–--> Vswitch0 ----LAN Interface. (202.33.44.2)

          em1----> Vswitch0 ----WAN Interface.(202.33.44.3).

          These are my concern.

          How can i access WebGUI on WAN Interface ?
          Can i used Public IP Address on Lan Interface ?

          My Virtual Machine is also on Public Ip (202.33.44.4) which i want to protect from Pfsense.

          Regards,
          mali

          1 Reply Last reply Reply Quote 0
          • H Offline
            heitor.lessa
            last edited by

            Well,

            I have 4 VM under ESXi, but my environment is totally different of yours.

            Anyway, answer some questions.

            How can i access WebGUI on WAN Interface ?
            Yes, it´s possible, for this propose you need to uncheck box "Block Private Addres" IF you need to access from your LAN, IF ELSE you just need allow port 80 on firewall rules or OTHER IF you change the WebGUI port, sure.

            Can i used Public IP Address on Lan Interface ?
            In LAN Interfaces you configure private ip address and not Public address ^^, until you can, but isn´t a best practice in security relation and standards.

            Try not use just one NIC for pfsense firewall, use 2 nic and configure it on Networking as Virtual Switch and assign on pfsense, if not you can have a bottleneck.

            About protect your other server, you REALLY need to configure public address in your other server?
            You can configure an internal address and put gateway for your firewall (pfsense), and to access any service in this server, you can redirect traffic using NAT.

            But this, I still not try this feature on pfsense, it´s better you ask in Firewalling topic.

            Regards.
            H

            1 Reply Last reply Reply Quote 0
            • M Offline
              mali
              last edited by

              Thank you so much for this support.

              I have added you on my MSN.

              I am using one Physical Nic and two two logical NIC which connected to Virutal Switch.
              I am able to connect WebGui on Wan Interface and ping it perfectly.

              Now my major concern is that My Virtual Machine is on Public IP Address and i want to protect it from
              Pfsense which is sitted infornt of my Virtual Machine.

              For this what i have to do.

              Can you share me your environment with Two Physical Nic.

              Regards,
              mali

              1 Reply Last reply Reply Quote 0
              • H Offline
                heitor.lessa
                last edited by

                You´re Welcome.

                I still not received your ack for MSN.

                But if you wanna add me on Skype is -> heitor.flessa

                How I said, you may ask for firewalling topic for pfsense expert, but I  throught that is not possible if you don´t redirect to pfsense gateway.

                Sure I can.

                We talk on MSN or skype.

                Regards,
                Heitor Lessa

                1 Reply Last reply Reply Quote 0
                • E Offline
                  EddieA
                  last edited by

                  Here's how to set up your VMs on ESXi with 2 NICs.  As they say, a picture is worth a thousand words:

                  Cheers.

                  1 Reply Last reply Reply Quote 0
                  • K Offline
                    kdoswald
                    last edited by

                    You're wording is confusing me on this one. Protect the vm from pfsense? Do you mean protect the vm from outside using pfsense?

                    I use pfsense under esxi similar to other post.  But have 3 virtual nics and two real ones.

                    Vswitch0 is local network
                    vswitch1 is my FIOS connection/Wan
                    vswitch2 is virtual for DMZ.

                    Pfsense setup
                    Lan - le0 (vswitch0)
                    wam - le1 (vswitch1)
                    OPT2 - le2 (vswitch2) (DMZ)
                    OPT3 - Tun0 (openvpn to connect to lan from outside)
                    OPT4 - tun1 (openvpn connection to office for work)

                    I would think if you want to protect those other machines with pfsense.  Option would be port forward or 1:1 nat

                    Do these machines need to have public ip? I just redirect ports to my web server and other things mainly to DMZ on inside.

                    1 Reply Last reply Reply Quote 0
                    • T Offline
                      tractng
                      last edited by

                      @EddieA:

                      Here's how to set up your VMs on ESXi with 2 NICs.  As they say, a picture is worth a thousand words:

                      Cheers.

                      I like the setup.  I am going to setup like yours :).

                      One NIC going to the WAN port of the FIOS router.  The other NIC for internal connections with VMs.

                      tnt

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.