[HELP] pfsense virtual appliance install on virtualbox took over my home router
-
The virtual appliance is designed to provide real firewall/routing for real use. So yes, it is ready to run, just not for what you are doing. Configuring Virtualbox is rather offtopic for this forum.
-
The virtual appliance is designed to provide real firewall/routing for real use. So yes, it is ready to run, just not for what you are doing. Configuring Virtualbox is rather offtopic for this forum.
Ok looks like i am thinking something different here
So if indeed pfsense on virtualbox will control my whole network…so it will act as the new router?What happens to the wifi of the router?
Also will i still be able to manage things with my regular netgear router?
One added thing...is there a way to list all connected devices in pfsense? Tried searching for this in the web GUI and couldn't find it
-
The point is to virtualize the HW. Instead of using a physical router, you use a VM. IOW, you are just complicating things fairly heavily with the virtual machine. With no information about the virtual/physical network configuration, not possible to provide any advise. Suggest to Google pfsense + virtualbox.
-
The point is to virtualize the HW. Instead of using a physical router, you use a VM. IOW, you are just complicating things fairly heavily with the virtual machine. With no information about the virtual/physical network configuration, not possible to provide any advise. Suggest to Google pfsense + virtualbox.
Ok you keep skipping certain questions i keep asking
Alright so will i be able to manage the netgear router interface? because it is the one that controls the pfsense isn't it?
Also in pfsense is there a way to use connected network devices in the web GUI? -
Sigh. If you want to test something in purely virtualized environment, then you should configure your virtualized environment in a way that it does NOT affect your physical network. Bridging is certainly NOT the way to go here for this purpose. As for your Netgear router, already told you that it will just cause mess to have two routers in your network in this way. It should not need to be managed in any way. It would serve purely as an AP/bridge. Not a router. No need to manage anything there. If you need to manage something there, then obviously is CANNOT have the same IP as your pfsense LAN.
As for "connected devices", the question does not make much sense. What information you want?
-
Sigh. If you want to test something in purely virtualized environment, then you should configure your virtualized environment in a way that it does NOT affect your physical network. Bridging is certainly NOT the way to go here for this purpose.
So what do i need to do to only have pfsense in a virtualized environment only? Also did you not just say that is not possible and that pfsense is for real use?
As for "connected devices", the question does not make much sense. What information you want?
On the netgear router web GUI..i can see all connected devices in the network…i can see who is connected to the network....PC...phone...printer etc
Can pfsense do same?
-
1/ Read the virtualbox documentation and some networking basics.
2/ You still did not tell us what are you trying to do with that information and what "connected" means. -
1/ Read the virtualbox documentation and some networking basics.
2/ You still did not tell us what are you trying to do with that information and what "connected" means.Any information is good information whether needed or not
connected means devices in the network..host devices having ip addresses in the network..that is what connected mean…as the name implies...i also gave exmaple of devices that can be connected to a network...this is when the pfsense is the router of the network.The netgear router was able to do this so if the pfsense will be the router then i expect to be able to see a feature like this...something important to have really
-
Eh. Does not go anywhere. See Diagnostics - ARP table (or NDP table). If that is not what you want, then kindly explain what information you want or don't ask awfully generic questions without being able to specify any purpose. If it's important you should be able to tell what's important.
-
Eh. Does not go anywhere. See Diagnostics - ARP table (or NDP table). If that is not what you want, then kindly explain what information you want or don't ask awfully generic questions without being able to specify any purpose. If it's important you should be able to tell what's important.
Anyways back to my purpose..i want to use pfsense so that it can manage the network within virtualbox only and not my home network…i want the router to manage my home network and pfsense manage the virtualbox network
Is this possible?
If yes..then what do i do or what steps do i follow to make this setup?Thanks.
-
still need help…can anyone please help?
-
I don't use the pfsense VM. I have twice before created my own from the 2.01 and 2.02 versions.
The purpose for me was to use the openvpn functions and the PPTP functions, which I can report work very well in VMware.The thing to be careful of, which might effect this install is DHCP.
If done incorrectly a pfsense VM will cause conflict if its trying to assign DHCP on the same domain as another DHCP server (like the one built into you home router) and that might cause the behaviour you described. I always configured my pfsense VM wan port to pick up DHCP from the router. I also had to set the VM WAN port to BRIDGED and replicate the physical characteristics of host so that it was grabbing an IP just like any other computer on the LAN, assigning that to the pfsense VM's WAN and then being sure that none of the subnets I configure for PPTP, openvpn or lan in the VM conflict with the home router. Set up like that, it works fine.
Since then, I have built quite a few physical boxes, so I don't need the VM anymore, but it always worked well.
-
I don't use the pfsense VM. I have twice before created my own from the 2.01 and 2.02 versions.
The purpose for me was to use the openvpn functions and the PPTP functions, which I can report work very well in VMware.The thing to be careful of, which might effect this install is DHCP.
If done incorrectly a pfsense VM will cause conflict if its trying to assign DHCP on the same domain as another DHCP server (like the one built into you home router) and that might cause the behaviour you described. I always configured my pfsense VM wan port to pick up DHCP from the router. I also had to set the VM WAN port to BRIDGED and replicate the physical characteristics of host so that it was grabbing an IP just like any other computer on the LAN, assigning that to the pfsense VM's WAN and then being sure that none of the subnets I configure for PPTP, openvpn or lan in the VM conflict with the home router. Set up like that, it works fine.
Since then, I have built quite a few physical boxes, so I don't need the VM anymore, but it always worked well.
Uberwebguru, I think that kejianshi is on to something with DHCP. It sounds like you may be having DHCP collisions. I am brand new to pfsense but am about to do what you are describing: put pfsense into a virtual machine to replace my hardware router. I am not a network expert.
I think this is where you are getting into trouble: most devices, when they first attach to a LAN, send out a DHCP request broadcast. The router will reply with a bunch of information for the device, such as its IP address, the subnet information, default gateway, and possibly more. When the router sends back the reply, it keeps a list of IP addresses assigned, so that the router does not assign the same IP address to multiple machines.
My guess is that once you start up pfsense, both your router and pfsense start responding to DHCP requests. Having multiple DHCP responses is a bad, bad thing. The device on the network will accept the first DHCP reply. If the device receives a reply from pfsense, it will get subnet information and gateway information that allow the device to route all traffic through pfsense. I am also going to guess that pfsense does NOT have a route configured to the internet. In that case, devices will try to route to pfsense, but pfsense will not know how to forward the packets, creating the illusion that the devices are not connected.
You mention seeing the devices on your router. Those are the devices that the router has assigned IP addresses to. When properly configured, pfsense should allow the same functionality. You also mention manage the network, but I suspect that you mean you want to manage the network addresses and assignment of those addresses. Again, pfsense should allow you to do that.
Again, I am not a network expert, but the network should look something like this:
internet => modem => pfsense => LAN
I am going to guess that your network looks something like this right now:
internet => modem => router => LAN => physical_machine => virtual_machine => pfsense
Does that make sense?
-
I also wondered if someone might go into a pfsense VM and assign an interface on the VM to bridged and then assign it as a LAN port in pfsense and then activate DHCP on that port…
But that would be just insane since it absolutely would drive their little home router crazy.
I guess there are many ways to break DHCP when I start thinking malicious things I could do to shoot myself in the foot.
-
I also wondered if someone might go into a pfsense VM and assign an interface on the VM to bridged and then assign it as a LAN port in pfsense and then activate DHCP on that port…
But that would be just insane since it absolutely would drive their little home router crazy.
I guess there are many ways to break DHCP when I start thinking malicious things I could do to shoot myself in the foot.
My son did something similar last year. He wanted his own subnet, so he took an old and abandoned router to plug into the LAN. He connected a LAN port on his router to the LAN, so we had dueling DHCP servers for a time until we figured out what was taking place.
I plan to install pfsense (or something similar) on a virtual machine and replace my home router. Another son upset someone a few weeks ago on Xbox live and this person started flooding my poor router running dd-wrt. Load averages climbed into the 20s, so high that the web and command line interfaces could not cope. I configured some filters and traffic logging onto the router, but that just pushed the CPU usage even higher when this person was flooding me. I work at home and VPN into the corporate network and use an IP phone. Monkeying with my internet connection is very not cool. I also have a Solaris server that does many things, including hosting a dozen or so virtual machines for various reasons. I hope that soon it will host another virtual machine running some router software. The switch near the cable modem supports VLANs, so the plan is to put the modem into its own VLAN and terminate that connection onto a Solaris VNIC attached to that VLAN and accessible only by the router software running in a virtual machine under VirtualBox.
Has anyone done anything like this? Are there any concerns?
Many thanks,
Marty -
the plan is to put the modem into its own VLAN and terminate that connection onto a Solaris VNIC attached to that VLAN and accessible only by the router software running in a virtual machine under VirtualBox.
Has anyone done anything like this? Are there any concerns?
When I first ran a pfSense VM under VirtualBox the pfSense VM had the default emulation of AMD NICs but pfSense didn't see incoming traffic. Packet capture elsewhere in the network didn't show pings that packet capture in the pfSense VM showed as leaving the box. I changed the emulated NICs to one of the Intel types and then saw the pings from the pfSense VM. I don't know if this is a problem with current pfSense software and current VirtualBox.
I encourage you to construct a clear diagram showing network connects, both physical and virtual, including IP addresses and subnet masks and basic services such as DHCP and DNS. You will probably find this very helpful when you have to troubleshoot network problems.
-
There is nothing wrong with running a completely virtualised test setup.
@uberwebguru reading back through this thread it seems quite clear that you have somehow managed to connect the pfSense LAN interface to a physical(bridged) NIC an that is connected to your network. Hence both pfSense and your Netgear router are both trying to be the network router.
In a fully virtual setup as you're describing only the pfSense WAN interface should be connected to a real NIC. Inside virtual box the pfSense LAN interface is connected to your other VMs via a virtual switch.
Since both pfSense and the Netgear router are using 192.168.1.* for their LAN interface you will have to change one of them. I suggest changing the pfSense LAN.Steve
