Install pfsense in a PC with only one NIC
-
Yes, i do sir.
-
Well there you go then. Setup vlan for wan, and different vlan(s) for your other networks be it just lan or lan and multiple OptX networks.
-
Ok thanks a lot sir
-
what switch do you have? Not all cheap so called smart switches are created equal. For example the low end tp-link ones while they say they support vlans - in reality they do not ;)
-
sorry, i did not see your message until now.
I have D-Link DGS 1210-10P -
@utilizador_estagio said in Install pfsense in a PC with only one NIC:
DGS 1210-10P
Yeah that should work.. If you need any more help just ask.
-
oK, Thanks. I will try to learn more about the solution u just pointed me and tomorrow i will give u a feedback.
-
I found something in this very forum:
The evil WAN (cable-modem) directly attached to the core switch. The core switch get all untagged packages and assign the VLAN 666 to it. from this point the evil VAN traffic is limited to this VLAN.
This is the minimal setup on the WAN side.
Then i.e. with an ESXi host on the other side running a pfSense vm appliance, just route the evil 666 WAN tagged to the ESXi vSwitch and to a dedicated WAN portgroup configured to VLAN 666.
The pfSense VM has two virtual interfaces, one LAN and one for WAN. The WAN interface is attached to the WAN portgroup and the LAN interface is attached to a LAN portgroug.
In this case pfSense can act like any physical installation as router for NATing etc.The cool thing is… if you have multiple host and using vSphere you can move the running pfsense from one host the the other without any interruption of the WAN link to the network
This all with just a single NIC. I use an Intel NUC by the way for running my minimal required VMs like the pfSense.Is this what u were thinking about ?
-
That is a bit more complicated using esxi, but yeah wan is vlan X, and lan is vlan Y.
1 could be tagged while the other untagged. Or both tagged its not rocket science ;)
-
yeah. forgive me, but i am trying to understand this and u right. This is complicated. So having setup diferent VLANs, what is the next step ? Please, Be a little more clear. Give me more details. God bless you.
-
@utilizador_estagio
I am asking about your solution. The more simple one. -
What i am trying to understand is the logic thinking behind this. How This solution process. Something like: the traffic comes from this to that and so on.
Please. -
If you do not understand what a vlan is or how to set them up - then this is going to be a very difficult process!!
Does this help?
You can use whatever vlan IDs you want 100, 200. One is wan and other is lan. You setup your switch so ports are in the vlan you want in access mode with the vlan ID you pick. Red is wan for example. Other ports where your lan devices are (green)
The port connected to pfsense will be trunked or (tagged vlans with your ids)
Setup your vlans in pfsense where 1 vlan is your wan, and other vlan is your lan.
Here for example are some vlans I have that are running in my igb2 interface.
-
@johnpoz
Thank u sir. U r the best. -
@utilizador_estagio Am surprised nobody said "adding another NIC not expensive, impossible to do?" Also hope you are not running gigabit Internet, cause a single NIC with 2 VLANs HALFs the NIC total throughput.
-
Agreed adding 2nd nic is a much easier better solution.. And Sammy is correct your bandwidth is /2 on single nic.
-
U Uglybrian referenced this topic on
