Install pfsense in a PC with only one NIC

johnpoz

what switch do you have? Not all cheap so called smart switches are created equal. For example the low end tp-link ones while they say they support vlans - in reality they do not ;)

Utilizador_Estagio

sorry, i did not see your message until now.
I have D-Link DGS 1210-10P

johnpoz

@utilizador_estagio said in Install pfsense in a PC with only one NIC:

DGS 1210-10P

Yeah that should work.. If you need any more help just ask.

Utilizador_Estagio

oK, Thanks. I will try to learn more about the solution u just pointed me and tomorrow i will give u a feedback.

Utilizador_Estagio

@johnpoz

I found something in this very forum:

The evil WAN (cable-modem) directly attached to the core switch. The core switch get all untagged packages and assign the VLAN 666 to it. from this point the evil VAN traffic is limited to this VLAN.
This is the minimal setup on the WAN side.
Then i.e. with an ESXi host on the other side running a pfSense vm appliance, just route the evil 666 WAN tagged to the ESXi vSwitch and to a dedicated WAN portgroup configured to VLAN 666.
The pfSense VM has two virtual interfaces, one LAN and one for WAN. The WAN interface is attached to the WAN portgroup and the LAN interface is attached to a LAN portgroug.
In this case pfSense can act like any physical installation as router for NATing etc.

The cool thing is… if you have multiple host and using vSphere you can move the running pfsense from one host the the other without any interruption of the WAN link to the network
This all with just a single NIC. I use an Intel NUC by the way for running my minimal required VMs like the pfSense.

Is this what u were thinking about ?

johnpoz

That is a bit more complicated using esxi, but yeah wan is vlan X, and lan is vlan Y.

1 could be tagged while the other untagged. Or both tagged its not rocket science ;)

Utilizador_Estagio

yeah. forgive me, but i am trying to understand this and u right. This is complicated. So having setup diferent VLANs, what is the next step ? Please, Be a little more clear. Give me more details. God bless you.

Utilizador_Estagio

@utilizador_estagio
I am asking about your solution. The more simple one.

Utilizador_Estagio

What i am trying to understand is the logic thinking behind this. How This solution process. Something like: the traffic comes from this to that and so on.
Please.

johnpoz

If you do not understand what a vlan is or how to set them up - then this is going to be a very difficult process!!

Does this help?

You can use whatever vlan IDs you want 100, 200. One is wan and other is lan. You setup your switch so ports are in the vlan you want in access mode with the vlan ID you pick. Red is wan for example. Other ports where your lan devices are (green)

The port connected to pfsense will be trunked or (tagged vlans with your ids)

Setup your vlans in pfsense where 1 vlan is your wan, and other vlan is your lan.

Here for example are some vlans I have that are running in my igb2 interface.

Utilizador_Estagio

@johnpoz
Thank u sir. U r the best.

SammyWoo

@utilizador_estagio Am surprised nobody said "adding another NIC not expensive, impossible to do?" Also hope you are not running gigabit Internet, cause a single NIC with 2 VLANs HALFs the NIC total throughput.

johnpoz

Agreed adding 2nd nic is a much easier better solution.. And Sammy is correct your bandwidth is /2 on single nic.