Would like to setup a Dual Boot with pfsense on a Lap top.
-
Yup, you might dual boot 2.5 and 2.4.5p1 for example. I could imagine dual booting pfSense with CentOS or something just to test hardware compatibility.
I suspect our friend above didn't read the right docs, thought it was a software firewall for Windows and attempted to install it as such resulting in much frustration. They would not be the first.
Steve
-
@stephenw10 said in Would like to setup a Dual Boot with pfsense on a Lap top.:
Mmm, this is either a troll or you have misunderstood the purpose of pfSense entirely.
@Steve , We should give him the benefit of the doubt and maybe he (a good person) had a really bad day.
But there are also bad people who enjoys the suffering of others. -
The point that I was trying to make was that of the pointlessness of having a firewall on a HDD and nothing else. Why would anyone bother with that? - The whole idea, surely, of a software firewall is to run it alongside the operating system, not to stick it on a seperate HDD.
...but playing along with the curious argument that the firewall is actually supposed to be all alone on a HDD, what then? - How can it possibly protect anything when it is sat there with no operating system and absolutely nothing to protect?
Reading between the lines of the replies received thus far, though (thanks, - they are appreciated), I get the impression that, possibly, the idea is to use pfSense, once installed, as a pass-through device; effectively turning a spare HDD into the equivalent of a hardware router and then using that as a bridge device between the internet and the local network. Would that be correct?
-
Exactly that. pfSense is a router/firewall. It replaces whatever router you may have currently, Netgear, Cisco etc. It can be run on a standard PC with two NICs but also runs on more specialist hardware like this.
Also see: https://www.pfsense.org/getting-started/
Steve
-
@stephenw10 Thanks, but that, to me, seems to be a hellishly complex (and expensive) way to implement a network filter. At least I now understand what pfSense are trying to do with their software, because no-one (reviewer, website, or weblogger) makes it at all clear how to implement it or that it comes with a minimum requirement of 2 NICs and a HDD (or equivalent).
-
You don't actually need two NICs, you can use VLANs with one NIC and a managed switch.
Or install it in a VM as discussed above.
It really depends on what you're trying to do. Filter traffic for a whole office of PCs? Setup a VPN to allow all those PCs to connect to some remote site? It would be crazy to try to do that with software firewalls and VPN connections on each PC.Steve
-
@stephenw10 I am still in the process of trying to patch VirtualBox sufficiently to a: get it working and, b: get it working with IPv6; so I may see about patching-in pfSense at some point, too, - thanks.
My setup is (now) a virtual linux webserver with Windows PC. Next will be a MAC (but they do not like virtual, apparently); so depending on how things progress I will either attempt to patch-in pfSense or I will simply buy a hardware box (which would, unfortunately, have to be one of the dearer models because of my networking requirements).
-
I have run numerous pfSense instances in VBox with no issues. I would expect it to 'just work' there.
Steve
-
@stephenw10 Good, - thanks, - but based on my unpleasant experiences with both VirtualBox and VMWare (especially) I do not expect the problem to be with pfSense.
-
Since I got a Proxmox host setup I hardly ever use VBox anymore. I can recommend that, it was a game-changer for me.
Steve
-
@stephenw10 Looks interesting, - another installer that requires an entire install device to itself, but if there is a chance that I can run my webserver without crippled IPv6 and DNSSEC it has got to be worth a look. - Thanks.
-
Yeah it needs a dedicated host to run on, it's a true hypervisor.
But that means it moves all that load off you desktop. It also means you can physically position it anywhere there is Ethernet and power so it can be big and load etc. And it can be always on to host VMs that need that.
Steve
-
@stephenw10 said in Would like to setup a Dual Boot with pfsense on a Lap top.:
Since I got a Proxmox host setup I hardly ever use VBox anymore. I can recommend that, it was a game-changer for me.
Steve
Love Proxmox, did you also use it for gaming like steam with video card pass through?
-
Nope!
I have it running on a virtually silent low power NUC.
Steve
-
@stephenw10 said in Would like to setup a Dual Boot with pfsense on a Lap top.:
Nope!
I have it running on a virtually silent low power NUC.
Steve
I am planning to do the same changing my server with low power server. My energy bill is unbearable.
-
@stephenw10 I have now managed to install pfSense (thanks), but it is useless unless I can run it inside of something else (not possible to get it working alongside anything), and ProxMox is the worse pile of crp I have ever tried to use. - It has to be run from the command line ...and expects to be configured via a browser(???). I am not even going to ask. - The more I explore these hypervisors the more I wonder at the seriously fcked sense of humour behind these products.
-
@2RTzC5KbQGH4aG said in Would like to setup a Dual Boot with pfsense on a Lap top.:
It has to be run from the command line ...and expects to be configured via a browser(???)
And how else would you design a headless VM host to be managed? Which btw is exactly how pfsense is managed via a browser.. ;)
As to run from the cmdline.. I take that to mean the box has no actual gui?? Well no shit why would I want my hypervisor to waste resources on a gui..
-
@johnpoz The point I was making is that it is a bit difficult to configure something via a browser when, as you point out, the damn thing is headless. In other words, it has been designed in such a way as to make configuring it 100% impossible short of using a second machine and having a GUI OS on one machine and ProxMox on the other.
-
And when would you not have a 2nd machine on a NETWORK that you admin and want to run a VM host on.. For gosh sake you could do it from your phone ;)
My take is you have no idea how any of this stuff is actually meant to be used.. No proxmox is a not hypervisor for a workstation.. Like vmware workstation or hyper-v you run on windows 10.
If you want that sort of thing then you want a type 2.. Esxi and Proxmox are both type 1..
If you want - you could install proxmox as a package with your existing linux OS.. Then it becomes more of type 2. But its really meant to be a type 1.
If you want type 2, use virtualbox, or vmware workstation/player or hyper-v for say windows 10.. Or say KVM..
esxi use to have a fat client you could use vs a browser.. But it has gone be dropped. You either manage esxi for example with its on control server a vserver that can run as a VM on your host or cluster of VM host. Or you if your just running a lab or small setup with 1 host, then you use a browser to manage it, etc.
If your looking for something to just firewall your 1 pc - no pfsense is not a logical choice. It is meant to be the firewall for a network.. Not a "network" with 1 device on it ;) Connected to your isp gateway/router/modem.. While it can be done with just a modem and 1 box, hyper-v would prob be your logical choice if your machine runs windows - or you could use virtualbox.. Both are pretty simple to setup.. Not sure what your problem has been with either of those. Its pretty clickity clickity with a basic understand of the concepts at play in such a setup.
I would suggest if you want to play with pfsense, get a box you can use as a vm host.. Say a nuc, or nas that can do virtual machines. Or some cheap box you bought on net that can run esxi or proxmox.. Then you can start with using it for your vms on that host.. And then at some point of so inclined you could use that as firewall/router for your network, which I take it at this time is your 1 PC? Or maybe a sg1100 would be a great starting box for you? Just to run pfsense..
I have run pfsense virtually on multiple platforms over the years. But it was always a 2nd vm host on my network.. Back in the day it use to be a dual P4 setup.. Man that thing could suck some power ;) I have currently graduated to a sg4860 for my home network - and love it.. If I want to play with snapshots or betas of pfsense. I just fire them up on my nas.. Since it can run virtual machines.
-
@johnpoz I understand all that (thanks), but there is simply no way that it is working on my setup. - No problem, - I had my doubts about the feasibility of it all, and I can see that they were justified (more of the usual Linux), but obvious if you think about it: you cannot run a GUI on a command line OS, so the whole ProxyMox claim is absolute nonsense.
I can see that pfSense would work, though, but only virtualized; although I cannot see how it could be made to work alongside anything else because it would be just one of potentially several "guests" ...and it is only possible to have one guest running at any given time (ie: whilst pfSense can be installed it is absolutely useless unless you want it solely for interfacing with a remote machine and having no local OS - pointless).
VirtualBox is terrible and has crippled networking (especially on the IPv6 side). Also, what you are effectively saying is that ProxyMox is not a VM and cannot be used with Windows ...which makes no sense at all.