Laptop as pfsense firewall/router

  • Hello
    I want to maybe use my laptop for pfsense.  It has a built in adapter for LAN and wireless.

    One option is boot off a USB drive, which I think is possible but slow to boot up.

    The other is possibly installing pfsense in a virtual machine inside the laptop (virtualbox) I understand pfsense does not needs few computer  resources. I want to keep the present windows 7 on the laptop.

    I have a good reason to consider doing this.
    The machine I want behind the firewall will have windows 10 on it, with a direct LAN connection to the laptop.  I have a crossover adapter if necessary.

    If I use the USB boot drive option, how do I access the web interface on the laptop itself. I will definitely not be logging into it through windows 10. Sadly it seems you need to be paranoid when using windows 10 for any internet connection.

    If I go for the virtual machine option, I can access the web interface on the laptop easily.

    I have installed & used pfsense before, so have some knowledge already.

    The laptop wireless will be the WAN, and the wired connection the LAN.
    I have not used pfsense for a while so will need to get familiar again.

    Any tips appreciated.


  • LAYER 8 Global Moderator

    Why do you want to put yourself though such pain?  So wifi would be your wan connection for your windows 10 box??  What is that speed?  What is your internet speed?

    If your worried about windows 10 and want to put it behind pfsense, why don't you just run pfsense virtual on that machine..

    So what exactly are you going to do with pfsense for windows 10?  Are you going to block it from phoning home?  As to inbound pretty sure your current nat router blocks all unsolicited inbound traffic as well.

  • Hi
    My present PC. Windows 7 home premium OEM. It is limited to 16GB, which is what I have installed. Right now it is enough but may need to install more.
    It seems if  I do the upgrade, roll back, then I have a valid windows 10 key for my PC. I will need to confirm this. Microsoft as I am sure you know are very keen to upgrade people to windows 10.
    I also like gaming and if/when directx12 is essential, will need windows 10.

    I installed pfsense inside a virtual machine on the laptop. two bridged network adapters to the laptop wifi and the wired network adapter, connected to the PC with a crossover cable.
    My internet speed in actually better. With the USB wireless from the PC, 6 GB/s. Through the laptop with pfsense , 16GB/s each way. More than I need.
    I think the connection itself is 60 GB/s wired and shared with other people.

    It works surprisingly well. The laptop is a decade old core 2 duo 1.66 Ghz 32 bit, model nc4400.  I kept it running as it runs various servers constantly for me. Now I can use it as a router also. As it runs on  a VM in a windows machine, have no issues with drivers for network devices and can use the pfsense web interface on the laptop.

    In the mean time I can get familiar with pfsense well.
    The basic idea is not have the firewall very restrictive, changing settings to allow things like steam & some online games to function correctly. Need to get very good with understanding the firewall rules & operation.  Also the squid package seems very powerful for controlling web access.

    If/when I go to windows 10, ideally want all the restrictions already in place to stop it phoning home & updating.
    Using a firewall on the windows 10 machine itself is a problem. Microsoft could easily bypass through forced updates.
    Also going to make good use of disk imaging software to restore to previous versions, allow update temporarily, then make another backup image.
    If windows 10 phones home when doing an update it will seem I have not used the computer at all.

    What I want is maximum functionality, no spying and little cost, except maybe a memory upgrade for the PC.

    Any tips appreciated.

  • @ianmc:

    What I want is maximum functionality, no spying and little cost, except maybe a memory upgrade for the PC.

    Sorry to break it to you, but what you are trying to accomplish is anything but "maximum functionality". Trying to get this convoluted setup working just to prevent Windows 10 from updating and "phoning home" (you can disable those functions in the settings or registry BTW) is absurd and not worth the head aches if you ask me. You clearly don't want 10 so why upgrade?

    On a side note running a Windows machine with internet access and blocking Windows Updates puts you (and others) more at risk than whatever you think Windows 10 "phoning homes" does. Just my 2c.

  • You do have a point about it being convoluted.
    This is the least costly/most work option.

    There are other options. like buying a laptop for non gaming  & important stuff, just use the present one for windows gaming only . Maybe in a KVM switch for convenience.
    Just exploring my options now before deciding to upgrade to the 'free' windows 10.

Log in to reply