Verizon Router (G1100) + ESXi 6U2 + pfSense VM Setup Help
-
Hi,
I've been searching this forum for the past week trying to get my pfSense setup working, but I have not been able to get it working at all. So I finally decided to register for an account and see if anyone has been in my situation and could possibly help.
I have Verizon FIOs and my service currently is hooked up to Verizon's Quantum Gateway (G1100) router. I'm trying to setup pfSense either directly to the ONT or behind the Verizon router, which ever is easier at this point :-\
I have a new Intel NUC Skull Canyon w/32gb ram and 2 CPUs. So far I have installed ESXi 6U2 as a hypervisor type-I. My NUC only has one NIC, so I followed this blog article to get a second NIC using a USB 3.0 adapter:
Okay, so I have onboard NIC and usb NIC.
From all the reading I have done this is what I have done:
-
Create 2 vSwitches and assign one NIC to each. (vSwitch0 = onboard NIC, vSwitch1 = usb NIC)
-
Create a VM – FreeBSD64, 4gb RAM, 2 CPUs, 2 NICs (WAN -> vSwitch0, LAN vSwitch1)
-
Load pfSense 2.3.0 ISO to the VM and connect on power checked
-
pfSense will boot into installation and I just pick the standard settings – easy install
-
pfSense installation complete, tells me my webConfigurator can be reach at 192.168.1.1.
-
pfSense reboots
-
When it reboots, the WAN (onboard NIC) is em0, it has got a v4/DHCP: 192.168.1.171/24
-
The LAN has em1 but no address (this is fine because I don't have the other end of the ethernet connected to anything yet like a psychical switch yet…
That's about where I get. I try and mess around with the 'assign interfaces' and setting IPs, but nothing is getting me closer to being able to use pfSense as firewall to my homelab VMs.
The 'ping host' works when I ping 'google.com', that's as good as it gets right now.
Remember how I told you 192.168.1.1 is suppose to be my webConfigurator, well it's not. It's actually my Verizon Routers config instead.
I try navigating to 192.168.1.171 which is supposedly my WAN, nothing there (I guess there's not suppose to be…)
I guess I'm wondering if anyone can help see what I'm doing wrong since Saturday.
Essentially topology of my network I'm looking to have it looking something like this:
Internet --> ONT --> Verizon Router --> ESXi (pfSense) --> ESXi (Other VMs behind pfSense)
I would ask how to do it without the need for the Verizon Router, but I don't see how that would be possible using an ESXi. Because if I connect my ESXi directly to the ONT I wouldn't be able to administer the pfSense from another PC because the only thing connect to the ONT is the ESXi and that's not even setup, so yeah I don't know...
You can probably tell that I'm not a networking expert, but if anyone can help with this I would appreciate it :)
-
-
The LAN has em1 but no address (this is fine because I don't have the other end of the ethernet connected to anything yet like a psychical switch yet…
You connect to WebGUI via LAN, and your LAN NIC doesn't have an IP address so you'll never get there.
Give the LAN NIC a static IP address on a different network than the WAN (perhaps 192.168.2.1/24 or 10.0.0.1/24) and then use that LAN IP as the gateway for your LAN clients. Your LAN clients will also have to be on the same network to use pfSense LAN as their gateway, so if your NIC is going to be at 10.0.0.1 (for example) then your LAN clients will also have to have an IP address in the 10.0.0.0 network as well.
