• :D
            I've been researching different software firewall options. I have looked at IPCOP, SMOOTHWALL
    Can anyone give me any cons to using pfsense in the ESX environment? It looks like a very viable option. I thought I would post this before I spend hours testing it myself in the vm environment to get a listing of any issues that have come up when using the firewall in a vm! Any and all information is appreciated.
    I'm looking for recommendations also for system requirements the firewall in the vm environment.

    Should i use more than 256Meg of memory and is 200Mhz cpu enough?
    Should i build a vm of the firewall or use the appliance already built?
    Pat  ;D

  • Despite all comments concerning overall host & guest security, we are using 6 pfsense vms on ESX servers in Failover configuration. Please keep in mind that, if you are very security concerned. In such case, make separate ESX servers for firewall and router stack - separate from other services, and provide physical connections to production and dmz networks.

    At this point these vms are most stable ones and they started to work from very first minutes after installation. We had some questions concerning SNMP configuration - for that keep in mind, that you have to edit manualy *.vmx file adding following lines of configuration, to take vnics on correct speed:

    ethernetX.virtualDev = "e1000"

    Do that for every vNIC. Although we could not manage to configure virtual CARP interfaces to report correct speed with SNMP.

    Concerning vm configuration an resources - it depends on your requirements. At the moment we deploy pfsense vms with 2 CPUs and 512MB RAM and they work well. You can start from the smallest config and afterwards monitor real needs. Keep in mind, that web GUI is configured to use very small amount of resources, and you may think, that vm is overloaded. No, it is because all resources are reserved to router production services. Search forum to find configuration to increse web GUI speed. CPU frequency at the moment we are not reserving. So could not comment on it.

    VMware tools - There are some discussions concerning installing vmware tools on freebsd. I've tried one time, but unsuccessfuly. So - we are not using them. There are several Pros and Cons concerning use of VMware Tools - mainly time synchronization.

  • Works great. Use http://blog.pfsense.org/?p=293 which already sets e1000 and includes VMware Tools.

  • Hey guys,

    I have ESXi @ Home Running several ubuntu boxes and im using the aforementioned VM appliance to serve internet to my entire household… it works really well, have squid and squid reporter running on it. works a treat!

    Only weird thing is that phpsysinfo show more ram being used than the system page?!? any ideas?