Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Windows Server 2012 with AD, DHCP, and DNS and virtualized PfSense as router

    Scheduled Pinned Locked Moved Virtualization
    5 Posts 4 Posters 977 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Valatio
      last edited by

      Hi there,

      I need some advice from the pros here.

      Can I use a VM PfSense to act as my router for my whole network? I've read just about everything online that I can about this subject, but everyone seems to have a little different setup.  And the options to configure it vary from article to article.

      I have used PfSense in the past, with good results.  Over the course of a couple relocations, my PfSense box's power supply died.  So I bought a Cisco RV325, and I've been using that for a couple of years.  However, the RV 325 lacks the OpenVPN gateway ability (ExpressVPN) that I use for streaming Netflix, etc.  I used a DDWRT box for a while to get my OpenVPN working, but it was getting to be a bottleneck on my system.  I have dual 150 MB WANs, but lets not worry about that for right now.

      Now I have a Dell P.E 2950, running AD, DHCP and DNS for my whole network.  Everything works fine until I try to integrate PfSense.

      What I would like to do is have PfSense act as my router for the whole network, with OpenVPN and eventually, dual WAN.  I have read that virtualizing PfSense might not make the most sense for security purposes, but I am not willing to install another box separately.  I need to consolidate the amount of equipment scattered throughout my house.

      The PE has 2 NICs in it right now, and I might upgrade to another 1 or 2 in the near future.  My future plan is to setup a VDI environment for my house, making administrating of the 15 computers a lot easier for me.

      I would like to set it up as follow;

      WAN 1->PowerEdge(Pfsense VM)->Network Switch->rest of network.

      I know that I am overlooking something silly.  I know that PfSense needs to be rebooted with any changes that are made to the virtual switch.  I've read that some people suggest disabling the Virtual Nic in Windows, others don't mention that.

      Thank you for any advice you might be able to share.

      1 Reply Last reply Reply Quote 0
      • Com DACC
        Com DAC
        last edited by

        One of my setup's are virtualized in Hyper-V and what I've done is created two virtual switches and with each connected to a different adapter on the host. Then one is dedicated for external access (Connected directly to modem) and the other is for all the internal network traffic. Basically you are treating the two virtual switches as the two (or more) network adapters you would have on a physical pfSense box.

        Modem -> NIC1 (Virtual Switch) -> pfSense -> (Virtual Switch 2) NIC2 -> rest of network/virtual machines.

        1 Reply Last reply Reply Quote 0
        • V
          Valatio
          last edited by

          @Com:

          One of my setup's are virtualized in Hyper-V and what I've done is created two virtual switches and with each connected to a different adapter on the host. Then one is dedicated for external access (Connected directly to modem) and the other is for all the internal network traffic. Basically you are treating the two virtual switches as the two (or more) network adapters you would have on a physical pfSense box.

          Modem -> NIC1 (Virtual Switch) -> pfSense -> (Virtual Switch 2) NIC2 -> rest of network/virtual machines.

          Thanks for the info!!

          I've seen a lot of conflicting info online about how to set it up.  Most people seems to use a VM PfSense only to run other VMs. so that is where the confusion lies.  Did you have to disable any of the adapters in Network Manager in Windows?

          I will see what I can do to get it going this weekend.

          1 Reply Last reply Reply Quote 0
          • M
            mrbankheadgmail.com
            last edited by

            We use vm based pfsense for the whole network.  It's been very stable on VMWare and on older versions of Proxmox/KVM as well. (some stability issues on current Proxmox for some reason)

            ISP>virualBridged/bonded Server NICs/ExternalVLANTAG on VM HOST>virtual pfSense> another vlan on virtualBridged/bonded Server NICs/localVLANtag on VM Host> local lan switch> Local machines

            Works great.

            1 Reply Last reply Reply Quote 0
            • B
              bbrendon
              last edited by

              We run multiple sites using pfSense clusters all done in ESXi. Works great.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.