Pfsense on ESXi host



  • Searching through the web for a motherboard for another project.  I ran into this forum.  Seems like pfsense is a great firewall.  In the past, I had a pix501 that ran for a few years and ran into a few issues.

    Right now I have a wireless router/modem from Verizon (FIOS service). I am thinking of placing pfsense on a virtual machine on an ESXi host  This is for home use.

    Any advice how I set it up.

    Some facts on my home network.

    verizon router: 192.168.X.1

    esxi: 192.168.X.2

    other OS machines on the network includes domain controller, exchange, linux, etc (virtual and physical): 192.168.X.X

    I do have a second NIC on the ESXi host unused for now.  Any advice to get me started.

    Thanks,
    Tnt



  • Although this can be done, the old wise ones generally discourage running your firewall in a virtual machine with other guests. I've never tried it myself. Also, there is a Open-VM-Tools package installable from within pfsense to help you with this.



  • I currently run pfSense as a VM on ESXi.

    My cable modem goes to one NIC, on the ESXi server, where the pfSense WAN is the only VM connected.  The pfSense LAN goes to a separate virtual switch, where other VMs connect, and also to a second NIC, and a physical switch, where the rest of my network is hooked up.

    I'm quite happy with this setup, and it works perfectly well.  But, as can be seen in another post here, I just picked up an HP Thin Client, where I'm going to run pfSense, to sit between the cable modem and "relegate" the ESXi server to being just another machine on my network.

    Cheers.



  • @EddieA:

    I currently run pfSense as a VM on ESXi.

    My cable modem goes to one NIC, on the ESXi server, where the pfSense WAN is the only VM connected.  The pfSense LAN goes to a separate virtual switch, where other VMs connect, and also to a second NIC, and a physical switch, where the rest of my network is hooked up.

    I'm quite happy with this setup, and it works perfectly well.  But, as can be seen in another post here, I just picked up an HP Thin Client, where I'm going to run pfSense, to sit between the cable modem and "relegate" the ESXi server to being just another machine on my network.

    Cheers.

    This is what I plan to do.  Maybe in the future run a physical box.  Are you using this method as solely a firewall?  Any other features?

    tnt


Log in to reply