PF running in VMware server on WHS-good or bad idea?



  • Hello
    Trying to consolidate the many old power hungry and bulky boxes I have running at home into a couple new more efficient rm servers.
    I have a WHS-windows home server running VMware server nicely and was wondering if running PF here would be a good or bad idea from a security perspective.
    I have read the vmware how-to and have PF VMware machine configured but not in use.
    Any advise here would be greatly appreciated.



  • I maintain several PFsense firewalls in use within a VM environment. I would say yes if you need more security.
    The product is stable  and will provide another layer of security if you deploy it correctly. At least remember to change the policy inbound on the wan interface in or delete it and change the default password and preferable the port for admin access as well.
    Good Luck,
    Pat ;D



  • I would recommend having 2 NICS dedicated for vmware running on windows.
    strip all protocols off the network adapters except for vmware bonding so you dont accidentally connect your windows box directly to the internet.

    use one for WAN and one for LAN, preferably a third for the windows LAN if you can afford it.

    i use this exact setup myself except my server only has 2 NICs so i have the LAN interface for pfsense and any other VMs run over the LAN connection for the server itself. this does lead to VMs going out the LAN adapter, then back into it to hit the vm firewall to get to internet.



  • Currently doing exactly the same, getting rid of some older P3/P4 boxes with loud case fans and hard drives, and bringing them together in a low power server.
    I have 3 nics in my server running vmware server + pfSense. One is used for the direct connection to Server 2008 (the host OS), and the other two are bridged through to the pfSense VM.
    It's remarkably simple to setup


Log in to reply