Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Huge W2008 R2 Server Hyper-V, 8 Nic, and no clue as to where to start pfSense

    Virtualization
    4
    8
    6.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Kharcoff
      last edited by

      Hi,
      I'm trying to replace a bunch of routers (Linksys, Trendset, Netgear) with pfSense. I have a 50mb/2mb ISP connection with 13 public static IPs, right now we are using only 1 static IP, but there's need to start using the other ones for web services, web servers, maybe VOIP, etc… I want to use Hyper-V as most of the servers and desktops are all virtual machines, so the plan is to create another VM and put pfSense there. This server has 8 nics. I look for a similar configuration, but could not find anything similar in the forums. To install pfSense, I will get the iso and boot from the virtual machine, no much concern here. What is confusing is how to set the NIC properly. Do I need two physical NIC to be assigned to the pfSense VM? Then how will the rest of the machines be routed from pfSense? Right now we have ISP Modem>Router>Switch>Server, with pfSense it will be something like ISP>Server>Switch?
      Any help is VERY (and I mean A LOT) APPRECIATED...
      Thanks,
      Kharcoff

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        What you need to assign really depends on your (virtual and physical) network setup. I'd expect you'd need to assign one for the WAN interface and then a (virtual) interface to the (virtual) LAN switch.

        Do also read the VIP (Virtual IP) forum and the documentation Wiki.

        1 Reply Last reply Reply Quote 0
        • P
          photonman
          last edited by

          create a VM for pfSense

          assign two physical nics to the vm

          create two virtual switches, one for WAN, one for LAN
          install pfSense and assign WAN and LAN nics appropriately

          You will make your pfSense the default gateway for your network

          so you will have ISP Modem–-->[VM host WAN nic of VM–-->pfSense VM----->VM host LAN nic of VM]–--->Switch

          1 Reply Last reply Reply Quote 0
          • K
            Kharcoff
            last edited by

            Thanks!!

            I did all the photonman suggested. But it doesn't work, I reach the point to assign Ips to the Interfaces (in my case de0 (WAN) and de1 (LAN)). I assign IPs from the ISP on the WAN (funny thing it only get the IP (72.xx.xx.xx) and the SubNet (28), it doesn;t ask for a gateway. For lan I assign 192.xx.xx.xx with SubNet (24) and enabld DHCP. All good. The auto assign 'a', does not work at all, nothing serious.

            Now for the cabling, behind my server I have 8 NIC, so I connect ISP Modem to NIC that is assigned as WAN, and LAN NIC into the switch, as this is simulating a normal router as DHCP should assign IPs for the rest of the network.
            Then I connect a Windows NIC (192.xx.xx.10 ) into the switch so that I can get IP assigned from the LAN Interface, but nothing happens, try to re-boot, invert interfaces, use another NIC in another VM and nothing. The windows machine doesn't get a valid IP at all and consequently I can not reach the web gui.

            Good thing that I've just purchased a netgate, but it seems that is not robust enough to get packages installed, so I'm still playing with the Hyper-V where I can assigned more CPU/Memory/Disk.

            So any help will be great. Any any case, then you create your vm, did u select "allow management os to share this adapter" or not? Also are you using dynamic MAC addresses? Enabled virtual LAN Identification? Aside of this I have no idea on what can be wrong…

            TIA

            1 Reply Last reply Reply Quote 0
            • P
              photonman
              last edited by

              The virtual switches for your WAN and LAN nic's must NOT share the management network.

              You need a separate vSwitch for each nic.

              also your WAN nic has to have a default gateway…what do you mean you do not have one

              Also, I would have DHCP served from another server on the LAN and not from the pfSense machine.

              1 Reply Last reply Reply Quote 0
              • K
                Kharcoff
                last edited by

                Quick update to others, I've played with the same Hyper-V machine, and the only thing that it was not working is the automatic start of the interfaces (both Wan and Lan). So everytime I boot pfSense I have to go to option 8 Shell and run the down and up on both interfaces:

                ifconfig de0 down
                ifconfig de0 up
                ifconfig de1 down
                ifconfig de1 up

                de0=WAN and de1 = LAN.

                Now is running fine, with all speed from ISP, before I was getting my upload rates, but only half of download. Running version 2.0 Beta (also also imported the config from 1.23) with minor issue (WAN interface was set as LAN, just changed, re-booted and back to business).

                Thanks for all help.

                On top of pfSense what packages are you guys using? Snort, HAVP, Squid? Is pfSense out the box safer than any standard linksys?

                1 Reply Last reply Reply Quote 0
                • P
                  photonman
                  last edited by

                  good deal.  glad you figured it out.

                  I have Squid and VM tools currently loaded.
                  thinking of Snort after everything is stabilized.

                  1 Reply Last reply Reply Quote 0
                  • P
                    PistolPete
                    last edited by

                    @Kharcoff:

                    Quick update to others, I've played with the same Hyper-V machine, and the only thing that it was not working is the automatic start of the interfaces (both Wan and Lan). So everytime I boot pfSense I have to go to option 8 Shell and run the down and up on both interfaces:

                    ifconfig de0 down
                    ifconfig de0 up
                    ifconfig de1 down
                    ifconfig de1 up

                    Is easier to do this:

                    http://forum.pfsense.org/index.php/topic,30760.msg163707.html#msg163707

                    You probably don't need the dhclient de0 line, but I do as my cable modem give my public IP to the WAN interface via DHCP

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.