[Virtualbox] Win7 + pfSense on same machine for testing?

SteveThing

Hi all,

I'm wanting to learn a bit about pfSense before I make it a dedicated router/firewall/proxy.  What I'm wanting to do is create a VBox running pfSense 2.0 x32 on my Win7 box and point my Live system to the Virtual install.  Is this possible?  I know it is pointless in terms of actual protection, but I'm hoping to learn the finer points before rearranging my physical setup.

Rig:
Gigabyte EP45T-UD3LR (1xRealtek RTL8168C GigE NIC)
Q9550 (Stock speed)
8GB DDR3 1333
Plenty of HDD space
Win7 Pro x64

Network:
Cable modem -> Cisco 3640 (ExRtr)
ExRtr -> Cisco 2950 (DMZSw,  Firewall will go in here once I am comfy with it)
DMZSw -> Cisco 3640 (IntRtr)
IntRtr -> Cisco 3550 (IntSw)
IntSw -> Home Network

Regards,
Steve

pingulino

It might be quite possible to do that, although I never tried it.
You'll have to set Windows default gateway to your pfSense - and pfSense must be able to reach Internet some other way hmm…
Maybe with 2 nic's?

A far easier solution is to put up a complete network in VBox, that is one  pfSense and a couple of guests running whatever OS you like. That way you can test far more things and you never risk to lose Internet because of some configuratiion error.

Perry

My home firewall run on such a setup where I use a vlan switch and I don't see a security problem with it as vlan is the only thing allowed on that host nic.
This diagram should explain the idea behind it

SteveThing

Interesting setup.  I'll be sure to give that a shot.

Is there a way to create virtual NICs in VBox?  I guess I could do a couple VLANs with my one NIC and slap my machine on an extra 2950.  Worked fine on 2.0 pre-rel.

Perry

Yes it's call Internal Netvork

NIC 1:           MAC: 08002709B490, Attachment: Bridged Interface 'Intel(R) PRO/1000 PT Desktop Adapter - VLAN : VLAN77', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: de
NIC 2:           MAC: 080027FFC74E, Attachment: Bridged Interface 'Intel(R) PRO/1000 PT Desktop Adapter - VLAN : VLAN33', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: de
NIC 3:           MAC: 080027744D96, Attachment: Internal Network 'intnet', Cable connected: on, Trace: off (file: none), Type: 82545EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: deny
NIC 4:           MAC: 08002735E8F6, Attachment: Bridged Interface 'Intel(R) PRO/1000 PT Desktop Adapter - VLAN : VLAN44', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: de
NIC 5:           MAC: 080027F3FAE9, Attachment: Bridged Interface 'Intel(R) PRO/1000 PT Desktop Adapter - VLAN : VLAN99', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: de
NIC 6:           MAC: 08002796CC45, Attachment: Bridged Interface 'Intel(R) PRO/1000 PT Desktop Adapter - VLAN : VLAN66', Cable connected: on, Trace: off (file: none), Type: 82540EM, Reported speed: 0 Mbps, Boot priority: 0, Promisc Policy: de
NIC 7:           disabled
NIC 8:           disabled

One thing to remember is that nic's in virtualbox needs to be intel nic's else it won't work in pfSense