Another Question about setting up a virtual lab



  • Any advice would be greatly appreciated.

    I am trying to establish a virtual lab for certification purposes. I want it to contain, at minimum, 2 Windows Server 2008 vms, 2-3 Windows 7 vms, and pfSense as a router.

    Current Setup:
    pfSense: Bridged and Internal adapter. WAN 10.0.0.8 (DHCP) / LAN 192.168.1.1 /24 (Static)
    Server VM 1: 192.168.1.10 /24 (Static) 
    Server VM 2: 192.168.1.11 /24 (Static)
    Windows 7 VM 1: 192.168.1.20 /24 (Static until I can establish DHCP server and internet connection)
    Windows 7 VM 2: 192.168.1.21 /24 (Static until I can establish DHCP server and internet connection)

    At this point, I can ping all devices from any of the vms and they all show with arp -a command. I cannot, however, reach the internet. Could anybody tell me exactly what I would need to do to set up pfsense to actually bridge the connections?

    Thank you



  • I am also trying to do same kind of setup.
    I tried to keep the same subnet and now everytime i turn on pfsense it brings down the whole network means none of my home machine can access internet but internally VM works fine.



  • Anybody have any input?



  • @Mr:

    Current Setup:
    pfSense: Bridged and Internal adapter. WAN 10.0.0.8 (DHCP) / LAN 192.168.1.1 /24 (Static)
    […]
    I cannot, however, reach the internet. Could anybody tell me exactly what I would need to do to set up pfsense to actually bridge the connections?

    Starting from the basics, seeing that you're using 10.0.0.8 for pfsense WAN, have you disabled the default firewall rule on WAN tab that blocks RFC 1918 ? (it's the first rule on a new install)



  • Yes, the RFC rule is disabled.



  • Anybody else have any suggestions. Is there any documentation that can help me set it up?



  • Where is your NAT router? Where does the internet access come in from the outside? I am running pfsense in a VM on ESXi and it works fine but I just dedicate a NIC to LAN and WAN.



  • What is your network topology outside the VM (e.g. is it just a NATing ADSL router) ? What does your pfsense Dashboard show ? (did pfsense obtain the correct gateway IP? is it reachable via ping ? did pfsense obtain the DNS servers correctly etc)

    Usually the initial setup is pretty straightforward …



  • I have a comcast router hard wired to a pc that is running win7. Virtualbox is installed on this machine. The dashboard only shows the WAN and LAN information. Just noticed the host machine is getting a 10.0.0.12 address and pfsense is 10.0.0.8. Shouldn't I be able to ping the pfsense WAN from the host?

    ISP–-------(comcast router)<wan>pfsense<lan>----------Server 1 (VM)
                                                                                          Server 2 (VM)
                                                                                          Workstation 1 (VM)
                                                                                          Workstation 2 (VM)</lan></wan>



  • Sounds like your Physical PC has a public IP.
    Double check your VirtualBox network config for the pfSense WAN NIC.
    It has to be in NAT mode for this to work.



  • No, the host pc is in the private ip range 192.168.x.x.



  • Okay, well does anybody know where I can find step by step instructions on setting up a virtual internal only network. I'm trying to use Virtualbox, pfsense, and windows. Any help would be greatly appreciated as I have been unsuccessful on making any sort of progress on this build.

    As it is right now I can still arp -a and see all machines, but the only device any of them can ping is the pfsense router (i.e. they can't ping eachother). Eventhough they can ping the pfsense router they can't get internet connectivity through the router.

    Pfsense is set with Bridged and Internal. All other devices have internal only.

    Just so you know, I do not have any network certifications only a couple of microsoft certifications, so please don't assume that this should be straight forward because it isn't.


Locked