Need help installing pfsense on ESXi



  • Here's what I'm running so far.

    Verizon fios router
            ||
            ||<–-------broken link
            V
    HP DL380 G5 running ESXi 5.1u1 with pfsense 2.1 installed
            ||
            V
    Cisco E4200 router
            ||
            V
    LAN (Windows XP)

    The HP DL380 has 2 NICs and I think I have them set up where eth0 and eth1 are WAN and LAN, respectively. When I connect my windows xp laptop to the cisco e4200, I can get to web configurator at 192.168.1.1 and can see that I have 4 interfaces created.  1 is for WAN, 1 is for LAN, and the two virtual network that I've created, Mail Server and Web Server.  I'd eventually like to get my DL380 to host a web server and mail server using virtual machines.  I'd like to have pfsense act as my firewall, DNS server, snort applicance and DHCP server.  Pretty much I'd like to build a complete "enterprise."

    My problem is that I can't connect to the Verizon fios router.  The link looks dead on both ends on the cable(no blinking lights).  I verified the cables were fine and that the router was fine. I did the normal swapping of wires with good working wires and also I am connected to this forum through the fios router so that verifies the router works. I still don't see what's wrong.  I dinked around in the router configs for the fios router and still can't figure out why it's not seeing it but I am by no means an expert. There is a light that would blink when there's a active connection to the router on the router itself.  It's blinking for this laptop that is connected via ethernet but not blinking for the server that is connected at the same time.  The fios router configurator also has a little map that shows what is connected and it only shows my laptop as ever being connected.  I did a router reset and still can't get the server to hook up.

    I'm not too up and up on the networking stuff so please be patient.  Any help would be greatly appreciated.

    Thanks!



  • I think your FIOS router is providing a private address of something like 192.168.1.x to the WAN of your pfsense.

    1st.  You need to configure your pfsense LANs to NOT be anything like 192.168.1.x  (use 10.x.x.x for pfsense LAN for example)

    2nd you need to go to:

    Interfaces > WAN

    At bottom of page, uncheck "Block private Networks"

    Then save.

    Then go to status > filter reload.

    Now, try your connections.  You might have to reboot pfsense.



  • I think there is a very good tutorial on this. Just look around the net but for starters change the IP addresses of pfsense.
    However first to google check is why there are no lights from both ends.

    As per above poster

    WAN should be DHCP only
    VLAN's should be on a different subnet - say 192.168.2.x



  • Yeah - I assume he has this double NATed.  After pfsense is working double NATed, it should be easy enough to remove the layer of NAT at the FIOS router.



  • Double NAT?  Maybe the FIOS router, pfSense and the Cisco are all trying to route.

    Bridge the FIOS router and connect the pfSense WAN to it.  Then use the Cisco as a switch+AP on the pfSense LAN.

    Some things to read, if you haven't seen them:

    http://www.verizon.com/support/residential/internet/highspeed/networking/setup/questionsone/123765.htm#

    http://doc.pfsense.org/index.php/PfSense_2_on_VMware_ESXi_5



  • Yeah - Thats all kind of complicated.  It has to be done, but I think first getting pfsense working, then bridge fios.
    Anyway  - the order isn't important if it doesn't confuse OP.


Log in to reply