Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Latest PFsense for hyper-V?

    Scheduled Pinned Locked Moved Virtualization
    68 Posts 24 Posters 48.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      darkytoo
      last edited by

      I hate to post a redundant post, but I spent 2hrs last night reading the other post that had devolved into "it's open source, we can do what we want" vs. "Open source does not give you trademark rights" Which is fine, I don't want to pick sides because I don't really care.  My problem right now is i'm running PFsense 2.1 release and i'm unable to upgrade.  I am running Pfsense under hyper-v 2012r2 and I tried upgrading to 2.1.2 and of course it broke everything since it doesn't support hyper-v yet, and I checked the other thread where someone had posted a .vhd of the new version but it was pulled before I got a chance to download it.  Does 2.2 support hyper-V?  can I download that?

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        The base FreeBSD used in 2.2 does have the Hyper-V drivers built in, so it should work. I haven't had a chance to try it on Hyper-V yet myself.

        1 Reply Last reply Reply Quote 0
        • J
          JoelC707
          last edited by

          Running April 17th 17:43 build of 2.2 on Hyper-V 2012 R2 right now. I first experimented with it a VLAN behind my hardware install of 2.1.2 just to make sure it was going to work. Started yesterday and took down my internet connection and piped it over to the VM install. Charter's modem or something with the hypervisor doesn't like being a part of a VLAN but I have a spare Ethernet circuit going out there so I just ran the WAN side direct. All working as can be expected (I'm sure there are things not working, for example I originally deployed the VM using an April 06 build and it wouldn't let me make any changes to System>Advanced>Misc without throwing errors. The newer version does not exhibit this behavior). Check it out and if the features you need are working, go for it. It sees the synthetic network cards just fine and the heartbeat works (can even do a managed shutdown).

          Joel

          1 Reply Last reply Reply Quote 0
          • S
            Spaghetti
            last edited by

            pfSense 2.2 is based on FreeBSD 10 and has HyperV drivers built in. However, don't use it in production as it's not stable yet.
            The other thread has instructions on how to install the latest HyperV drivers into the stable version 2.1.2 which works very well.

            1 Reply Last reply Reply Quote 0
            • ?
              Guest
              last edited by

              pfSense 2.2 is at least as stable as 2.1.2

              1 Reply Last reply Reply Quote 0
              • S
                segobi
                last edited by

                where can I find 2.2 isos ?

                1 Reply Last reply Reply Quote 0
                • S
                  Spaghetti
                  last edited by

                  At the Forum Index there is a development section which has a 2.2 snapshot sticky with the info you require.

                  Here is the pfSense snapshots page:

                  http://snapshots.pfsense.org

                  1 Reply Last reply Reply Quote 0
                  • D
                    darkytoo
                    last edited by

                    does 2.2 support CARP under hyper-v?  What about Vlan trunking?

                    1 Reply Last reply Reply Quote 0
                    • S
                      segobi
                      last edited by

                      @Spaghetti:

                      At the Forum Index there is a development section which has a 2.2 snapshot sticky with the info you require.

                      Here is the pfSense snapshots page:

                      http://snapshots.pfsense.org

                      thanks a lot!

                      1 Reply Last reply Reply Quote 0
                      • D
                        darkytoo
                        last edited by

                        @Spaghetti:

                        At the Forum Index there is a development section which has a 2.2 snapshot sticky with the info you require.

                        Here is the pfSense snapshots page:

                        http://snapshots.pfsense.org

                        it just sits at booting…grr...

                        1 Reply Last reply Reply Quote 0
                        • S
                          segobi
                          last edited by

                          @darkytoo:

                          @Spaghetti:

                          At the Forum Index there is a development section which has a 2.2 snapshot sticky with the info you require.

                          Here is the pfSense snapshots page:

                          http://snapshots.pfsense.org

                          it just sits at booting…grr...

                          hmm installed using latest 2.2 alpha iso - everything working fine for my needs.

                          1 Reply Last reply Reply Quote 0
                          • C
                            charliem
                            last edited by

                            @darkytoo:

                            it just sits at booting…grr...

                            See this thread: https://forum.pfsense.org/index.php?topic=75241.0

                            1 Reply Last reply Reply Quote 0
                            • D
                              darkytoo
                              last edited by

                              @charliem:

                              @darkytoo:

                              it just sits at booting…grr...

                              See this thread: https://forum.pfsense.org/index.php?topic=75241.0

                              I actually found my problem, i was using 32 bit and apparently 64 bit works, so I just switched over today to see how it works.  I still can't get Vlan trunking working, and I lost snort, but it does seem to work better under hyper-v, and I no longer have to worry about heartbleed and automatic updates.

                              1 Reply Last reply Reply Quote 0
                              • ?
                                Guest
                                last edited by

                                the good news here is that the 64-bit ISOs of the 2.2 snapshots work.

                                This, rather than producing a back-port to 2.1.x is the preferred direction.

                                1 Reply Last reply Reply Quote 0
                                • T
                                  tisler
                                  last edited by

                                  Thanks god I found this thread after struggling with pfSense 2.1.4 on hyper-v.

                                  Downloaded the latest 64bit snapshot.
                                  My environment.
                                  Host

                                  • Supermicro 5018A-TN4 (would rather go for 5018A-FTN4 because of front Ethernet ports)

                                  • 8GB Ram

                                  • 128GB Samsung Evo Pro SSD

                                  • Windows Server 2012 R2

                                  VM

                                  • 1GB RAM

                                  • 8GB fixed vhdx

                                  • pfSense 2.2

                                  • 3 network adapters (no legacy) for WAN, LAN and DMZ

                                  After a successful test in the lab i struggled with the internet access afterwards until i realized that the clients had a wrong gateway configured. After setting pfSense to the same ip as the DSL router and reconfiguring the router it all worked.

                                  My environment
                                  DSL router -> pfSense WAN -> pfSense LAN -> main switch -> clients
                                  172.16.1.1 -> 172.16.1.2 -> 192.168.1.1

                                  DSL -> pfSense WAN -> pfSense DMZ -> openSuse VM
                                  172.16.1.1 -> 172.16.1.2 -> 172.16.35.1 (static) -> 172.16.35.47 (dhcp)

                                  Access to the internet from the DMZ is not yet working though. Don't know if it has to do with hyper-v or pfSense or the guest so (openSuse). openSuse reports a ip-address (dhcp) but can't browse anything. The DMZ port is configured as 172.16.35.1 (static, dhcp server). On hyper-v a switch is configured for the physical Ethernet port. There's no physical wire connected to the port because i "think" the traffic should be routed by pfSense directly from Wan to DMZ (my guess though). Duplicated the NAT rules from LAN to DMZ.
                                  pfSense and openSuse share the same virtual DMZ network adapter.

                                  Maybe someone has an idea what might be wrong with the DMZ interface?

                                  15.08.2014 Edit
                                  Solved the problem by adding an allow all outbound traffic (any) from DMZ. Will investigate later in order to just allow necessary traffic.

                                  Cheers,
                                  Thomas

                                  1 Reply Last reply Reply Quote 0
                                  • KOMK
                                    KOM
                                    last edited by

                                    Do you have a firewall rule allowing DMZ to access WAN?  Its not created by default.

                                    1 Reply Last reply Reply Quote 0
                                    • T
                                      tisler
                                      last edited by

                                      Thats the resolution!! It works now. Allowed all outbound traffic though which is not how it should be.

                                      Do you know by chance the minimum rule to add?

                                      Thanks,
                                      Tho as

                                      1 Reply Last reply Reply Quote 0
                                      • KOMK
                                        KOM
                                        last edited by

                                        There is no one-size-fits-all rule.  It depends on what type of servers or clients you have in there and what you want to limit them to.

                                        1 Reply Last reply Reply Quote 0
                                        • T
                                          tisler
                                          last edited by

                                          For now just windows clients that need internet access.

                                          1 Reply Last reply Reply Quote 0
                                          • KOMK
                                            KOM
                                            last edited by

                                            "Internet access" is pretty much everything.  If you want to limit them to email and web, for example, then you would put rules in place to allow the standard ports for those applications, and block everything else.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.