How to install pfsense on vmware workstation 10



  • Hi,
    Im trying to install pfsense on a windows 2008 server box to use it as firewall/router/captive portal for my LAN. The win 2008 server itself host asp.net to run a asp.net app. The box has 3 NICs.

    Ok so i install vmware 10 on the win 2008 box and create a vm with the following setting like the screenshot. One nic is bridged ?? And the other is set on NAT by default ??
    Pfsense also installed and configured with 2 IPs on different subnets.

    However when i go back to the win 2008 server the box could not get an IP from pfsense DHCP.
    (Screenshot)
    2 NICs are connected to a switch. Nothing else connect to that switch.
    Can anyone shed a light here? Thanks


    ![image (1).jpg](/public/imported_attachments/1/image (1).jpg)
    ![image (1).jpg_thumb](/public/imported_attachments/1/image (1).jpg_thumb)
    ![image (2).jpg](/public/imported_attachments/1/image (2).jpg)
    ![image (2).jpg_thumb](/public/imported_attachments/1/image (2).jpg_thumb)



  • How did you manage to post your screenshots upside down?  You might want to fix that.

    Your 2008 server should have one bridged NIC plugged into your WAN, and another bridged NIC plugged into your LAN.  It will never work in NAT mode.  NAT mode uses the 2008 server as a NAT to handle IP traffic on behalf of the VM.



  • Sorry abt the up side down screenshots  :-
    I took them with my phone and post them using the phone as well so i didnt realise it.
    Back to the original problem:
    So i should configure my wan as bridge, connect it to the internet router (also set as bridge mode) right?
    On the LAN side, also set it up as bridge, connect it to the switch, right?

    Once i have done that my win 2k8 should be able to get IP from the pfsense vm right?



  • Yes, unless there is other stuff going on that I'm unaware of.  Are you just testing or experimenting?  Running pfSense under VMware Workstation is not recommended except for those two scenarios.



  • @KOM:

    Yes, unless there is other stuff going on that I'm unaware of.  Are you just testing or experimenting?  Running pfSense under VMware Workstation is not recommended except for those two scenarios.

    hmm.. im actually planning to build this system to go live in a small hotel.
    the win2k8 box will host an ASP.NET app for the front desk
    the pfsense VM will be responsible for web proxy, captive portal.
    not many users though .. max 20 users at the same time, so i don't think performance wise it will be an issue. Because of the budget and the low number of users, I don't wanna have 2 separate boxes to do these tasks.
    The box has 4GB RAM, dual core, 160 GB HDD.
    If this will degrade performance of web users, is there another method without having to use 2 separate servers ?



  • If this will degrade performance of web users, is there another method without having to use 2 separate servers ?

    It's just a half-assed way of doing it.  I'd sooner run it on a cheapo, used $100 PC that I would via Workstation on your existing server.  Ideally, I would backup your server, add a few Gb of RAM, wipe it and install VMware ESXi on it, then convert your backup to a VM and run it alongside a pfSense VM.  That's a lot of work though but the management capabilities are worth it.  The used PC might be your best bet.



  • Ok so you are saying:

    Install vmware ESXi (?) On a more powerful box
    Create a vm and install win2k8 server
    Create another vm and install pfsense

    Is that right?

    I never use ESXi.. i only use vmware workstation (got it for free from a tech friend). So is ESXi free?



  • Yes, almost.  You can use the free VMware Converter to convert your physical Windows server to a virtual image that runs under ESXi.  That way you don't have to reinstall & config your web app.  ESXi is free.  However, if you don't have any experience with ESXi then I might recommend that you avoid doing a live installation until you've had some practice.  Go with the cheap PC option or buy an appliance that comes with support.  They're only a couple of hundred bucks.  Even the "Come & Go Motel" should be able to afford that much.



  • I'm able to make the current setup fully working now.
    What i tried this morning (apart from last night when i could not get it worked) was:

    • changed both NICs to bridge mode as you suggest
    • 1 NIC connect to a switch with nothing else connect to that switch
    • 1 NIC connect to the router (configured to run in bridge mode)
    • First i still could not get any IP for my win2k8 box from pfSEnse DHCP. Then I try going to the pfSense VM console menu, press (1): Assign interfaces . Trying to get it auto-detected by unplug the cable, press a, reconnect cable, press Enter. Bang, the win2k8 box was able to receive IP from pfSense and the whole thing just works after that. Any reason why ??
      I will give this setup a try to see how it performs. If it's not up to the job then I will try the set up you suggested. At the moment, clients (5 wireless tablets/smart phones) are browsing internet at high speed without any issues.

    Thank you so much for spending time and be patient with newbie like myself. Much appreciated.



  • Any reason why ??

    You already figured out why; the bridged NICs.

    Glad you got it working.



  • Yeah but at first after i changed both NICs to bridge win2k8 still could not get IP from pfsense till i did the above reconfiguring