Mastering pfSense: An In-Depth Installation and Setup Tutorial
pfSense is a versatile and open-source firewall and routing platform that empowers users to take control of their network security and management. Whether you’re new to pfSense or looking to refine your skills, this comprehensive guide will walk you through the installation and configuration process, equipping you with the knowledge and confidence to harness the full potential of this robust network tool. Join me on this journey as we demystify pfSense, turning complex setups into manageable steps and transforming your network security into a fortress.
Visit https://www.pfsense.org/download/
Download and extract the ISO file to your chosen location. I have chosen the ISO installer with a 64-bit architecture.
Start the new virtual machine wizard in VMware.
Select the extracted installation ISO and select an appropriate name and location for your pfSense VM.
Select an appropriate disk size. 20 GB would suffice. Before we power on the machine, we need to customize a few settings.
I increased the RAM to 2 GB. However, it can run with 512 MB RAM.
Necessary: Add a new secondary Network Adapter in the settings.
Select ‘Custom” as your network connection and a specific virtual network. I have selected Vmnet5. This is how your virtual machine settings should look.
Start the VM, Accept the License, and proceed with the installation.
Select Auto (ZFS) and the remaining options as shown. Press space to select the disk during ZFS configuration and select ‘YES” to proceed with the installation.
Once completed, you will be presented with this screen.
Our WAN interface had a NAT connection and obtained an IP address via DHCP. The other interface is our LAN interface, which has been assigned an IP range of 192.168.1.1/24. We are going to modify this.
The first thing we will do is ‘Assign Interfaces.’ During our installation, we set up two network interfaces in VMware, which can be seen here.
Enter option 1 to Assign Interfaces. We will say no to the VLAN setup since we will do it manually later.
You will be asked for a username/password. The default is admin:pfsense. We will change it as soon as possible.
As we saw above, our WAN interface is ‘em0’, which I will enter here, and my LAN interface is ‘em1’. We are back to the earlier screen since nothing has changed for me.
Next, we will assign IP addresses to interfaces. The WAN interface is acquiring its IP from DHCP, so we will not change that. We are going to change the LAN IP address range to our liking.
I have selected the 10.0.0.1/24 network for my LAN. I understand it’s a Class A network and probably too big, but we will use VLANs in the future, and I like to keep a consistent range. Skip IPv6 configuration.
Enable the DHCP server on the LAN and configure a DHCP pool. Once completed, we can access the web console on 10.0.0.1.
I will boot up the Parrot Linux VM, changing the Network Adapter to ‘VMnet5’. The VM could get an IP from the DNCP server in the range we configured.
Navigate to 10.0.0.1 to access the pfSense web console. Login using the default credentials and change the default password. Feel free to explore the dashboard. You have successfully installed pfSense.
Now, one might be wondering why we did all of this. To learn about pfSense, of course, but what does it offer?
Let me give you a tinysneak peek under the hood. Navigate to ‘Rules” under Firewall and then the LAN.
These are some default rules set up by pfSense. The rule with the description “Default allow LAN to any rule” allows all communication from the LAN to the Internet.
As one can see, I am able to reach the Internet.
I have just turned off this rule. Now I am unable to reach the Internet.
However, I would like to update my Parrot OS but not allow any other machine on my LAN to reach the internet.
As one can see, I am unable to update / reach the Internet. Parrot OS has an IP address of 10.0.0.100.
Let’s rectify the situation by creating a rule.
Action: Pass | Interface: LAN | Address Family: IPv4 | Protocol: Any
Source: 10.0.0.100 | Destination: Any
Save and Apply Changes, and Voila, we have Internet Access.
This was a small tutorial on installing and configuring the pfSense firewall. There is a lot more that we can do with this. In the next articles, we will explore VLAN’s setup and configuration. We will also dig deeper into ‘Rules’ and see how fine-tuned rulesets can help in protecting our networks.
