A Step-by-step Guide On pfSense 2.1.4 Installation

Pfsense, stylized as “pfSense” is a computer software based on FreeBSD (Unix-like OS), that can be installed on a computer and turn it into a dedicated router and firewall. It has other features like OpenVPN server, PPoE Server, DNS Server and the list goes on. This software is FREE-TO-USE and most of all it’s OpenSource. So if you’re interested in trying it out, read this guide and you’ll learn how to set things up using this software.

For this post, I’m going to show you a step-by-step guide on how to setup a pfSense instance on a PC-based machines. It can be installed on an embedded platform, but this guide is directed to PC users. Though, the installation process is very much similar to that of an Embedded platforms.

Hardware requirements is not that high, you could install pfSense in a system with as little as 256MB of RAM, Pentium II processor and 2GB of hard-disk space. But if you really want to get serious of using pfSense in your network, do yourself a favor and buy the most quality network card that you could find. Pfsense version 2.1.4 shall be use with this guide. If you’re ready to try it out, make sure you read the hardware compatibility list for FreeBSD 8.3.

Requirements To start off with this guide, make sure you have the following:

  • Your target machine with at least 2 Ethernet Cards & FreeBSD compatible
  • Modem – optional, only if you wanna get serious
  • Network cables of course
  • Your client machine
  • pfSense 2.1.4 LiveCD Installer

You need at least 2 ethernet cards, 1 for your Internet connection, going from your modem, and 1 for your local network. But if you just wanted to try other features of pfSense that doesn’t require an Internet connection, then 1 Ethernet card would be enough. Say for example, you wanted to try the OpenVPN server, then you only need 1 ethernet card for this. Let’s get started when everything’s ready.

pfSense Installation: Phase 1

  • Step 1: Boot from pfSense boot device, in this case, we’re booting from a LiveCD Installer. Upon booting from the CD, you should see a screen menu with various boot options to select from. At this point, you should choose 1., that is, Boot pfSense [default]. Reference Image: Screenshot: pfSense Installation - First Boot
  • Step 2: After selecting the boot option above, you’ll be taken to a screen with a list of options to; enter recovery mode, continue with the LiveCD or install pfSense. In our case we wanted to install pfSense, so press the corresponding hot-key to perform the install process. Press I to install Reference Image: Screenshot: pfSense Install Dialog You should be taken to a new splash screen.
  • Step 3: At this point you should see a splash screen similar to the image shown below. Reference Image: Screenshot: pfSense Install - Accept Settings Use your arrow keys to hight-light and select Accept these Settings. Then hit Enter key.
  • Step 4: After the above step, you’ll taken to another screen, now choose Quick/Easy Install and press Enter key. Reference Image: Screenshot: pfSense Install - Quick Install

  • Step 5: pfSense is now ready to copy the core files to your hard-drive. At this point, you should see a screen similar to the image below. Reference Image: Screenshot: pfSense Install - Step 5 Select OK menu and press Enter key. pfSense installer should start the installation process. Reference Image: Screenshot: pfSense Install Progress

  • Step 6: After the file-copy process above, another screen will show up. It offers 2 Kernel options to choose from. If you are installing pfSense in a PC or Desktop platform, you should choose the Standard Kernel, otherwise choose Embedded kernel. Reference Image: Screenshot: pfSense Install - Step 6 - Choose Kernel

    Note: Only choose Embeded kernel if you are installing on a Embeded platform like router boards with built-in processor and flash storage.

  • Step 7: After setting the kernel from the above step, you’ll be prompted to reboot your machine. So, do so by selecting Reboot menu and hit Enter key. Eject the install media before doing this, or change back your boot device order to system drive. Reference Image: Screenshot: pfSense Install - Step 7

pfSense Installation: Phase 2

  • Step 8: After rebooting your machine, you’ll be asked if you wanted to set up a VLAN. Do you want to set up VLANs now [y|n?] Since we’re installing a basic setup of pfSense, you may skip this option and opt not to set it. So you may answer NO by typing n and then Enter key. But when you decided to setup VLAN after this point, you could easily do that using pfSense webConfigurator, to configure VLANs later. webConfigurator is pfSense’s web administration GUI.

  • Step 9: At this point of the installation, you should know and have already decided what Ethernet port to use with your WAN and LAN connection.

So you need to designate a specific device (Ethernet Card) for your Internet and LAN connection. You’ll be prompted to enter the WAN interface name, in my case, it is em0. So I should type em0 and then ENTER key. Next prompt should be asking you to enter your LAN interface name, in my case, it is em1. So I type in em1 and then Enter key. Another prompt will ask you to enter an Optional interface, you may skip this for now. We only need at least 2 network interfaces for this basic pfSense installation. So just press Enter to continue. If You Dont Know Your Interface Names Are, Read Below: Screenshot: pfSense Install - Ethernet Card Detected

In my case, I got two identical Ethernet card installed in my machine. They are both Intel PRO/1000 model. I need to know first their corresponding interface names, since they’re both identical, before assigning them either as a WAN interface or LAN interface. In my machine, they are identified as em0 and em1. But I don’t know which is which. So what I did was, I used the installer’s auto-detection option. To initiate this option, disconnect all your cables from your Ethernet cards. Then type a -> Enter key.

You’ll be prompted to connect the WAN interface first, make sure the link is up and working when you do this. So plugin your cable to any of your available Ethernet card and wait for it to be detected by the installer. It should show you the interface name, like so: em0: link state changed to UP In my case, my first Ethernet card was detected as em0. This is the card that is attached to the first PCI slot of my motherboard (counting from top). Now, this is going to be my WAN interface (Internet connection).

Now that your interface is detected, press ENTER key to assign it as your WAN interface. Reference Images:

Next, you’ll be prompted again to enter a to auto-detect your LAN interface name. So, connect your cable to your second Ethernet card, wait for a few seconds and it should be detected. In my case, it was detected as em1. Press Enter key again as soon as your interface is detected. Reference Images:

  • Step 10: After setting your network interfaces from the step above, continue with the next step and type in y to commit your network settings. Reference Image:
    You should be now taken to a screen similar to the image show below. Reference Image:
    Reaching this screen means that you’ve successfully installed pfSense.

pfSense Post-install Setup: Phase 3

Before you can use your pfSense instance, you need to configure it further to make it work within your local network. You need to login to its webConfigurator page and set things up from there. To start with the configuration, login to pfSense’s administration page by accessing 192.168.1.1 from any browser you wanted to use. The IP is the default configured, you may also change this if you wish, using the webConfigurator.

  • Step 11: Login by accessing 192.168.1.1 from a web browser and login as admin when prompted to.

When you access the Admin page for the first time, a splash page will open with a message saying either This Connection is Untrusted or The site's security certificate is not trusted! Reference Images:

This is perfectly normal since the ssl certificate that is used in the setup was not signed by a known and trusted Certificate Authority like, Comodo, Symantec, GoDaddy or GlobalSign. Instead, the certificate used was self-signed — meaning, a self-signed certificate is signed by the same identity who is being identified in the certificate.

Note: You commonly see this kind of notice if a site has a self-signed SSL certificate. BUT this should not be the case when you visit an SSL-protected website, whose certificate is validated by a known certificate authority (Symantec, GoDaddy, Comodo or GlobalSign). Because if you see this message on a site protected by SSL protocol, then probably someone is eves-dropping on your connection.

Read more about Certificate Authority here.

Just accept the connection and move on. In Firefox, just click I Understand The Risk -> Add Exception button, a pop-up window will open, click Confirm Security Exception and you’re good to go. In Chrome, just click Proceed Anyway button. Reference Image:

The default user-password for admin is pfsense You may change this later on.

  • Step 12: Upon successful login, you should be greeted by a welcome page and an initial configuration wizard page. Just click Next button to start the configuration wizard. Reference Image:
  • Step 13: A new screen should open (see image below), and you need to fill up the Hostname and Domain field. In my case, I leaved Hostname field untouched but I’ve filled up the Domain field with local.net. I’ve skipped Primary DNS Server and Secondary Server. Click Next to go to the next page. Reference Image:
  • Step 14: Fill up Time Server Information fields. In my case, I’ve skipped Time server hostname, but I’ve set my Timezone to Asia. Reference Image:
  • Step 15: Set up WAN information. This page should be use to configure your Internet settings. You need to input your ISP account information and configurations here. It depends what type of Internet service your ISP is offering you. Whether it be PPoE, DHCP, or Static IP. If you have a PPoE Internet connection, then choose PPoE from the drop-down menu under Configure WAN Interface. Then scroll down ’till you reach the PPoE Configuration field set. In this field set, you need to input your PPoE user-name and password. Reference Image:
    Then scroll down further and make sure that Block RFC1918 Private Networks: and Block bogon networks: is ticked and then finally click Next. Reference Image:
    If you either have a Static or DHCP based Internet connection, then just supply the necessary info to Static IP Configuration or DHCP client configuration field sets.
  • Step 16: You’ll be asked to configure your LAN interface, if satisfied with the current settings, then just skip this step and move on to the next page by clicking Next button. Reference Image:
  • Step 17: This step will let you change the default Admin user-name and password. You need to change the default entries and nominate your own set of Admin Username and Password. Reference Image:
    Click Next to continue and to load up the next page. Then finally click Reload to set the changes. Wait for the confirmation message Wizard completed to pop-up before you do anything. Reference Image:
    Once you see the confirmation message, you can now click here to continue working with pfSense webConfigurator. You should be now taken to pfSense main dashboard. Reference Image:

That’s a Wrap

There you have it guys, those are the steps on how to install pfSense 2.1.4. If you’re having some issues and you’re not able to complete the install process, just feel free to ask me about it and put your comments below.

Chubbable

Hi, I'm Chubby! That's what my friends call me. I'm a tech savvy dude who is passionate in learning stuffs by himself. I post stuffs that I recently learned and also stuffs that I'm very knowledgeable of. I also post articles here to serve as my own reference and knowledge base archiving.