Hey guys! So you want to know how to install the pfSense
software router. It's easier than you might think. Join me! I'll demonstrate it on this Topton 12th gen
router mini-pc I use in my homelab. It's a pretty awesome but affordable device. If you want to know more about it, check out
the links in the corner of this video or find it in the description. As I've said, it's super easy. You'll only need a small USB flash drive like
one gig will suffice. Ok. So, step by step. Head to the pfsense.org webpage. Hit the Download link. Choose Architecture. If you have a non-Netgate generic device like
me, select AMD 64bit. Choose Installer. DVD is outdated today, so choose USB Memstick. Console, VGA. And pick a Mirror closest to you. As I'm in Europe, I'll select Frankfurt, Germany. And hit Download. Wait for it to finish. And burn the image to your Flash drive with
an imaging software of your choice. I'm used to the balenaEtcher. But you can use whatever you like. Like Rufus or Raspberry Pi Imager. So, I'll choose Flash from a file and navigate
to the downloaded image. I don't even need to uncompress this file,
it will handle it for me. Choose a Device to flash to. I've got only one option, the connected flash
drive. And hit Flash! Wait for it to finish. And after that, eject the drive from your
computer and insert it into your desired future router.
Power it on and hit a key that lets you choose the boot device or opens the Bios. It could be different keys for different manufacturers
of your computer, but usually, it's one of these keys. Delete, F2, F10, F11 or F12. So read the documentation on your device or
try the different keys a few times like me. When you get to the boot options, choose the
USB drive and wait for it to start. The first thing you will see is this Welcome
menu. Autoboot will continue to the first option
1. Boot Multi user. That's completely fine and desirable. So wait for a few seconds or hit 1. Or, if you want to explore more options on
your own, hit the Spacebar to pause the autostart. The installation process start shortly. You'll see all this text output as it is booting. Just give it some time. Okay, the first thing you'll need to do is
to accept this Copyright statement. And now choose what you want to do. Install pfSense, of course. How would you like to partition your disk? I would strongly suggest sticking to this
first Auto(ZFS) option. Here are some options to it. If you're not familiar with what you're doing
here, just hit Install and don't bother yourself with it. Again, if you're not trying to build some
kind of RAID from multiple disk drives, just hit Stripe - No Redundancy. Select the disk drive by pressing Spacebar
to select this device with the asterisk. And then hit OK with Enter. You're now warned that the installation process
will destroy everything on that drive. If we want to proceed, we should be fine with
that. Ok. The installation process is swift, and you
should be presented with this Reboot button in seconds or moments. Do it. The device will reboot and launch the pfSense
for the first time. That was quite quick, wasn't it? Okay, so this was the easy part. But don't get scared. It's not going to be that bad from now on. So now you should see the console and the
first launch wizard that will ask you a few questions to do the very basic setup of your
device. Ok, from this point further, you should have
some idea how your network is set up and where in your network architecture fits this new
router. I'll demonstrate this to you in my very basic
use case. So what I want to achieve is this. I'll draw you a simple schematics of my network. Here's the Internet connection from my ISP. It's connected to the WAN port of my different
router, which I'm actually using right now before connecting the new one with pfSense. The LAN port of this router is connected to
my switch. A device that all the other devices are connected
to. Like my PC, servers, wifi access points, everything. This router also serves as a DHCP server in
my network. The DHCP server is the guy that assigns IP
addresses to all the devices on the network. I won't make it any more complicated than
this. No VLANs or Virtual LANs, nothing. Just this basic configuration for now. If you know what you're doing, you can set
it up the way you want right now from the beginning. For me and the rest of you, I just wanted
to check out the pfSense for the first time without actually disrupting my network. So, I configured it to act just like a standard
local LAN device to explore it a bit more. Okay, let's head to the first config. Should VLANs be set up now? No. Enter the WAN interface name. This is the interface that should face your
internet connection. I won't be using it right now. But let's say it should be the first one. The numbering starts from zero. So, in my case, it's the igc0 interface. Enter the LAN interface name. That's the local area network, aka the interface
going inside your network. Let's say it should be right next to it. igc1. And the rest of the interfaces I won't use
right now. I don't need them for this basic usecase. Proceed Yes. And wait a while. And this is the way it looks when the pfSense
is up and running. Don't worry; you won't have to configure everything
from this console. pfSense has a very nice web interface. We just need to be able to access it. To do so, we must set the correct IP address
for this device. How? Easy. Look. It says that the LAN is set to 192.168.1.1/24
network. That's wrong for my network. I use different ranges. So let's change that. Enter option 2) Set interface IP address. As I've said before, I want, for now, to set
it up only as a local device sitting in my internal network so I can access its web interface. So, I want to configure the LAN interface,
option 2 again. I could let it take an IP address from my
DHCP, but I want to avoid looking for it after that, figuring out which IP address it got
from DHCP, so I'll configure a static one for it. So DHCP - no. And enter the static IP manually. For my network, it will be 10.0.0.140, as
I know that this one is free and not taken by another device on the network. My DHCP server is configured to serve IP addresses
from the range 10.0.0.1 to 10.0.0.99. The subnet bit count will be 24. And for LAN, just hit Enter. I don't need IPv6 now, so again, Enter. And do I want to enable DHCP - no. I've got DHCP running on my router right now. This would mess things up. Do I want to use HTTP as a webconfig protocol? No. Okay, this should be enough for the configuration. You can see we can now access the web interface
on this URL https://10.0.0.140/ So connect the ethernet cable to the second,
LAN, port on this device. Hop on to my main computer and open this address. It doesn't have the proper SSL certificate,
so go through this warning page. And here we have the pfSense Login page. This is starting to look like something. Okay, the default login is admin, and the
password is pfsense in lowercase. The first time you launch it, you'll see a
quickstart Wizard like this. Go Next. If you're enterprise-grade, you can learn
more about Netgate Support. Next. Okay, this is more of a value for us. General Information. Set Hostname to something sensible, like what
this device is going to do for you, like "firewall". I'll put in "router". Domain, again, something intelligent. Don't end it with "local" like me. It says right beneath that it's not a good
idea. I noticed that one later on. I don't need DNS servers right now, but if
you do want to set them right now, you can. Next. Pick your Timezone. Next. Configure WAN Interface. That's the interface that faces the internet,
not your local network. I don't need to configure that one either,
as I'm just fiddling around for now. I'm not connecting it right now as the router
in my network. Nothing needs to be changed here. Next. Configure LAN Interface. It's already configured. We did this in the command line interface. Next. And set Admin Password. Next. And Reload. Congratulations! pfSense is now configured. And we can now finally have a look around
this WebUI to see what's what. You can see the nice Welcome Dashboard. System Information, Name, the user logged
in, Version, Temperature, CPU is idling, Memory usage. Let's quickly skim through the Menus and see
all the things you can do with this thing. Here are some System configs like Advanced,
Certificates, General Setup, Routing. Interfaces, these are the two we have configured,
WAN and LAN. Firewall configurations. Services. Very useful things here. Auto backups, DHCP configs, DNS Resolver and
Forwarder. NTP. You name it. VPNs supported protocols are IPsec, L2TP,
and OpenVPN. You should be fine with these with all major
VPN providers. Status, again, almost anything you can think
of. And Diagnostics, again, everything you can
think of. That should be enough for the lightning-fast
quick tour over the pfSense. Now, let's put this baby to real work in my
network. We need to set the WAN and LAN interfaces
correctly and, in my case, enable the DHCP server on it so all my devices can get their
IP addresses from this router. It's easy. I'll switch to the CLI of this pfSense box
and make the changes locally, not over my network. Pick Option number 2 - Set interface IP address
2 - LAN interface. No, I don't want to set up the LAN interface
via DHCP. We want it to be static of course. So, for my network, I'm used to 10.0.0.138
But you change this to whatever network you use in your environment. Something like 192.168.1.1 might also be fully
viable. The subnet bit count is 24 for me, and if
you're a beginner and just learning, I'll bet for you it will be too. Ok, for LAN just press Enter. And we don't need IPv6 right now. No. Enable DHCP - yes. We want pfSense to serve IP addresses to our
network. In my case, I serve from the pool, starting
with 1 to 99. Everything else I reserve for my static addresses. 99 devices in one household should be plenty
enough anyway. And I don't want to use pure HTTP for my webConfigurator,
no. Okay, that's all for the LAN interface. I don't need to configure the WAN interface
as it's already set to DHCP, and that's correct for my network. So, I'll halt or power off the system, and
after that, I'll switch it with my main router. If everything's configured correctly, I should
be back in a moment up and running. Okay, here we go. pfSense is running on the desired IP address
10.0.138. The network icon in the bottom right corner
indicates that things could be all in order. But let's double-check. Trademarks window again - odd, but whatever. You can see Interfaces are reported to be
up and running. That's a good sign. I wanted to show you here that my internet
connection didn't work right off the bat. But it was some kind of mishap on my network. It didn't work for a few minutes, but after
that, everything went online without me doing anything. So if you encounter something like that, don't
panic. It can take some time for the network to "heal". Everything seems to work fine after a few
minutes. And just like that, you can easily install
pfSense with some basic configuration. In the following video, I'll show you how
you can connect pfSense with Pi-Hole to create a network-wide, or household-wide, adblocking
solution so no advertisement is bothering you, your family, or basically all the devices
you use in your network. And we're just getting started. There's so much you can achieve with pfSense. Hope you guys liked this video. If so, please hit that Subscribe button. It would help me a lot. Thank you and Bye!
