Installing pfSense on Proxmox

Video Statistics and Information

Captions Word Cloud
Reddit Comments
Sam here from Sheridan computers this video will walk you through getting pfSense installed on proxmox we're going to start at the very beginning we're going to download the ISL from netgate's website once we've downloaded the ISL we will upload it to proxmox we'll create the virtual machine we'll then configure the um necessary network interfaces we'll proceed to install PF sense once we have pfSense installed then we'll go ahead and finish off with installing the Q guest agent which is pretty important if prox MOX wants to be able to talk to the pfSense virtual machine um I'm doing this video because I need I'm covering videos on both pfSense and open sense and I need them both on proxmox so I just happen to be doing the proxmox install so I figured while I'm doing it I may as well record it and share it with you just in case somebody finds it useful let's Dive Right [Music] In first we're going to need to head over to pfSense website and download pfSense image so we want amd64 installer we want the iso um so we can use it with prox MOX choose the place is closest to you and then go ahead and download so you'll notice the uh file extension is ISO Dogz meaning it's a gzipped file so we're going to have to um extract that once it's downloaded okay that's downloaded so we're going to open the folder it's downloaded to I'm just going to right click it and I'm just going to extract all and it's not going to unzip on Windows um okay so going to go over and download 7zip a fresh install so okay let's try that again so I'm going to go show more options this time going to do seven zip I'm going do extract once you extracted the iso and you've got the ISO file and not the actual image um you can uh go ahead and upload it to prox Mar so I'm going to go to Data Center select my node uh on local storage ISO images I'm just going to upload uh we go ahead and upload that okay so the slow is um uploaded properly so now we can go ahead and create our virtual machine I'm going do create VM um node pv1 give it a name and we'll go to next choose our ISO let set the operating system to other and click next um graphics card can leave as default um machine firmware I'm going to set to Q35 um I'm going to try ovmf for this for ufi um cck next to that so discs uh I'm going to trash the default dis settings I'm going to add a new one uh I'm going to change it to scoy select the storage pool so in my case it's tank 32 gig is fine for this I'm going to put set the cash right back discard since we're using an SSD we want um IO Fred enabled for performance reasones going have one socket four cores and the type I'm going to set it to poost to give it the full access to the CPU features memory we're going to set it at 8 gig now take this Advanced um tick box down here so I could disabled ballooning what ballooning will do is um share the memory so it won't not till the use all the memory it'll report that it's got 8 gig but it can be used for something else to allocate the full 8 gig and I'm not sure if evsd supports that anyway Network I'm going do no network device and we'll set them up in a second we'll go through why now we can go ahead and click finish okay so um we've got our PF sens machine which has appeared um what we want to do now is go ahead and configure the I off isn't it yeah what I want to do is go ahead and configure the um networks we're going to Hardware um when it comes to configuring your network interfaces you've got a couple of options you can create a Linux Bridge you can think of a bridge like a switch um oh you can pass the interfaces through directly no for your one interface i' generally recommend that you pass that through directly um excuse me so to pass the physical network devices for you go to PCI device um we want raw device then you can see all the controllers are listed here so you can pass them through that way um obviously Tech PCI Express now what I'm actually going to do is create Bridges for this just because of the way my setup is to create a network bridge You' go to uh your node Network um now you'll see I've got two added um vmbr0 which is default bridge that comes with um prox marks and then V br2 which it was mapped to E1 Lan on this device so it's good to set your descriptions up if you need to create a new bridge you can always do create Linux Bridge give it a name uh and then you literally just put in the name of the network card so if it was like EMP 4S Z that you passing through as a netork device then you'd put EMP for s0 in there um I don't need to do that in my case because I've already created the bridges so what we'll do next is back to RPF sense hardware and I'm going to add Network device I'm set vmbr0 take the firewall the VLAN tag uh 69 because I've got you Gally leave it if you're not using vlans I do have a VLAN set up um and I'm going to use vert IO which is what you want to use for the network multiq set it to eight and then we can add that so Net Zero will be our one device um now notice where it says vert iio equals BC and then you've got the MAC address of the network card that's how you'll be able to identify the the network cards within um pfSense so our ends in 77 for this one uh I'm going to add another one and this time we're going to add vmb Z for our lamb again we need to change it to vert IO um untick the firewall again set multiq to eight add that and now at this stage we should be good to start up our VM so go to console uh start um oh we got a ufi boot problem let me uh reset that for a second I'm going to go into the bias options uh s the boot manager no device manager uh secure boot configuration and disable secure boot so we need to reset that should fix a boot error I believe okay so you need to disable secure boot in order to uh boot this okay so we're going to go ahead accept the EULA want to select the install option um you can choose ufs or ZFS I prefer ZFS um ufs is good for flash cards and things um ZFS is's no reason not to use now what we're going to do is is make sure that's set to stripe select the dis then you can go ahead and proceed now if you want to change the swap file or anything you can do if you want to disable it make it bigger whichever you want to do encryp the discs you'd have all the options there and but we're going to go ahead and just C install in as normal at this stage you uh want to remove the installation media and reboot so go ahead and reboot I'm going to go into [Music] Hardware CD drive going to click it I'm going to put do not use any media you need to make sure you obviously remove the media from the boot option otherwise you'll just boot back into the installer so I don't want to set up vlans um one interface is VT at zero and the line interface is going to be VT that one the order that we put them in so that's correct okay so I'm going to assign my inter set my interface IP addresses assign the interfaces so the one is DHCP that's fine now to the L uh I want to use uh DHCP I'm going to configure this manually so this will obviously vary to your network set your sub net masks or 24 in my case for 255 255 2550 um don't need a up stream gateway address for the lamb don't want DHCP IPv6 I don't want to enable DHCP you probably will um again it depends on your network and how you configuring this and now we should be accessible at 10. 1.10.33 let's go ahead and test that okay so we want to log in with admin pfSense you log in with uh the username admin password pfent and you'll get the wizard um I'm assuming you know what to do at this stage so set your host name set your domain name set your DNS servers so um you can allow override is basically if you want DHCP or if you're going to set them manually so um set my manually don't want to allow override colle your time zone where am I I'm in London still um my one configuration so we've got it set to DHCP um I do have other video on installing PF sense um like more in depth if you want to do that um check them out so RFC 1918 I'm going to unblock them uh because my one and Lan are obviously on rfc1918 go ahead and next to that so um set password then go ahead and reload okay PF sense is now configured we can go ahead you can either finish or you can check for updates oh God we're up to date get rid of this add the support note okay that's um pretty much installed but one thing you will notice um we don't have the qmu guest agent installed so no guest agent configured so we can't see the IP addresses um we need to have it installed for marks to work with it properly so what we're going to do um is drop to the console eight is it um we need package install qemu guest agent I'll leave these notes um below so here it says run cisc qmu guest agent that's not going to work so what we need to do is create a new file because if we look at onsd if we do the csrc as it says U guest agent enable equals yes don't type that there's absolutely no need to so all that basically does is puts an entry in this file and as you can see it says here this file does nothing do not make config changes here so yeah that was pointless so what we do have to do is uh csrc minus F Etc n. comp. local and then I want um qemu guest uncore agent uncore enable equals yes um so what we did there we specified the minus F flag to S RC which will create a file if it doesn't exist logo and it will add our entry into that as such um so that's fine so that file will run um now we need to create a startup script for it so we're going to leave these below seeed into US local Etc rc. d uh and I'm going to create um emu hyen agent. sh so we'll create a file to force it to run we have to start off with the hash bang and we're going to want for bin sh sleep three uh and then want service qmu guest agent start that should be all we need of course we'll need to make that file executable qmu agent. sh okay okay uh don't know if it'll work at this stage no right so that's fine um so we've created the file in ETC RC so local con qmu guest agent enable equals yes we've got our qmu agent sh in use local ET rc. D and it is executable so we are executable um right so the next thing we need to do is going into system Advanced system tunables I'm going to add a new one and we want vert iore consolor load then we want to set the value to yes we set the value to yes we can leave the description that's up to you bu the changes but now if we shut this system down do else is just power off 3sd Hobbit okay before we start back up and a reboot is not good enough so you do need to shut the system down so we need to go into options uh and we've got this qmu guest agent within proxmox settings so we need to double click it allow and set it to enabled um now that should be I think so me start that up again okay let's have a look at the summary right excellent so we've got our IP addresses and that's running properly um so you need the qmu agent running um if you don't you just going to have problems especially if you're doing like backups and stuff and if you have a look at the options um freeze for guest file systems on backup for consistency so the agent does need to be installed um but yeah we pretty much running that I hope you found this video useful if you are indeed installing pfSense on prox MOX um if you have any comments please leave them below um your feedback is more than welcome if you found this video useful please hit that like button and as always consider subscribing to the channel don't forget to hit the notifications icon if you haven't already to receive notifications of any new videos as they are released and of course if you want to hire us for any networking or firewall projects head across to our website and hit the hire us button we'll see you in the next [Music] video
Channel: Sheridan Computers
Views: 750
Rating: undefined out of 5
Id: pykWp1RCYHg
Channel Id: undefined
Length: 23min 55sec (1435 seconds)
Published: Wed Dec 27 2023
Related Videos
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.