Servers

Step-by-step installation of pfSense 2.6 firewall server

In this article we will see the process of installing a pfSense firewall server in version 2.6. If you still don’t know what pfSense is or what functions or features it has, you can click on the following link Introduction to pfSense .

Actions and requirements needed before installing a pfSense

  • Have a server to install pfSense that has at least 1 64-bit microprocessor with 1 core or more, at least 512 Megabytes of RAM and at least 2 network cards or one if using vlans.
  • Disable C states or power saving states of the processor to achieve higher performance (for physical computers).
  • Verify that all processors are active, Hyper Theading enabled if available (for physical equipment).
  • Prepare an installation media, which can be of 3 variants

Variants for preparing an installation media

First variant: download the .ISO file from the following url https://www.pfsense.org/download/ selecting the architecture and installer type values ​​as shown in the following image

This way will download a file called pfSense-CE-2.6.0-RELEASE-amd64.iso.gz of type .iso.gz. It is a compacted .iso image which we must decompress to obtain the .iso file. With this resulting file we can install on virtual machines, since we would only have to provide the path to that file.

Second variant: the second variant is recording (Burning) the image obtained in the previous way (the .iso file) on a DVD-type disc. It must be taken into account that to install using a DVD disc, the computer where we are going to install must have a DVD disc reader connected and this technology is already becoming obsolete and being displaced by USB memories.

Third variant: Prepare a USB memory from a special image file, which we will download from the same previous site, but this time selecting the options as shown in the image below

Once the image file pfSense-CE-memstick-2.6.0-RELEASE-amd64.img.gz has been downloaded , we decompress it to obtain the .img file and use the Win32diskImager tool which we will download from the following URL https://sourceforge. net/projects/win32diskimager/

Now with the .img image and the tool, all that remains is to run it and give it the path to the .img file and specify the letter of the USB drive and click on “Write” and wait for the memory to be ready.

Installing pfSense

To begin the installation of pfSense, you must connect the installation media to the server where it will be installed, turn on and boot (boot) using the previously selected installation media.

Once the computer starts using the installation media, you should see the following screen.

At this point all you have to do is wait a few seconds for the installation to load until the following image is displayed

To continue we press enter. A screen like the image shown below should appear, in which we will press enter again to continue with the installation

Next, the screen shown below will appear to select the keymap to use, although we can use the predefined one by pressing the enter key to continue

Next, the installation program will show us this screen in case we want to change the way of partitioning the hard drive. If we don’t want to do that, we can press enter again and the default will be used.

Then we are shown the partition configuration options for the system, which we can leave as default and press enter again.

The next step is to select the type of virtual storage device that the system creates to store the information, we can leave everything by default and press enter to continue

Below we are shown the disks that our computer has connected and we must select which one the installation will be carried out on, to select it we must press the space key and an asterisk will appear as an indicator that it has been selected as shown in the following image.

After selecting, press enter to continue.

The next step is to confirm that the disk where the system will be installed will be erased. To do this, select the YES option using the arrow keys and press enter.

Once we reach this screen, we have to wait for the installation to complete.

As soon as the installation process is complete, a screen like the one shown in the following image will appear. The image tells us if we want to make any additional changes manually in the system. If you do not want to do so, we can press enter to continue.

Upon reaching this screen, the system installation is complete, we only have to restart and make the initial configurations. To reboot, press enter and wait for the system to reboot and remove the media we used for the installation.

When the computer has completely restarted, the newly installed system will begin loading as shown in the following image and it will ask us for some basic configuration parameters.

In the previous image it asks us if the VLANs should be configured. In this step we will say no by typing N and pressing enter. If we were to use vlans we can do so later from the administration web interface.

The next configuration step is assigning the interfaces to the aliases that pfsense creates. In this case, the system detected two network interfaces named vtnet0 and vtnet1. These names may vary depending on the type of network card our server has. We will identify them because they appear within the parentheses. The aliases or default interface names are WAN and LAN, although we can add more optional type interfaces, which we can rename later. In this step, the configuration wizard asks us which network card (vtnet0 or vtnet1) we want to assign to the WAN that will be the interface connected to the external network, that is, to our internet service provider. To continue, we will write the name of the network interface that we will use for the WAN and press enter as shown in the following image.

Then it asks us which network interface will be used for the local network (LAN). There we will write the name of the second interface, which is the one that should be inside the parentheses. If there is more than one left, we will choose the corresponding one, write its name and press enter

Once the assignments are finished, the result should be shown on the screen and it will ask us if we want to proceed with the assignments. To continue, press “y” and then enter

Wait a few seconds and the main pfsense screen should appear in terminal mode showing the assignment information and a menu of options listed below as shown in the following image.

The next step is to assign the IP addresses to the WAN and LAN interfaces. For this, option number 2 will be used and we do it by writing a 2 and pressing enter. Then it lists the interfaces as shown in the following image and we will select the interface number. In this case we are going to configure the WAN so we write 1 and press enter. Then it asks us if we will use the DHCP service to configure the IP to which we can answer “y” or “n”. In our case we will not use it, so we press “n” and then enter.

Next, it will ask us to enter the IP address, which in this case we will use 10.0.3.2. Then it asks us for the network mask to use in CIDR format which is expressed by a number between 1 and 31. In our case we are using a /24 so we will write the number 24.

The three actions previously carried out are shown in the following image

Subsequently, it asks us for the IP of the gateway that our server will use, in our example it is IP 10.0.3.1.

Additionally, the server will not ask if we want to use the IPv6 configuration on the WAN interface via DHCP, to which we will respond no in our example by typing “n” and pressing enter. Finally, it asks us if we want to revert the administration web interface protocol to HTTP, to which we will answer no by writing “n” and pressing enter. We only have to confirm the change for which we will press enter again. The above three steps are shown in the following image.

At this step we configure the IP of the LAN interface by entering option number 2. When it lists the interfaces again, we choose 2. After that, when it asks us if we want to use the DHCP configuration, we say no by writing the letter “n” and pressing enter. . When requesting the IP address (Lan IPv4 Address) we put 10.0.0.102. When it asks us for the network mask in CIDR format (1 – 32), we enter 24, which is the example network we are using. Then when it asks us for the gateway (upsteam gateway address) we leave it blank and press enter. Next, when it asks for the IPv6 address, we leave it blank and press enter again. When asking if we want to enable the DHCP server on the LAN interface, we say no by writing “n” and pressing enter again.

Finally, it will ask us if we want to revert to the HTTP protocol and we say no by typing “n” and pressing enter. To conclude, it will tell us to press enter to finalize the changes and it should come out just like the image shown below.

At this step we can access it from a computer that is connected to the server that we have just installed. This computer must be connected through the LAN interface.

To access the server we will do it using a web browser by writing in the address bar the URL shown by the pfsense server console that is inside the first red box in the previous image, the following image shows what the URL put in the browser.

In our case we are using the Mozilla Firefox browser, but any can be used. Once we access the URL, the browser should show us an alert because the page we are trying to open is over HTTPS and the certificate it uses is self-signed, so it will show us an alert like the one shown below

To continue, click on advanced and then on Accept the risk and continue. In other browsers this alert is different, but you still have the options to continue.

Once we continue, the access page to the administration web interface of our pfsense server should load as shown in the following image.

To access the first time you open this page we will use the admin user and the pfsense password and then an initial configuration wizard will appear as shown in the following images

At this step, the wizard asks us for the name we will give to our server and the domain it will use. Here we replace the data we want, as well as the DNS servers, and click the Next button to continue

In this step of the wizard we will specify the time zone that our server will use. In this case we select Europe/Madrid, but you must select the one that corresponds to you. Then we click on Next to continue.

This step will display the WAN interface configuration. Note that the parameters that we had previously specified in the configuration in the server console are already selected.

On the next page of the wizard we will verify the configuration of the LAN interface

The next step is to establish the access password that we will use to access the server administration web interface, here we must use a secure password and confirm it correctly

To finish we click on the “Reload” button

and then in “Finish”

Once we have reached this screen we have completed the installation of our pfSense server. Here we are shown legal information about pfSense. We click on the lower right button “Accept”

and finally on the “Close” button

Congratulations, we should now be able to see the pfsense administration web interface dashboard as shown in the image below. In it we highlight in red the options menus at the top and the button with the plus sign to add more informative widgets to the dashboard or home page.

Below we show you a dashboard of the pfSense administration interface with some added widgets and some additional settings, in addition to using the dark theme.

Feel free to explore and test all the options available in the menus of your pfSense server management web interface. In subsequent articles we will continue to address the functionalities and configurations of this excellent firewall solution.

Eidy EV

Computer Science Engineer with over 10 years of experience in information technology. Has held roles as a Software Architect, Analyst, Senior Software Full stack developer, Network and Systems Administrator (Sysadmin), and Information Security Specialist (Pentester).

Entradas recientes

United Airlines’ First Automated Reservation System: An Example of High Availability

Evelyn Berezin was a pioneer in the world of computing. She is considered the creator…

6 months hace

Evelyn Berezin, the creator of the first word processor

When I started researching this woman, I never thought I would find her anecdotes so…

6 months hace

Installation and configuration of WordPress from scratch on an Ubuntu VPS with Let’s Encrypt certificates

Among the most popular and used content management systems (CMS) on the entire internet is…

6 months hace

What is Delphi and why do you have to learn to use it?

Delphi is a RAD (Rapid Application Development) type visual development environment. It is a development…

9 months hace

Web browsers, their history and features

A web browser, also called an Internet browser or simply a "browser", is a computer…

11 months hace

Installation of GNU Linux Debian 12 (Bookworm) + KDE in graphical mode for workstations from scratch and step by step

In this article we will see step by step how to install GNU Linux Debian…

12 months hace