Installation and Configuration of pfSense 2.3.4 Firewall Router

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Rob Turner

He is an Instructor of Computer Technology with Ball State University where he currently teaches all of the departments Linux courses and co-teaches Cisco networking courses. He is an avid Debian user as well as many of the derivatives of Debian such as Mint, Ubuntu, and Kali. Rob holds a Masters in Information and Communication Sciences as well as several industry certifications from Cisco, EC-Council, and Linux Foundation.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

21 Responses

  1. moande says:

    Hi Rob, nice tutorial i just discovered. PfSense can not display my Wan IP. therefore, I’m not able to to display the web configuration page through https://10.10.10.9 to enter firewall rules. Can u help me?

    I am on virtualbox with the both wan and LAN interfaces named as pcn0 for WAN and pcn1 for LAN.

    Please, help.

    • Rob Turner says:

      Moande,

      The web interface is done through the LAN interface not the WAN interface. If you’re using VirtualBox you’ll have to plug another VM into the LAN side network to access the LAN side of the PFsense box.

  2. Ankit Tiwari says:

    Hello,

    Nice tutorial. I want to know the steps to be followed if I want to configure pfsense between my router (TP-Link) and switch (CISCO). How can i do so? ip that i am getting from router is like 192.168.0.XX. Please guide me through the configuration for the same.

    Thank you

    • Rob Turner says:

      Ankit,

      There’s a little bit more planning needed to do this correctly but the high level would look something like this:

      {Internet} ———> [TP Link Router] ———> WAN Port — (PFSense) – LAN Port ——–> {Cisco Switch}

      Now that being said, there are a lot of design considerations that would need to be addressed here. Without more knowledge about what the end goal is and how the internal network will be setup, I can’t really provide step-by-step instructions. Items like NAT, DHCP, DNS resolution, etc all become issues here.

  3. Pravin says:

    I have 2.3.4-p7. After I did a Factory reset, System and packages are not updating. It says ‘Unable to update‘. Hence now I cannot install other packages. please help.

    Pravin
    India.

    • Rob Turner says:

      Pravin,

      I had that issue about a month ago after a PFsense upgrade. After a reboot the system was able to upgrade/install items as normal. May need to give the box one more restart when possible.

  4. MAMALLAN D says:

    Hi, I have installed pfSense for physical system, but how to configure and set firewall setting, you can help me.

  5. aman says:

    Dear Sir,

    I have a wan IP i.e static 192.168.0.247 and my LAN network is 192.168.3.1/24 .

    My wan interface always show up but when i check gateway it is showing offline and internet is not working

    Please guide me

    • Rob Turner says:

      Aman,

      Are you sure that’s the right IP address for your WAN interface? Most WAN interfaces should be using public IP addressing often provided from the ISP. If that is indeed the proper address, have you created any firewall rules that may be blocking traffic?

  6. KEN says:

    Hi! I’m student, I have homework about install PFSense in Centos 6.7 and I would like to “How to configuration of PFsense Fire wall 2.4.1”.

    Can you help me.

    • Rob Turner says:

      Ken,

      I’m not sure what you mean. PFsense is a standalone firewall distribution. You can’t install it inside of CentOS unless you mean as a virtual machine? Could you elaborate on what you’re trying to accomplish?

  7. nay says:

    I am beginner and I have tested Pfsense 2.3.4 on vbox. Pfsense have 2 NIC’s, one is WAN that is dhcp, other one is LAN is static. I use guest OS on vbox and connect to pfsense. pfsense access internet, but Guest OS didn’t get internet but ping to 8.8.8.8 is ok and ping to http://www.google.com not ok. nslookup show

    default server are not available ; 
    defaault server : unknow ; address:127.0.0.1. 
    

    how should I do that you guide me?

    • Rob Turner says:

      Nay,

      Your nslookup output suggests that your computer doesn’t have a DNS server configured. If you’re doing all of this in VBox, you’ll have to create an internal network for your virtual machine and the PFsense VM. This will allow the pfsense box to hand out DHCP information on the LAN interface to the virtual guest machine. At that point the guest will use the PFsense box for DNS. So your network would look like this:

      INTERNET ———— EM0(WAN) on Pfsense+++++Internal routing on Pfsense++++++EM1(LAN) on Pfsense ———- Virtual Box Guest (guest and pfsense EM1 on internal virtual box network)

  8. Faruk says:

    Thanks for the tutorial, However I have some questions regarding the configurations?

    I’ve setup Pfsense on VM an cloud and I’ve assigned Public IP to WAN and Local IP like 192.168.3.1/24 to LAN and made this DHCP with a IP range like 192.168.3.10-192.168.3.254.

    1. What rules or NAT should be configured in order the IP addresses received the IPs from DHCP to get out to internet?
    2. How many Gateway is preferred to have and which one should be default?
    3. In what situations should Static Route be configured?

    Hope to hear you soon.
    Thanks in advance,

    • Rob Turner says:

      Faruk,

      1. The NAT rules would depend on your network and what needs to be translated. I can’t really provide any insight there without knowing more about the network.
      2. Most of the time networks only need one gateway. You can configure multiple but the hosts will only be able to use one at a time.
      3. Static route needs would again be dependent on your network setup. Most networks have a default static route out to the ISP and the ISP will generally have a static summary route back to the network. Regardless with PfSense in most home/small business situations, you won’t need to mess with static routes.

  9. evgeny says:

    I have a three-router circuit. Both are linked to IPSEC to the main one. Everyone can see and enter. I’m running open to the main router. VPN client connections only see the main router’s network. I want to see all networks that connect to openvpn.

  10. ehsan hedayati says:

    nice tutorial
    thanks very much!

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.