|
Pfsense in a virtual machine I am trying to setup a network w/ the VM of pfsense as my main router. My computer has 2 NICs. One as my WAN and the other as my LAN. Now the question is; Is it possible for the host machine to be behind the pfsense firewall? Which once again is a virtual machine. |
you will be better with 3 NICs and bridge 1 nic of the VM to the LAN and bridge the second to the WAN , third one will be the host , if you use 2, I'm pretty sure the only one you can NAT is the WAN , not to good. |
Hmm. Not sure what you are saying there. http://smiliesftw.com/x/embarasseddance.gif Maybe I'll make my goal clearer. I want my entire network to be behind the pfsense firewall including the PC that the VM of pfsense is running off. Is this possible? My CPU does not have Vt-d, would a Vt-d CPU help? I'd rather buy a new CPU than buy an entirely new rig to use as pfsense machine. So using the virtual machine would be the better solution if possible. |
I don't know what you are using for your VM software but yes you should be able to. If you view your NICs are ports on a router with the ability to plug into ether side of the router virtually then it might make it clearer. Internet-->PC NIC1(disable iptcp4 on host)-->pfsense VM with two NICs-->PC NIC2(keep host settings normal, gateway, dhcp etc)-->home switch this will have your host PC go out onto your home switch and then do a 180(might be smart enough never to actually hit the switch but think of it this way) and came back through for the bridged pfsense router connection. VMware is pretty easy to do this with, I assume the others would be equally easy. if you use vmware, I would use the workstation or player over the windows vmware server.... it is garbage imho. If you really want to do it right use ESX and vm your current server with a separate vm for pfsense. |
Seems simple to me. Connect the pfsense vm to the wan nic and point your other vm's at it as the gateway. |
Quote:
NAT; it will share the same NIC as the HOST PC, Bridged ; the NIC will be use only by the VM Internal: not usefull here NIC 1 ( bridge ) ; use by PFsence in the VM to connect to the WAN, example a cable modem NIC 2 ( bridge) ; use by PFsence to connect to your switch NIC 3 ; use to connect the host to the switch with this setup it's like if you are using PfSense in a dedicated PC , depending o the VM hypervisor it can be very hard to make your PCs on the network communicate with Pfsense if you are using NAT here a small drawing, the VM is represented as a smaller pc inside the host http://i1199.photobucket.com/albums/...iologie/pf.jpg |
Quote:
Now if you have a more powerful rig, you can easily add other VMs using VMSphere. I run W8, Ubuntu and OSX alongside PfSense. |
Seems pretty straightforward. NIC #1 is assigned exclusively to the pfsense VM and is used as the WAN connection to the cable modem. NIC #2 is bridged with the pfsense VM and this bridge is the LAN. pfsense can number itself as the gateway IP on the LAN bridge, and the host can number itself on the "physical" NIC #2 as another LAN host. NIC #2 is then connected to a LAN switch for any other LAN clients that want to join in. There's no need for a 3rd NIC at all. Just a software-only bridge on the LAN side. |
Quote:
|
Quote:
|
| All times are GMT -7. The time now is 06:19 PM. |