Previously we had written an article Pfsense USB Installation Guide, in which we showed you how to make bootable USB installation media for Pfsense. While the previous method does still work, we have found that using Rufus as a one stop shop for USB installation media, is now our preferred method. This is the preferred means of running pfSense software. The entire hard drive will be overwritten, dual booting with another OS is not supported. CD Image (ISO) The CD Image (ISO) Installer is used to create a CD/DVD version used to install on virtual machines or systems with a CD/DVD drive. Install pfSense in VirtualBox. Download pfSense from here. Download 7-Zip (For extracting pfSense.gz download) from here. Step 1: After you have extracted the pfSense ISO file from.gz archive using 7-Zip, open VirtualBox Manager and click “New” at the upper left corner. Hard Drive and still no luck. When it tries to boot from the USB drive it gets stuck at verifying DMI pool and never loads. I also tried to find a Linux app which can create a bootable USB but have found nothing which would work for IMG files. I installed UNetbootin hoping that might work but it appears to only work with ISO files, not IMG files.
I've have tried running 'dd' command from the terminal to write the memstick (2.0.3 i386 release) image file to the drive from both my Linux Ubuntu PC and my Mac but none of them will boot my PC. I have set the BIOS boot order to 1. removable, 2. CD Drive, and 3. Hard Drive and still no luck. When it tries to boot from the USB drive it gets stuck at verifying DMI pool and never loads. I also tried to find a Linux app which can create a bootable USB but have found nothing which would work for IMG files. I installed UNetbootin hoping that might work but it appears to only work with ISO files, not IMG files.
I am just learning linux and don't have a Windows PC, only Ubuntu PC and Mac. The reason I need to be able to install from USB is that I just picked up a micro-ITX pc and it does not have a cd/dvd drive. Please note, I was able to create a bootable LiveCD install disk with my mac and it could boot and run the pfSense installer on my test Linux machine. Unfortunately, this is not the machine I want to ultimately run it on. Please help ???
This article will guide through selecting an appropriate version ofpfSense® software, the initial pfSense installation, and related tasks.
Tip
If you purchased an official Netgate appliance, check the reinstallguide in the appropriate Security Gateway Manual.
When selecting hardware for a new build, carefully consider current andfuture hardware requirements. These include:
64-bit Intel or AMD CPU (x86-64, amd64) on pfSense 2.4 and later
Must be able to boot from USB or optical drive and run the installeron pfSense 2.4 and later
64-bit or 32-bit¶
Starting from version 2.4, pfSense supports 64-bit (amd64) exclusivelywhile 32-bit (i386) support remains with pfSense 2.3, which will receivesecurity updates for at least a year after pfSense 2.4.0-RELEASE.
The amd64 platform works on current x86-64 hardware from Intel, AMD,etc. If the hardware is capable of using a 64-bit operating system, thenrun the amd64 version.
Installer ISO, Memstick or Memstick Serial?¶
If a Full Install is to be performed, there are three types of installmedia that can be used to accomplish the task:
Optical disc image (ISO image, CD/DVD disc): Easy and familiar tomany, if the target hardware has an optical drive it’s a solidchoice, especially if the BIOS will not boot from USB.
Memstick: Like the CD/DVD, but run from a USB thumb drive. Oftenfaster than the CD/DVD. Many new devices do not have integratedoptical drives, making this the current best recommendation.
Serial Memstick: Like the Memstick image, but runs using the serialconsole rather than VGA, for newer embedded systems. Torrent francais downloads.
NanoBSD or NanoBSD+VGA¶
IMPORTANT: NanoBSD is deprecated with the pfSense 2.4-RELEASE!
NanoBSD uses the Serial Console by default, so there are two sets ofNanoBSD images:
NanoBSD: Embedded install type using the serial console by default
NanoBSD+VGA: Like NanoBSD, but uses the VGA console instead.
Virtual Machines¶
Virtual Machines, with hypervisors such as VMware vSphere, Hyper-V, KVM,Proxmox or Xen, should be installed using the ISO image. They can beused to firewall completely inside a hypervisor host for other virtualmachines, or for edge filtering/routing tasks.
See Also:
Download pfSense¶
Visit https://www.pfsense.org/download
Pick the chosen Version, Architecture, and Installer type
Download the SHA256 checksum file to verify the image later
Pick a mirror and click the link on its row to download the imagefrom there
Wait for the download to complete
Prepare Installation Media¶
The downloaded image must be written to target media before it can beused. For a Full Install, this media is used to boot and install andthen will not be needed again. For Embedded, the target media is thedisk (CF/SD) that will contain the Operating System.
Write the installer ISO: If the .iso file was downloaded, it mustbe burned to a disc as an ISO image. See Writing ISO Images for assistance.
Writing Memstick or NanoBSD images: This task is covered with greatdetail in Writing Disk Images.
Connect to Serial Console¶
Before attempting to install or boot, if a serial-based image was used,such as Memstick-Serial, connect to the serial console with aappropriate serial cable and terminal options. Plex media server download. See Connecting to theSerial Console for specifics.
Performing a Full Install (ISO, Memstick)¶
Power on the target system and connect the install media: Place the CDinto the drive or plug the Memstick into a USB port. If the BIOS is setto boot from CD/USB, pfSense will start.
For other boot issues, Installation Troubleshooting.
As the operating system boots and pfSense starts, a wizard will startand prompt to accept the copyright and distribution notice.
Pfsense Iso To Usb
To start the installation select OK while Install option isselected.
Next step is to select filesystem. By default UFS is selected. ZFSsupport is currently experimental. Select OK to continue. Thisoption automatically configures the hard drive.
The following step allows Keymap Selection. Standard US isdefault. Continue to the next step with Select.
The install will proceed, wiping the target disk and installing pfSense.Copying files may take some time to finish.
It usually takes no longer than a couple of minutes.
After installation completion manual configuration options are offered,select No to continue.
Now the system must reboot so that pfSense may start from the targetdisk. Select Reboot and then press Enter. Be sure to remove thedisc or USB memstick so that the system will not attempt to boot fromthere next time.
After the system reboots, pfSense will be running from the target disk.The next step is to Assign Interfaces on the Console below.
Assign Interfaces on the Console¶
The default configuration file on pfSense 2.3 has em0 assigned as WAN,and em1 assigned as LAN. If the target hardware has em0 and em1,then the assignment prompt is skipped and the install will proceed asusual. Several other common platforms such as our SG systems, APU, andALIX are also recognized and will have their interfaces assigned in theexpected order.
If the hardware platform cannot be identified, a list of networkinterfaces and their MAC addresses that were located on the system willappear, along with an indication of their link state if that issupported by the network card. The link state is denoted by “(up)”appearing after the MAC address if a link is detected on that interface.The MAC (Media Access Control) address of a network card is a uniqueidentifier assigned to each card, and no two network cards should havethe same MAC address. After that, a prompt will be shown for VLANconfiguration.
VLANS¶
The option to assign VLANs is presented first. If VLANs are notrequired, or they are not known, enter No here. VLANs are optional andare only needed for advanced networking. VLAN-capable equipment is alsorequired if they are to be used. See VLAN Trunkingfor details.
LAN, WAN, OPTx¶
The first interface prompt is for the WAN interface. If theinterface is known, enter its name, such as igb0 or em0 and pressEnter. If the identity of the card is not known, see the nextsection for the Auto Assign Procedure.
The second interface prompt is for the LAN interface. Enter theappropriate interface, such as igb1 or em1, and press Enteragain. If only the WAN interface is to be used, and no LAN, pressEnter without giving any other input.
Only one interface (WAN) is required to setup pfSense. If moreinterfaces are available they may be assigned as LAN and OPTxinterfaces. The procedure is the same for additional interfaces: Enterthe appropriate interface name, then press Enter.
When there are no more interfaces to add, press Enter. The list ofassigned interfaces is displayed. If the mappings are correct, entery, otherwise enter n and repeat the assignment.
NOTE: If only one NIC is assigned (WAN), This is called ApplianceMode. In this mode, pfSense will move the GUI anti-lockout rule tothe WAN interface so the firewall may be accessed from there. Theusual routing functions would not be active since there is no“internal” interface. This type of configuration is useful for VPNappliances, DNS servers, etc.
Auto Assign Procedure¶
For automatic interface assignment, first unplug all network cables fromthe system, then type a and press Enter. Now plug a network cableinto the interface that should connect to the WAN, and press Enter.If all went well, pfSense should know now which interface to use for theWAN. The same process may be repeated for the LAN, and any optionalinterfaces that will be needed. If a message is displayed such as Nolink-up detected, see Installation Troubleshooting for more informationon sorting out network card identities.
pfSense Default Configuration¶
After installation and interface assignment, pfSense has the followingdefault configuration:
Robert lafore data structures pdf free. WAN is configured as an IPv4 DHCP client
WAN is configured as an IPv6 DHCP client and will request a prefixdelegation
LAN is configured with a static IPv4 address of 192.168.1.1/24
LAN is configured to use a delegated IPv6 address/prefix obtained byWAN (Track IPv6) if one is available
All incoming connections to WAN are blocked
All outgoing connections from LAN are allowed
NAT is performed on IPv4 traffic leaving WAN from the LAN subnet
The firewall will act as an IPv4 DHCP Server
The firewall will act as an IPv6 DHCPv6 Server ifa prefix delegation was obtained on WAN, and also enables SLAAC
The DNS Resolver is enabled so thefirewall can accept and respond to DNS queries
SSH is disabled.
WebGUI is running on port 443 using HTTPS
Default credentials are set to a username of admin with passwordpfsense
Post-Install Tasks¶
After installation and assignment, a shell menu is presented on theconsole with a number of options. pfSense now is ready to be accessedvia the network, either on the LAN interface (if one is assigned), or onthe WAN interface in a single interface deployment.
Pfsense Iso Download
Connect to the GUI¶
Pfsense Installer Iso Or Img File
The WebGUI is used to configure the vast majority of items in pfSense.It may be accessed by any modern browser, though Firefox and Chrome arepreferred.
Pfsense Installer Iso Or Img 2
Connect a client PC to the LAN of the firewall and ensure it obtained anIP address. If it did not, it may be plugged into the wrong port.
Open a web browser and navigate to https://192.168.1.1/, using thedefault username admin and password pfsense to login.
The first visit to the WebGUI will be redirected to the setup wizard,which is also accessible at System > Setup Wizard. Proceed throughthe wizard and configure things as desired.
Installation Troubleshooting¶
Pfsense Installer
If the installation did not proceed as planned, see InstallationTroubleshooting for help.
Additional Information¶
Pfsense Installer Iso Or Img Download
For additional information on Installing pfSense, see the Installing and Upgradingsection. The pfSense Book and pfSense Hangouts on Youtube also cover a variety of relevanttopics.