Installing pfSense behind my current router

September 28, 2015

I decided to test out pfSense behind my router so that I can play with it but not bother messing with my current setup as I like what I have. Yes I could use this as my main router, but I don't want to do that now since I'm just not familiar with it. I have also not seen any setups of this behind a router without this being the main router. This is not what I want to do at the moment. It's just going to be my dhcp and tester for services. With that said here's the setup.

- My Router - Virtual Server - pfSense VM

I have set up a vm for this router that will also be the dhcp. I started playing with it yesterday so I need to backtrack a bit.

I got the 64 bit iso and got that set up with the wan being xno. Unfortunately after I logged into the system, there was no lan and just a wan link and nothing worked the way I wanted it. So I decided to reset the whole thing and start over. This picture is from after I reset it but I wanted to show how I finally got both WAN and LAN to show up after resetting it without having to plug in a second cable.

Since this router is behind my other router I forgot that I don't need the wan port on it. So no second cable to plug into a second nic and I also want this on the same subnet of my current network. I want this to work along my current router and not be a second network. You can use the WAN port if you want to keep the networks separate.

The second time around I decided to assign WAN to xn1 instead of xn0. I then got the option to manually put in the manual IP I wanted to use. In the first install pfSense picked up an ip from the router but I could not ping it of course as there was no WAN connected there. This would assume you are running it directly instead of behind another router. In short this is why this setup didn't work. I'm not using the WAN on it, just the LAN. And for some odd reason my nic names I found where a bit backwards in their labeling vs what you actually see on the xen sonsole. Yes this was one of those really unique things I found on this motherboard. I also checked with the manual and sure enough, it was not matching there either.

Now that this got me back on track, I was now able to ping it without a problem so I went ahead and took out the dhcp from the router and left it on the pfSense. It's working like a champ now.

Here's what I actually saw once both nics got detected and I went through the setup. Obviously I won't be going through the whole downloading and setup process as that's the usual process. I want to cover what I ran into in order to actually make it work behind my current router.

Now that I am able to log into pfSense from the browser I noticed that I don't have the "packages" Option. So I can't really do much in terms of giving it other functions I wanted to try. I found out that if you're working off a live cd, you don't get this options. I thought I had installed it on the actual hard drive so I need to go through this process again.

I went back to my virtual server to see if I can do this or have to re-install it again. It looks like there's an option right above the prompt there. I think that looks like 99 so I'll go ahead and try this.

Unfortunately this brings me back to square one of the initial install, so I'll go ahead and do this for the third time. I must have missed this somewhere but live and learn. It's my first time playing with this software.

 So let the installation begin. Use the quick setup.

 Next screen is this.

 Setting up...

 Yes, use standard kernel. Remember, this is based on BSD not your other Linux distros.

 Next setup screen.

 It needs to reboot. Make sure to shut it down or bring down the vm before rebooting unless you want to start the live cd again.

 I had to shutdown the vm and eject the iso before I could move on after the hard drive install. It took a few rounds but I finally got this right.

The only problem with the setup screens are that they go way too fast to read them, so this is the reason I had to go through this a few times. Someone needs to slow that down so you can read what you need to do. If you have never used this type of installation media, you will just be lost trying to figure out what you need to do.

 Once I got rebooted I went into the web configuration. I had to log out then back in as I was already in it but with the live cd. It's hard to tell at times because the screens go by too fast. So these are the setup screens you need to go through. I just kept most of the defaults for now and made the changes where I needed them.

I skipped the screenshot of where you choose your ip address. Leave the WAN alone. The next thing I had to configure since I already have some things with static ip's, was the DHCP server range to my needs.

The cool thing now that it's installed on the hard drive vm which I thought I had done from the start. The packages option is now there so I can start adding whatever I want to use. Apparently there is a lot to learn here but now that I got through the install process I can focus on what some of the features are. This by no means is a how to do this or that but simple to get it installed in a hard drive and behind my current router so that it can work along my current setup and not disturb that too much.

 The system doesn't have any packages installed.

 But now, I can install only the ones I want or need.

Well I hope this was helpful. I just got my first support call because my dad the tester just went offline. LOL. It turns out I had to fix my upstream gateway. Now we're back online and things are good again. Okay this worked for a minute or two then the whole network doesn't have internet access. I did turned off the dhcp on the main router since I wanted to use the dhcp from pfSense but it's just not working now. I turned the WAN off too since I don't need that. So I had to turn that first dhcp back on in order to get back online. So this is still not working the way I hoped, but at least I can get back to the internet until I can read a little more on this. The pfsense just won't work for whatever reason. Anyway that's how far I have gotten on here. Make sure you take your time and don't go nuts changing things or you won't be able to get back online.

I thought I give it another go and try to see what else I could change to make this work. Unfortunately I got to the point where I had to shutdown the vm since I just could not get to do it. Once I did this I turned back the dhcp on the router but it took a dump. I just kept getting this page from the router that tells you settings have been updated and the page will now refresh, so I had to end up re-setting the router and bringing it back that way. Needless to say I had no luck getting the dhcp to work on it myself but getting it installed is not too bad. I'm still not quite clear on which nic you should assign the WAN and LAN. I don't think it matters if you only have one nic plugged it, but it seems to make a difference when you assign them at the beginning.  I did both and got slightly different things. When I set the WAN with the nic with 0 in it, the LAN nic was not showing up until I did the opposite on the later install. Either way I could not get the regular page to load when I got the page below.

In any case, if you use this as your main and only router, the install should be a little more straight forward. It didn't seem to like being behind the router in my case. I did spend most of the day reading and trying things out to try and get it going. I also had no packages or anything added. I did read others had issues with dhcp on different setups as well.

I should have clear this up. I was trying to get the dhcp to work of pfsense and not the router itself, but still keep the router doing everything else. I did set up the dns and gateway but that's where things just didn't go anywhere. pfSense just would not assign ip's even after I uncheck the service on the router. Well, there you go, at least you should be able to get it installed correctly.

No comments: