Pfsense Installation
To install pfSense OS on hardware, download an installer image as described in this guide
Download Installation Media
· Navigate to www.pfsense.org in a web browser on a client PC.
· Click Downloads.
· Select a File Type of Install.
· Select an Architecture:
AMD64 (64-bit) -- For 64-bit x86-64 Intel or AMD hardware.
· Select a Platform for a 64-bit install:
USB Memstick Installer -- A disk image which can be written to a USB memory stick (memstick) and booted on the target hardware for installation.
CD Image (ISO) Installer -- To install from optical media or for use with IPMI or hypervisors which can boot from ISO images.
· Select a Console for Installer images:
VGA -- Installs using a monitor and keyboard connected to the target hardware.
Serial -- Installs using a serial console on COM1 of the target hardware. This option requires a physical console port.
· Select a Mirror that is close to the client PC geographically.
· Click Download.
Prepare Installation Media
Prepare a USB Memstick
The installation image downloaded in the previous section must first be transferred to the proper media.
The installation disk image is compressed when downloaded to save bandwidth and storage. Decompress the file before writing this image to an installation disk.
In order to write an image to a drive from a Windows workstation, use a GUI tool such as Win32 Disk Imager or Rufus
Win32 Disk Imager
· Download and install Win32 Disk Imager
· Start Win32 Disk Imager as Administrator
· Click the folder icon
· Navigate to the location of the decompressed installation media image
· Select the image
· Choose the target USB memstick drive from the Device drop-down
· Click Write
· Wait for the image to finish writing
Rufus
· Download and install Rufus
· Start Rufus as Administrator
· Choose the target USB memstick drive from the Device drop-down
· Select DD Image from the drop-down next to Create bootable disk using
· Click the CD-ROM icon next to Create bootable disk using
· Navigate to the location of the decompressed installation media image
· Select the image
· Click Start
· Wait for the image to finish writing
Prepare a CD/DVD
To use an ISO image file containing pfSense® software with an optical disk drive, the ISO image must be burned to a CD or DVD disc by appropriate writing software.
Windows 7 and later include the ability to burn ISO images natively without
extra software. On top of that, virtually every major CD burning software
package for Windows includes the ability to burn ISO images. Refer to the
documentation for the CD burning program. A Google search with the name of the
burning software and burn
iso
also helps locate instructions.
Burning with Windows
To burn a disc image natively in Windows 7 or later:
· Open Windows Explorer and locate the decompressed ISO image file
· Right click the ISO image file
· Click Burn disc image
· Select the appropriate Disc burner drive from the drop-down list
· Insert a blank CD or DVD disc
· Click Burn
Perform the Installation
Booting the Install Media
For USB memstick installations, insert the USB memstick and then power on the target system. The BIOS may require the disk to be inserted before the hardware boots.
For CD/DVD installations, power on the hardware then place the CD into an optical drive.
pfSense will begin to boot and will launch the installer automatically
Starting the Installer
First, the installer prompts to launch the Install process or a Rescue Shell. To continue installing, press Enter while Install is selected
The Keymap Selection screen is next. For most users with a standard PC keyboard, press Enter to select Continue with default Keymap
The Partitioning step selects the filesystem for the firewall’s target disk
· Select Auto (UFS)
· Select the target disk where the installer will write out the pfSense software, e.g. ada0. The installer will show each supported hard drive attached to the firewall, along with any supported RAID or gmirror volumes.
· Select Entire Disk
· Select Yes to confirm that the installer can overwrite the entire disk
· Select the partition scheme to use for the disk
Select Finish to accept the automatic partition layout chosen by the installer.
· Sit back, wait, and have a few sips of coffee while the installation process formats the drive(s) and copies pfSense files to the target disk(s).
· Select No when prompted to make final modifications.
· Select Reboot to restart the firewall
· Remove the installation media from the firewall during the reboot, when the hardware is starting back up but before it boots from the disk.
Congratulations, the pfSense software installation is complete!
pfSense Default Configuration
After installation and interface assignment, pfSense has the following default configuration:
· WAN is configured as an IPv4 DHCP client.
· WAN is configured as an IPv6 DHCP client and will request a prefix delegation.
· LAN is configured with a static IPv4 address of 192.168.1.1/24.
· LAN is configured to use a delegated IPv6 address/prefix obtained by WAN (Track IPv6) if one is available.
· All incoming connections to WAN are blocked by the firewall.
· All outgoing connections from LAN are allowed by the firewall.
· The firewall performs NAT on IPv4 traffic leaving WAN from the LAN subnet
· The firewall will act as an IPv4 DHCP Server
· The firewall will act as an IPv6 DHCPv6 Server if a prefix delegation was obtained on WAN, and also enables SLAAC
· The DNS Resolver is enabled so the firewall can accept and respond to DNS queries.
· SSH is disabled.
· WebGUI is running on port 443 using HTTPS.
· Default credentials are set to a username of admin with password pfsense.
Assign Interfaces
After the installer completes and the firewall reboots, the firewall software looks for network interfaces and attempts to assign interface mappings automatically.
If the firewall cannot automatically determine the network interface layout, it will present a prompt for interface assignment
After printing the network interface list, the firewall prompts for VLAN configuration. If VLANs are desired, answer y, otherwise, type n, then press Enter.
0 Comments