PfSense Firewall Configuration On VirtualBox: A Step-by-Step Guide

by Jhon Lennon 67 views

Hey guys! Today, we're diving into the world of network security by setting up a pfSense firewall on VirtualBox. Whether you're a budding network admin, a security enthusiast, or just someone who wants to beef up their home network's defenses, this guide is for you. We’ll walk through each step, making it super easy to follow along. So, let's get started!

Why pfSense and VirtualBox?

Before we jump into the how-to, let's quickly cover why we're using these two awesome tools.

  • pfSense: This is a free, open-source firewall and routing platform based on FreeBSD. It's incredibly powerful and offers a ton of features that you'd usually find in expensive commercial firewalls. Think VPN, traffic shaping, intrusion detection, and more. Plus, it has a web-based interface, making it relatively easy to manage.
  • VirtualBox: This is a virtualization software that allows you to run operating systems within your current OS. It's perfect for testing and experimenting without messing with your main system. Setting up pfSense in VirtualBox lets you play around with firewall settings and network configurations in a safe, isolated environment.

Prerequisites

Okay, before we get our hands dirty, make sure you have the following:

  • VirtualBox installed: If you don't have it already, grab the latest version from the VirtualBox website and install it.
  • pfSense ISO image: Download the latest pfSense ISO image from the official pfSense website. Make sure to choose the correct architecture (usually amd64 for modern systems).
  • A computer: Obviously! With enough RAM and CPU to run VirtualBox and pfSense smoothly. 4GB of RAM and a dual-core processor should be sufficient for testing.

Step-by-Step Configuration

Alright, let's get into the fun part! Follow these steps to configure pfSense firewall on VirtualBox.

Step 1: Create a New Virtual Machine in VirtualBox

  1. Open VirtualBox: Launch VirtualBox on your computer.
  2. Click "New": Click the "New" button to create a new virtual machine.
  3. Name and OS:
    • Name: Give your VM a descriptive name, like "pfSense Firewall."
    • Type: Select "BSD."
    • Version: Choose "FreeBSD (64-bit)".
  4. Memory Size: Allocate RAM to the VM. I recommend at least 1024MB (1GB), but 2048MB (2GB) is better if you have enough. Keep in mind your host OS needs memory too!
  5. Hard Disk:
    • Select "Create a virtual hard disk now".
    • Click "Create".
  6. Hard Disk File Type:
    • Choose "VDI (VirtualBox Disk Image)".
    • Click "Next".
  7. Storage on Physical Hard Disk:
    • Select "Dynamically allocated". This means the virtual disk file will only take up as much space as it needs, up to the maximum size you specify.
    • Click "Next".
  8. File Location and Size:
    • Choose a location for the virtual disk file.
    • Set the size to at least 8GB. pfSense doesn't need a lot of space, but it's good to have some headroom.
    • Click "Create".

Step 2: Configure Network Adapters

This is a crucial step for setting up pfSense as a firewall. We need at least two network adapters: one for the WAN (Wide Area Network - the internet connection) and one for the LAN (Local Area Network - your internal network).

  1. Select the VM: In the VirtualBox window, select your newly created pfSense VM.
  2. Click "Settings": Click the "Settings" button.
  3. Go to "Network": In the settings window, go to the "Network" tab.
  4. Adapter 1 (WAN):
    • Attached to: Choose "NAT". This will allow the VM to access the internet through your host computer's internet connection. The NAT (Network Address Translation) adapter is the simplest way to provide internet access to your pfSense VM.
    • Make sure "Enable Network Adapter" is checked.
  5. Adapter 2 (LAN):
    • Click "Adapter 2" tab: Enable the second network adapter by checking the box labeled "Enable Network Adapter".
    • Attached to: Select "Internal Network". This will create a private network between your pfSense VM and any other VMs you connect to it. Internal Network is ideal for creating an isolated testing environment.
    • Name: Give it a name, like "LAN". Make sure other VMs use the same name to connect to this network.
  6. Click "OK": Save the settings.

Step 3: Install pfSense

Now it's time to install pfSense on the VM.

  1. Select the VM: In VirtualBox, select your pfSense VM.
  2. Click "Start": Click the "Start" button to power on the VM.
  3. Select Start-up Disk:
    • A window will pop up asking you to select a start-up disk.
    • Click the folder icon and browse to the pfSense ISO image you downloaded.
    • Select the ISO file and click "Open".
    • Click "Start".
  4. pfSense Boot Menu: The VM will boot from the ISO image and you'll see the pfSense boot menu. Just let it boot automatically, or press Enter to start the installation.
  5. Installation Process:
    • Accept the License: Read and accept the license agreement.
    • Choose Installation Option: Select "Install pfSense".
    • Keymap Selection: Choose your keyboard layout. Usually, the default is fine.
    • Partitioning: Select "Auto (UFS)" for automatic partitioning. This is the easiest option for most users. If you're comfortable with manual partitioning, you can choose that option instead.
    • Do you want to destroy the data? Select "Yes". This will erase the virtual hard drive and install pfSense on it.
    • Final Configuration: After the installation, you'll be asked if you want to make any manual configuration changes. Select "No".
    • Reboot: Once the installation is complete, you'll be prompted to reboot the system. Select "Reboot".

Step 4: Configure Interface Assignments

After the reboot, pfSense will automatically detect the network interfaces. You'll need to assign them to the WAN and LAN interfaces.

  1. Interface Assignment: After the system boots, it will ask you if you want to set up VLANs. Type n and press Enter.
  2. Interface Names: pfSense will then try to automatically detect the interfaces. It will then ask you to enter the WAN interface name. This is where it can get a little tricky, because the interface names might not be immediately obvious. However since we only have two interfaces, it will give you a choice of vtnet0 and vtnet1. One of those is WAN (our NAT adapter) and one is LAN (our Internal Network adapter). We will assign them, and then later double-check using the WebGUI to make sure we have them correct. If you get them backwards, it is easy to swap them in the WebGUI.
    • Enter vtnet0 and press Enter. This will be our WAN interface, because that is the first interface VirtualBox presents to the VM.
    • Then it will ask you to enter the LAN interface name. Enter vtnet1 and press Enter.
  3. Confirm Assignments: pfSense will show you the interface assignments and ask you to confirm. Type y and press Enter.

Step 5: Access the pfSense WebGUI

Now that pfSense is installed and the interfaces are configured, you can access the web-based interface to manage the firewall.

  1. Find the LAN IP Address: After the interface configuration, pfSense will display the LAN IP address. By default, it's usually 192.168.1.1. This is the IP address you'll use to access the webGUI.
  2. Access from Another VM: If you want to access the webGUI from another VM connected to the LAN network, you will need to set up the other VM. The easiest way to do that is to set the other VM's adapter to Internal Network, and give it the same name as the pfSense LAN interface (e.g.