07.06.2023

Connecting the PFSense 2.4 Server to the Network

This is a guide on how to connect a PFSense 2.4 server to the network on Serverspace using the command line and the web interface.

Let's install the PFSense virtual server on an isolated network. First, you must connect the server to the isolated network in the Control Panel. Click on Networks in the vertical menu on the right, select the desired network (or create a new one) and connect the server. The server must be switched off while connecting.

Connecting server to network

Connecting PFSense via Command Line

Turn on the server and open a terminal as root by clicking on “Web Console” and typing in login and password.

Setup When You Have DHCP Disabled.

In the pfSense user menu, enter an option 1 (Assign Interfaces).

Enter an option: 1.

Enter “y” to confirm the network configuration.

Valid interfaces are:
vtnet0 ca:04:d7:1a:3c:a1 (up) VMware VMXNET3 Ethernet Adapter
vtnet1 ca:04:8e:66:d4:47 (down) VMware VMXNET3 Ethernet Adapter
Do VLANs need to be set up first?
If VLANs will not be used, or only for optional interfaces, it is typical to say no here and use the webConfigurator to configure VLANs later, if required.
Should VLANs be set up now [y|n]? y

In some cases it is possible to optionally set the parent interface name for the VLAN. If you do not know what value to specify, press Enter.

 

VLAN Capable interfaces:
vtnet0 ca:04:d7:1a:3c:a1 (up)
vtnet1 ca:04:8e:66:d4:47
Enter the parent interface name for the new VLAN (or nothing if finished):

Enter the name of the external interface. This interface is already configured.

If the names of the interfaces are not known, auto-detection can be used instead. To use auto-detection, please disconnect all interfaces before pressing 'a'; to begin the process.
Enter the WAN interface name or 'a' for auto-detection (vtnet0 vtnet1 or a): vtnet0

Enter the name of the local interface. It will be configured afterwards.

Enter the LAN interface name or 'a' for auto-detection
NOTE: this enables full Firewalling/NAT mode.
(vtnet1 a or nothing if finished): vtnet1

Press “y” to confirm the interfaces assignment.

The interfaces will be assigned as follows:
WAN -> vtnet0
LAN -> vtnet1
Do you want to proceed [y|n]? y

The following entry will be displayed on the command line after successful saving of the settings.

Writing configuration...done.
One moment while the settings are reloading... done!
VMware Virtual Machine - Netgate Device ID: XXXXXXXXXXXXXXXXXXXXXX
*** Welcome to pfSense 2.4.2-RELEASE-p1 (amd64) on pfsense24 ***
WAN (wan) -> vtnet0 ->; v4: XXX.XXX.XXX.XXX/24
LAN (lan) -> vtnet1->

To set the IP address of the LAN interface, enter an option 2 (Set interface(s) IP address).

Enter an option: 2

Enter the number that corresponds to the type of the interface you want to configure.

Available interfaces:
1 - WAN (vtnet0 - static)
2 - LAN (vtnet1)
Enter the number of the interface you wish to configure: 2

Enter the local IP address on the network specified in the control panel, in our case it will be 10.0.0.3.

Enter the new LAN IPv4 address. Press ; for none:
> 10.0.0.3

Specify the subnet mask.

Note: The subnet mask specifies a fixed part of the address and impacts the network capacity (number of available addresses). It is specified as the number of bits that do not change from address to address. For example, 24 is equivalent to writing "255.255.255.0" and represents 256 available (254 working) addresses.

Subnet masks are entered as bit counts (as in CIDR notation) in pfSense.
255.255.255.0 = 24
255.255.0.0 = 16
255.0.0.0 = 8
Enter the new LAN IPv4 subnet bit count (1 to 31):
> 24

In the next two steps, press Enter.

For a WAN, enter the new LAN IPv4 upstream gateway address.
For a LAN, press for none:
>
Enter the new LAN IPv6 address. Press for none:
>

Press “n” when asked if you want to enable the DHCP server on the LAN.

Do you want to enable the DHCP server on LAN? (y/n) n

Press Enter to finish.

The IPv4 LAN address has been set to 10.0.0.3/24
You can now access the webConfigurator by opening the following URL in your web browser:
http://10.0.0.3/
Press to continue.

After a successful IP address assignment, the following entry will be displayed.

WAN (wan) -> vtnet0 -> v4: XXX.XXX.XXX.XXX/24
LAN (lan) -> vtnet1 -> v4: 10.0.0.3/24

Setup When You Have DHCP Enabled:

To obtain an IP address dynamically, option 8 (Shell) must be selected.

Enter an option: 8

Execute dhclient command with local interface name.

dhclient vmx1

Use the ifconfig utility to see the IP address and settings that were obtained.

Connecting via the Web Interface

Go to the control panel of the pfSense interface and enter the login and password indicated under the web address.

To add a LAN interface, select Interfaces in the horizontal menu and then click on Assignments.

Assignments menu in Pfsense

In the appeared window, select the required interface, click Add, and save the selected parameter by clicking on Save.

To configure the interfaces, select Interfaces, then LAN.

Select Enable interface in the appeared window.

Enable interface in pfsense

Setup When DHCP is disabled.

In the IPv4 Configuration Type field, select Static IPv4.

In the IPv4 Address field, specify the local network address and mask. Save your changes by clicking Save at the bottom of the window.

Note: the subnet mask defines a fixed part of the address and impacts the network capacity (the number of available addresses). It is specified as the number of bits that do not change from address to address. For example, 24 is equivalent to writing "255.255.255.0" and represents 256 available (254 working) addresses.

 

Apply the saved changes by clicking Apply Changes.

Setup When DHCP is enabled.

In the IPv4 Configuration Type field, select DHCP. Save the changes by clicking Save, then Apply Changes.

The assigned IP address is displayed at the bottom of the main page to the right of the system information.