pfsense - a few questions

Discussion in 'Networking & Security' started by Barometer, Apr 23, 2019.

  1. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    I'm pretty sure this has been asked (and answered) before but a "quick" search didn't turnip the answer I was looking for so....

    I want to install pfsense on a PC. I made the pfsense CD from a downloaded pfsense ISO file.

    Now, do I boot the PC with that Disc and will it then install on the hard drive in the PC ?

    Can I instead install it and run it from a Flash Drive?

    Reason I ask is because this PC has Windows10 installed on it and is one of my Primary every day work PC's and I do not want to harm the Windows install in any way.

    so, to use that PC anyway, would I need to remove the hard drive that's in it and install one specifically for pfsense only?

    Thanks
     
  2. IdiotInCharge

    IdiotInCharge [H]ardForum Junkie

    Messages:
    8,836
    Joined:
    Jun 13, 2003
    If you don't want to chance harming the existing operating system, then you should be looking into running pfSense in a VM with something like Virtualbox, or Hyper-V if you have a Pro version of Windows.
     
  3. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,373
    Joined:
    Oct 4, 2007
    Can we back up the truck for a second and ask what exactly you are trying to do? Why would you want to install pfSense on a workstation that you use for work?
     
    Ur_Mom and FNtastic like this.
  4. FNtastic

    FNtastic [H]ard|Gawd

    Messages:
    1,324
    Joined:
    Jul 6, 2013
    *BEEEEEP BEEEEEP BEEEEEEP*
     
    Cmustang87 likes this.
  5. harbingerofdoom

    harbingerofdoom Gawd

    Messages:
    772
    Joined:
    Apr 17, 2007
    this
     
  6. Ur_Mom

    Ur_Mom I'm Not Serious

    Messages:
    19,604
    Joined:
    May 15, 2006
    Are you just wanting to learn it? Install it as a VM. It really does no good using your production PC as the firewall if you're just booting into Windows. If you're installing it on a flash drive or other HDD, unplug your Windows 10 drive to make sure it's safe. It's doable to have both and dual boot, but with what you're asking, I don't know if I'd take the risk. Sounds like you should go the easy route first, then work up to learning how to set up the dual boot if needed.

    It can be installed to a flash drive. There is a memstick installation available on the pfSense website.

    But, it really comes down to why are you installing it and why are you installing it on your main PC as a secondary OS? It doesn't make a lot of sense to do it that way.
     
    Barometer likes this.
  7. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    I think this is exactly what I was looking for.
     
  8. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    I can see how I made this very confusing from the OP.
    My apologies.

    I do not want to install pfsense on the PC that runs windows.....well, not like it sounded in the OP.

    I just want to know if I needed to remove the harddrive that is in it completely and install a different hard drive in it before using that PC as a TEST for pfsense.

    You see, the problem is I need to TeST the quad network card I received before it is too late to send it back. If for any reason it does not work, I want to return it within the 30 day return period.
    Unfortunately, this particular windows10 PC is the only one I have that I can use as a Guinea Pig.

    At first I thought about just adding a second hard drive on which to install pfsense, but then decided that might not be a "safe" thing to do considering how important the hard drive containing the windows 10 OS is.

    All I want to do is use the PC for testing the Quad network card. Then I will remove the test hard drive, put the other one back in and restore it to be used as my regular working PC.

    I guess I was being lazy and didn't want to do all that typing and explaining at first.

    Also, I didn't really understand how pfsense installs. Now I know it is meant to be installed on a hard drive and used as an OS all unto itself.

    A lot of you guys have mentioned VMs. But a VM I thought was a space on the hard drive where another OS was installed that would allow you to install programs that normally will not run in the main OS.

    For example, I have had Linux machines with a windows XP VirtualMachine that allowed me to run windows programs inside Linux (sort of).
     
  9. IdiotInCharge

    IdiotInCharge [H]ardForum Junkie

    Messages:
    8,836
    Joined:
    Jun 13, 2003
    It isn't. You can run pfSense as your router, firewall, and more, as a VM. You'll probably not advised to do this unless you know what you're doing, but it does work.

    A VM can be anything. Can be the same as the host operating system. It's a way of segregating data as much as a way of running otherwise incompatible operating systems and applications.
     
  10. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    Dar n. Now I'm confused again.

    Why do I "need" a VM at all? Why not just install pfsense to a hard drive and use a dedicated PC as your firewall / router?
     
  11. IdiotInCharge

    IdiotInCharge [H]ardForum Junkie

    Messages:
    8,836
    Joined:
    Jun 13, 2003
    Because you are not really prepared to run pfSense directly on hardware- because you're using the hardware for something else.

    VMs are free, and since you're not going to have pfSense actually doing work, there's no need to take it any further.
     
  12. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012

    Ok.

    But I "Could" install it like that (on the hard drive) and use the PC dedicated like that "IF I wanted to ?

    Once installed, the PC will boot to pfsense...right?

    I do plan to use it as a firewall router on it's own dedicated PC soon.....just not yet.

    (That's why I bought the quad Network card.)
     
  13. Ur_Mom

    Ur_Mom I'm Not Serious

    Messages:
    19,604
    Joined:
    May 15, 2006
    Yes. That's how a lot of people use it. For testing it, a VM makes sense. For a dedicated firewall/router you can install it on a HDD or memory stick and boot directly to it (that's what I use for my firewall using an old Lenovo desktop with 2 NIC's).
     
    IdiotInCharge and Barometer like this.
  14. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    Awesome.

    Cloud of confusion has evaporated.
     
  15. IdiotInCharge

    IdiotInCharge [H]ardForum Junkie

    Messages:
    8,836
    Joined:
    Jun 13, 2003
    This depends on how the installer works- it's been a while, but most *nix operating systems will load grub, which then takes over as the bootloader for all operating systems. After installation, grub will let you choose which operating system to boot (Windows, pfSense, etc.).

    This is extremely common with Linux for those that want / need to run both on the system.

    It is not, however, recommended for someone not familiar with the process. While installers have gotten better, just as with a Windows installation, it is possible to destroy the existing operating system and lose all data. Do it on something expendable first.
     
    Barometer and Ur_Mom like this.
  16. FNtastic

    FNtastic [H]ard|Gawd

    Messages:
    1,324
    Joined:
    Jul 6, 2013
    Barometer likes this.
  17. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    I've used VirtualBox on Linux and have been a Linux user for at least 12 years. No problem with Grub or Linux command line and I've probably used most of the Grub manipulation tools out there. None of this is "new" to me....EXCEPT pfsense :)
    was programming in COBOL and FORTRAN in the 70's & early 80's. Majored in Computer science. (that education being the LEAST useful of ALL my real world experiences)
    I started with computers back in 70's.....my first was aTandy Model 1 level 1. 4K memory (total) haha

    How many of you guys have ever programmed a computer with paper punch cards? I have.... (lmao)

    I recall when an 8MB hard drive was considered unimaginably huge.

    anyway, I keep hearing the recurring theme that "if you don't know what you're doing".....
    I don't know pfsense......today

    But half the fun is breaking stuff....so you can then do some serious stuff AKA...learning to fix it.
    Just remember....backups are your best friend. I happen to LOVE Clonezilla
     
    Last edited: Apr 25, 2019
  18. Ur_Mom

    Ur_Mom I'm Not Serious

    Messages:
    19,604
    Joined:
    May 15, 2006
    Ok. Just some of your questions didn't really convey that you knew those things and were almost basic in nature. Just trying to watch out for someone if they were a newbie and didn't want them to screw things up.

    I think you're good, though. Just play with it and have fun.
     
    Barometer likes this.
  19. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    Another pfsense question......

    I don't know how much processing power and memory is needed.

    Would an AMD 64 3400 Single Core and 4 GB of RAM be enough if I was to put in front of a VERY light traffic server?

    I think I've read of people installing pfsense on some fairly old (older than this and less capable hardware) with no issues.
     
  20. IdiotInCharge

    IdiotInCharge [H]ardForum Junkie

    Messages:
    8,836
    Joined:
    Jun 13, 2003
    From a traffic, especially just routing perspective, absolutely. You want to do some real filtering, maybe or maybe not. But it should work.

    Only real question I'd have is whether pfSense has the drivers, and the only real way to answer that is to boot it up.
     
    Barometer likes this.
  21. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    So, installed pfsense on an AMD Athlon 64 x2 4200 machine and the install went fine.
    Configured all the interfaces (5) and am able to access the webconfiguration console

    Pretty nice. Still looking under the hood.
    So far, I still like the Watchguard Firebox Interface much better. (Haven't seen ALL of pfSense yet).... But my FB's are getting REALLY old so it's either spoon up the bug bucks for a newer one OR...learn to live with pfSense

    Having a bit of trouble allowing WAN traffic to the server. Note: I installed pfBlockerNG. All the NAT settings seem to be correct.
    All the rules seem to be correct.
    Just a matter of figuring out the quirks I suppose. In time.

    I create PASS rules, move them to the top (before the filtering rules) and STILL everything gets blocked.
     
    Last edited: May 6, 2019
  22. Barometer

    Barometer [H]Lite

    Messages:
    88
    Joined:
    Mar 25, 2012
    a little more than a week with pfsense now. Getting the hang of it.
    It certainly CAN replace the Firebox. In fact, it's running my network now and all seems well.

    If you found this thread because you're thinking about trying pfSense, I can tell you (now) that it's worth the time and effort.
     
    Last edited: May 6, 2019
    FNtastic and IdiotInCharge like this.