How to Install pfSense on Proxmox

  • Post author:WunderTech
  • Post published:July 21, 2022
  • Post last modified:October 18, 2024
  • Post category:pfSense / Proxmox
  • Reading time:20 mins read
  • Post comments:0 Comments

In this tutorial, we’re going to take a look at how to install pfSense on Proxmox. pfSense is a free and open-source firewall and router that can be run inside Proxmox as a virtual machine.

One of the many benefits of running pfSense inside of Proxmox is that you’re able to take snapshots and backups right before upgrades. This gives you an incredibly easy rollback plan in case anything goes wrong.

When an update is released, you can take a snapshot of the system, run the update and if something doesn’t work, quickly and easily roll back to the snapshot. This is a tremendous benefit and is a great reason to run pfSense inside of Proxmox.

The links below are Amazon affiliate links which means that I earn a percentage of each sale at no cost to you. Thank you for your support.

Another benefit of running pfSense inside of Proxmox is that you can purchase a reasonably priced Intel I350 NIC (or one of many other NICs) that works great with pfSense and have a fully functional router and firewall virtualized directly on your Proxmox server. Please keep in mind that you can always purchase hardware directly from Netgate.

How to Install pfSense on Proxmox

Before we look at how to install pfSense on Proxmox, ensure that you have a NIC installed in your Proxmox server as we’ll have to use this to pass it through to our pfSense virtual machine.

Step 1: Configuring Proxmox

1. Download the latest AMD64 DVD Image (ISO) installer from the pfSense website.

downloading the latest pfsense iso image.

2. Upload the ISO that was just downloaded to the Proxmox server.

how to install pfsense on proxmox - uploading the pfsense iso image to proxmox.

3. Select Create VM in the top right corner.

creating a vm in proxmox.

4. Give the VM a name, then check off start at boot. Select next to proceed.

adding a vm id and name to proxmox.

5. Select the pfSense ISO image and then select next.

selecting the pfsense ISO image in proxmox.

6. In the Disks section, select the correct storage location, leave the disk size as 32GB (you can change this if you’d like), and select next.

adding a hard disk in proxmox for pfsense.

7. Set the CPU cores that you’d like to use, then select next.

adding a CPU and total cores in proxmox.

8. Set the total amount of memory that you’d like to use, then select next.

setting the amount of memory for pfsense to use in proxmox.

9. In the network section, select no network device, then select next.

How to Install pfSense on Proxmox

10. In the confirm section, ensure that start after created is not selected, then click finish.

reviewing the VM settings before finishing the container.

10. In the newly created virtual machine, select hardware, then add, and then PCI device.

adding a PCI device to proxmox.

11. This step will be different for everyone. Mainly because the NIC that you’re using will determine what is listed in the PCI device section.

The goal is to add the NIC to the pfSense virtual machine, but you might have to add each individual port (this will be different based on the NIC you’re using).

One port will be used as the WAN (connected from the modem) and one will be for the LAN (connecting from the server to the Switch). Add the NICs and then ensure that the ethernet cables are plugged in properly (Modem to one port and the Switch to the other port).

adding a WAN and LAN device to Proxmox for pfsense to use.

12. You can now start the virtual machine and monitor the console!

starting the virtual machine.

Step 2: Setting up and Configuring pfSense

Now that our Proxmox configuration is set up, we’re going to shift over to the pfSense setup. This will be done through the console inside of Proxmox.

1. Accept the copyright and trademark notices if you agree.

accepting the pfsense terms and conditions.

2. Select install pfSense.

install pfsense option.

3. Select a keymap, or continue with the default.

defining a keymap to use in pfsense.

4. Select Guided Root-on-ZFS then select OK.

selecting the partition type to use in pfsense.

5. Select install to proceed with the installation.

installing pfsense after confirming settings.

6. At this step, you can select strip – no redundancy. If you’d like to use redundancy, you can modify that here (though your initial setup will be different than this tutorial).

select the type of redundancy to use in pfsense.

7. Select the hard disk and then OK.

select the hard disk to install pfsense on.

8. If you’d like to proceed, select yes.

final confirmation that pfsense will destroy any data on the hard disk.

9. The pfSense operating system will now be installed!

pfsense install progress.

10. Select no at the manual configuration page.

selecting no to not manually configure the settings in pfsense.

11. Finally, reboot the system.

rebooting pfsense install.

Step 3: WAN/LAN Setup for pfSense

At this point, our virtual machine is set up and configured and the pfSense operating system is fully installed. The final step is to ensure that our interfaces are set up properly inside of pfSense so that we can access the web management console.

1. Your WAN and LAN will automatically be assigned IP addresses (assuming that the ethernet cables are plugged into each port).

If this information is correct, you can access pfSense by navigating to the LAN IP Address. Please keep in mind that your current device must be on the same subnet in order to access it (in this example, the device’s IP address must be 192.168.1.X).

accessing the pfsense shell in proxmox.

2. If it’s not correct, select 2 to access the assign interfaces section, then enter the interface number that you’d like to configure.

setting interface ip addresses in proxmox.

3. The steps will be different based on if you selected the WAN or LAN interface, but you’ll have to go through and set it up how you’d like it to be configured.

NOTE: If you don’t have a WAN IP address, reboot your modem, then reboot pfSense.

defining the LAN interface in pfsense.

4. At the final question, select n to continue using HTTPS for the web configuration.

selecing no to not revert to HTTP (instead of HTTPS).

5. Everything will reload and you’ll be able to access your pfSense web management console using the LAN IP address! Please make sure that the device you’re currently on is on the same subnet as the LAN subnet that you chose (or has a route to it). If you’re not, you will have trouble accessing it.

NOTE: Once again, if the WAN configuration doesn’t appear to be getting an IP address, restart your modem, then restart pfSense.

https://LAN_IP_ADDRESS
the pfsense login page.

Step 4: pfSense Firewall Setup Process

1. Login with the information specified below:

  • pfSense Default Username: admin
  • pfSense Default Password: pfsense
logging into pfsense with the username admin and password pfsense.

2. The next steps will walk us through our pfSense configuration!

pfsense initial configuration.

3. Select next until you get to the hostname, domain, primary, and secondary DNS section. Populate these settings as you’d like, then press next.

defining the DNS servers to use in pfsense.

4. Select a time server.

setting a time server in pfsense.

5. Leave the WAN configuration as DHCP, then select next.

setting how to get an IP address from the WAN interface.

6. Modify the LAN configuration if necessary.

determining the local network to use in pfsense.

7. Change the password for the admin user.

changing the web GUI admin password.

8. Select reload to reload the web GUI.

reloading the pfsense settings after configuration.

9. When it reloads, pfSense will be ready to use! At this point, you can run through configuring it or setting up various different packages.

Step 5: Further pfSense Configuration Changes

To further enhance the setup and functionality of pfSense on Proxmox, you can now implement various different things. Here are a few examples:

  • Configure port forwarding to expose various services and separate the traffic by utilizing VLANs and/or a DMZ.
  • Configure a VPN using WireGuard, OpenVPN, or even Tailscale (if you don’t want to utilize port forwarding) to access your local network from outside networks.
  • Configure firewall rules to ensure that access is managed properly.
  • If you have a dynamic external IP address, configure DDNS to ensure you’re always connecting back to your external IP utilizing DuckDNS (free) or Cloudflare.

Step 6: Configuring Backups for pfSense

Now that we looked at how to install pfSense on Proxmox, you can configure backups inside of Proxmox. This is arguably the best reason to install pfSense on Proxmox as you can quickly take backups manually (before upgrades) or automatically and roll back extremely quickly if needed.

This will even allow you to stage upgrades, meaning you can restore your existing pfSense VM to a secondary VM, run the upgrade, ensure everything works properly, and roll back if you ever need to.

Conclusion & Final Thoughts on Installing pfSense in Proxmox

This tutorial looked at how to install pfSense on Proxmox! If you’d rather run pfSense on dedicated hardware, there are some great choices. However, running pfSense on Proxmox has a lot of benefits – particularly, updates. Having a full rollback plan for your router/firewall is extremely beneficial.

It’s also important to note that you can now install pfSense Plus on your own hardware, so comparing pfSense Plus vs. CE and installing the version you’d prefer is a great option.

Thanks for checking on the tutorial on how to install pfSense on Proxmox. If you have any questions, please leave them in the comments!

WunderTech

WunderTech is a website that provides tutorials and guides on various NAS, server, networking, and infrastructure-related topics. WunderTech is maintained by Frank Joseph, an IT professional with 14+ years of experience in corporate IT and application management. He focuses on sharing his experience with others on his WunderTech website and YouTube page. Frank holds a Bachelor of Science in Computer Information Systems and a master of Business Administration (MBA).

Leave a Reply