PfSense on Hyper-V

Versions used: PfSense 2.0-RC3 and Hyper-V on Windows Server 2008 R2

Prerequisites:

  • experience in working with Hyper-V on Windows Server 2008 R2
  • working Hyper-V installation with working network connection
  • dedicated secondary physical network card in the Hyper-V host machine for the WAN connection
  • some experience setting up PfSense

 

1. Set up the networking part
Fire up the Hyper-V management console, select your HyperV machine and under Actions select Virtual Network Manager. Add a new virtual network, selecting the dedicated second network interface as the external connection type. Clear the checkbox before “Allow host OS to share this adapter”. I’ll refer to this network as Lan2. We’ll call the first one Lan1.

2. Create the VM
Create a new VM with a 9GB virtual disk. If you keep the default size of 127GB, PfSense 2.0-RC3 will be unable to format it. I haven’t tested any other sizes; 9GB worked for me. Set it to boot from the PfSense ISO.

Right-click the PfSense VM, choose Settings and remove the network adapter. PfSense 2.0-RC3 won’t recognize the default network adapter. Add two Legacy network adapters. Set their mac addresses to AA-AA-AA-AA-AA-AA for Lan1 and AA-AA-AA-AA-AA-BB for Lan2 for easy recognition. Do not check VLAN identification.

3. Start the VM
Start the VM. Install PfSense. After installing, disconnect the ISO and reboot.

4. Work around a networking bug
Note your WAN interface doesn’t get a dhcp address and you can’t ping the LAN address. Resetting the interfaces and re-requesting a dhcp address fixes this. Drop into the shell (choose option 8 from the menu) and use Vi to create /usr/local/etc/rc.d/startup.sh (note that my WAN interface is de0; check which one is yours):

	ifconfig de0 down
	ifconfig de1 down
	ifconfig de0 up
	ifconfig de1 up
	dhclient de0

(Courtesy of http://forum.pfsense.org/index.php/topic,30760.msg163707.html#msg163707).

Add execute rights to the script:

	#chmod +rx /usr/local/etc/rc.d/startup.sh

Reboot. It takes a while for PfSense to boot because the WAN interface is not connected during boot.

Note that Hyper-V’s Legacy network adapters are only 100Mb. If your internet connection is faster than that I recommend you try VirtualBox.

Apparently FreeBSD 8 has a problem with AMD 64 processors which prevents them from booting in virtual environments. A workaround is to choose option 7 “Escape to loader prompt”, then type:

	set hw.clflush_disable=1
	boot

Install PfSense.

After the installation, use the same trick to boot into PfSense, choose option 8 to get on the command prompt and do

	vi /boot/loader.conf

Add this line:

	hw.clflush_disable="1"

Thanks to wmlaros for his forum post on this.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to Top