Netgate SG-1000 microFirewall

Author Topic: Pfense as VM on a host machine?  (Read 957 times)

0 Members and 1 Guest are viewing this topic.

Offline Numenor

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Pfense as VM on a host machine?
« on: April 16, 2017, 11:07:50 pm »
So I am planning to run Pfsense as my router at my house. I plan to put pfense on a virtualbox vm, while the host machine is running Windows 10.  Then have the host machine directly connected to the modem.

My host machine has have 5 NIC ports. 1 from the motherboard, and 4 ports from a NIC card. The mobo nic is plugged into the modem, and the first port on the NIC card is assigned as LAN, and the other 3 ports are assigned as optional interfaces. In virtualbox all ports are assigned as corresponding bridge adapters.

Does the network traffic going in and out of the host OS bypass the VM instance of Pfsense or does Pfsense intercept everything? If in the current setup the host OS is bypassing pfsense, is it possible for me to route all the host traffic through Pfsense vm?

Offline duren

  • Jr. Member
  • **
  • Posts: 44
  • Karma: +3/-0
    • View Profile
Re: Pfense as VM on a host machine?
« Reply #1 on: April 17, 2017, 07:19:47 am »
I did this for more than a year and it worked well.

Any NIC I wanted pfsense to use, I believe I set to bridge mode in virtual box and I made sure the host didn't use it / have any IP assigned.

My host OS however was Ubuntu 12.04.

Essentially you're setting the NICs to work in pass through mode where the OS is not using them.

One annoying observation was that while idling, there was CPU virtualization overhead of 6%, so that's what the load always showed. This however could be environment or virtual box version specific.

Another benefit you get is the ability to snapshot so if you upgrade pfsense and if it blows up, you're back in business pretty fast.

I also set up a fallback to my router such that if anything happened to the VM, the router automatically took over and devices on the network were non the wiser.

Offline ravnos_kun

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Pfense as VM on a host machine?
« Reply #2 on: April 18, 2017, 12:07:13 pm »
This tutorial is a bit old and for Windows 7 but explains in details the process of routing all traffic through a pfSense VM in virtualbox:

http://timita.org/wordpress/2011/07/29/protect-your-windows-laptop-with-pfsense-and-virtualbox-part-1-preamble/

Offline Numenor

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Pfense as VM on a host machine?
« Reply #3 on: April 18, 2017, 08:37:09 pm »
This tutorial is a bit old and for Windows 7 but explains in details the process of routing all traffic through a pfSense VM in virtualbox:

http://timita.org/wordpress/2011/07/29/protect-your-windows-laptop-with-pfsense-and-virtualbox-part-1-preamble/

Ironically I found that article a couple of hours after I posted my thread.

But thanks for the responses anyways.

Offline Mats

  • Jr. Member
  • **
  • Posts: 74
  • Karma: +7/-1
    • View Profile
Re: Pfense as VM on a host machine?
« Reply #4 on: April 21, 2017, 01:42:31 pm »
are you on W10 pro or better?
if so you got hyper-v available and in my eyes it's better for this jobb