Step by Step - Installing pfSense

OVERVIEW

The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality. pfSense software, with the help of the package system, is able to provide the same functionality or more of common commercial firewalls, without any of the artificial limitations. It has successfully replaced every big name commercial firewall you can imagine in numerous installations around the world, including Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astaro, and more.

pfSense software includes a web interface for the configuration of all included components. There is no need for any UNIX knowledge, no need to use the command line for anything, and no need to ever manually edit any rule sets. Users familiar with commercial firewalls catch on to the web interface quickly, though there can be a learning curve for users not familiar with commercial-grade firewalls.

Step 0 - Select the deployment type:

 pfSense can be installed both on a dedicated hardware or on to a virtual machine. pfSense is also available in the Azure and AWS Marketplaces. So the selection depends the requirements and the capabilities of the organization. Altough a dedicated hardware is not required, I recommend to install pfSense on a dedicated hardware just like a traditional firewall. The machine, going to be used, needs to have at least 2 seperate network cards on it. 

Step 1 - Preparing the host machine:

***** Find the latest stable version of the installer image: NETGATE Official Website

• If you are going to deploy the solution in an VmWare environment please follow these steps to create and mount the installer image:
  • Step by Step - Installing Server 2019 - superuser (kbsuperuser.com)

• If you are going to use a dedicated hardware, download the installer image to a USB Stick and make the media bootable via your favorite tools such as Rufus. 

Step 2 - Boot and Install pfSense:

Accept "Copyright and Distribution Notice" to continue installation.

Select "Install" and "OK" to install pfSense

Select the keymap and continue.

Select "Auto" and "OK" options for disk partition.

Wait installer to do its job.

Since we are not going to do any manual configuration now, select "No" and continue.

Reboot the server after all done.

Step 3 - Access Console and Configure Network:

We may start configuring the pfSense after rebooting the server. Follow these steps to configure pfSense,

Enter "2" in order to set IP Adresses to interfaces. In this step you need to enter the IP address and subnet masks (in CIDR notation) for both LAN and WAN interface. 

You may also configure pfSense DHCP after configuring the network settings. But DHCP and other settings can be done via web GUI.

Step 4 - Access pfSense using web GUI:

Write internal interface IP address and access the web GUI:

Enter "admin" as username and enter "pfsense" as password to sign in.

• Enter hostname, domain name and DNS Server and click next,
• Enter time server name and your timezone and click next,
• Configure the address for LAN Interface and click next,
• Change the current password with a strong password,
• Reload the system with current configuarations and see the image below.

After all basic configuration is done you may start to configure:

• Configure DHCP,
• Create and configure different zones for the systems and users,
• Create and configure access rules,
• Create users or configure authentication type for users etc.