Menu
What's new
By:
Filters Better Search

pfsense in a VM?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

H

hyelton

Senior Member
Is it a good idea to run pfsense in a VM? and just dedicate 2 network cards to the VM? I have a small server an older custom build Core 2 Duo which is only mostly used as a file server. Could I install pfsense in a VM and it run good? Or is it just recommend to use dedicated hardware? I have another computer to use but its a lower end AMD from 2008
 
Yes,
hyelton said:
Is it a good idea to run pfsense in a VM? and just dedicate 2 network cards to the VM? I have a small server an older custom build Core 2 Duo which is only mostly used as a file server. Could I install pfsense in a VM and it run good? Or is it just recommend to use dedicated hardware? I have another computer to use but its a lower end AMD from 2008
Click to expand...

Yes, you definitely can. I am running it in an ESXi-hosted vm anyway.
But with the hardware you laid out there, I have some question marks. You should use an energy efficient config, the electric bill can be big if you use a desktop class setup. I haven't heard of any 2008-era AMD cpu that's energy efficient.
Also, assuming you'd want to use OpenVPN, you should look at one of the AES-NI capable processors - Avoton, Rangeley, Pentium N3700 - for hw accelerated encryption.
 
General guidance from experienced pfSense folks is not to run in a VM, basically due to security issues in the host platform - while pfSense is very secure, all of the hypervisors out there are under intense scrutiny right now by various security "researchers"...
 
sfx2000 said:
General guidance from experienced pfSense folks is not to run in a VM, basically due to security issues in the host platform - while pfSense is very secure, all of the hypervisors out there are under intense scrutiny right now by various security "researchers"...
Click to expand...

The virtual WAN NIC is the only one exposed to the internet. The traffic through it is obviously inspected by pfSense. The ESXi management NIC only has a private static IP and it's definitely separate from the virtual LAN NIC that serves the internal network. There's no direct link between ESXi and internet. I fail to see how security could be compromised here. The only port opened to the world is OpenVPN.

Forgot to mention that the mainboard I'm using has 4 gigabit NICs, which makes it easy to allocate one for each purpose.
 
Last edited:
some VMs can dedicate a physical component to a VM so if you were using VMware and running pfsense you could give the physical NICs to the OS and save 1 NIC for managing the VM. To do this you should at least get yourself a quad port server NIC and use onboard to manage the VM and the entire card to pfsense.
 
Those are just words of wisdom from the pfSense forum hivemind - obviously they're more experienced with this question and potential issues than many here...
 
I always allocated a physical NIC per VM when using Microsoft's VM. I think if I ran pfsense in a VM I would allocate 2 physical NICs for a VM with pfsense. NICs are cheap.
 
You must log in or register to reply here.

Similar threads

T
Router upgrade from VirginMedia Hub 3
Replies
7
Views
757
touchdownboy
T
slackjaw99
pfSense vs. OPNsense AFA offloading logging, database etc to other hardware
Replies
4
Views
1K
coxhaus
C
A
advice about pfsense/opnsense hardware: H87N-wifi
Replies
6
Views
1K
coxhaus
C
A
Confused about subnets and vlans
Replies
11
Views
1K
sfx2000
sfx2000
A
Splitting Wireguard between Router and client
2 3
Replies
53
Views
2K
ZebMcKayhan
Z
Similar threads
Thread starter Title Forum Replies Date
C Pfsense wins awards Routers 34
GHammer pfSense No More Without Paid Version? Routers 116
C Pfsense with newer CPUs Routers 22
C Att Fiber bypass for pfsense Routers 1
slackjaw99 pfSense vs. OPNsense AFA offloading logging, database etc to other hardware Routers 4
T pfSense/ OPNsense help Routers 111
A advice about pfsense/opnsense hardware: H87N-wifi Routers 6
M OPNsense vs. pfSense CE in 2023, what are your thoughts? Routers 8

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 816 (members: 13, guests: 803)
Top