Archive for February 7th, 2014

Solution: Run a pfsense firewall on Microsoft Hyper-V Server

Friday, February 7th, 2014

Hello Folks,

this one is not IGEL related but maybe intresting, there is a really cool free firewall software called pfsense (http://www.pfsense.org/).

The firewall software is based on free bsd and comes with a lot of cool features but there is one problem… It will not work on Microsoft Hyper-V Servers regarding an issue with the free BSD network drivers but you can fix it. There are some solutions already available but none of same are really working well and/or require some manual actions after boot, so how can we fix it…

Create a new VM in the Microsoft Hyper-V and assign the pfsense ISO file for the installation, make sure to assign only “Legacy” Network Adapters to the VM. The virtual network cards in the VM are named like de0, de1 and so on.

After the installation perform the basic network setup and reboot the VM, the network adapters are not working at the moment so don’t connect to the Management GUI via HTTP. After the reboot open the VM and enter the pfsense console, one virtual network card should have a “working” internet connection! Enter the pfsense shell (Option 8) and type in here:

ifconfig de0 down (repeat this for every network card, like de1)
ifconfig de1 down
ifconfig de0 up
ifconfig de1 up
dhclient de0 (this command is only required for network cards using a DHCP address coming from an other DHCP server, repeat or skip like required)

Now open the HTTP based WebConfigurator coming with pfsense, the network cards should now work until a reboot is performed. Open the System->Packages->Available Packages Menu and install the “Shell Command” Service from here. After this is done open the Menu Services->Shellcmd and add the commands you have entered before in the shell here, keep the order like before and incl. also the dhclient commands if used before. Reboot the VM and everything should work now also together with the Hyper-V, no extra scripts or shell actions are required.

Cheers

Michael