Virtualizing pfSense - Pros and Cons to Consider

1 minute in and I wanna scream at you. Not everyone knows wtf words you're using. I JUST WANT TO TURN MY OLD DELL INTO A BASIC ROUTER. I shouldnt have to be a network engineer to do that! Use regular words people understand! I should be able to find a video here on YT that allows you to run PF sense as a router on a VM and everyone wants to just confuse you before you even start. t(^_^t)

All sysadmins who take their job seriously, should seriously consider learning and moving to Linux instead of fudging around with Hyper-V and other Mickeysoft products. I really can't take these videos seriously anymore when wannabe sysadmins think they can "learn" from messing around with Windows.
You don't control your own product, you don't even own your own data and on top of that, you need to pay an arm and a leg for all the required licenses (assuming you don't crack your way into an illegal copy - which again, a pro sysadmin would never do).
Oh, did I forget again that you don't even own your own HARDWARE? It's the same Mickeysoft who dictates what you can and cannot do with it, when you have to upgrade and blah blah blah... could go on for so long. Long story short... M$ is a waste of breath.
At least you're choosing a very fine quality firewall/router.

Wow, so well done! Thanks for posting, man! Very helpful.

Hey question, are you still visualizing pfsense? im thinking of the same right now

what is up with the high pitch chirping..... or do you have a smoke detector with a bad battery...

Thanks for your videos. I want to use pfsense with two wireless cards (1 for secondary WAN and the other as a secondary LAN AP), but Hyper-V Server 2019 refuses to allow me to add any wireless cards to virtual switches. Has anyone added wireless cards to virtual switches in the free Hyper-V 2019 server? Will any other Type 1 hypervisor allow wireless cards like what I want to do? Thanks in advance!

Just a heada up Proxmox is just a fancy GUI on top of KVM

ONE MORE great video good job :) make my day

Hey quick question.. so my server has 2 nics its runing server 2019 and by using hyper v what am i supposed to set for the pfsense vm as network? It does not make sense to use private as than how will other devices connect to it such as host? Than again using external exposes the host to the internet? Can you clarify that please?

i try to virtualize and i dont have enough nics!!! LOL im going to buy 2 nics, great video mate!!! grettings from mexico

I am watching this now as I am thinking of doing the same thing. I was using a mini-pc type thing with a VIA CPU on it with PFSense running off a Compact Flash card for a while, but I found the RAM was the bottle neck on that as it maxed at 512MByte. It was very power efficient though as the mini-PC was originally designed as a Satallite thin client. I am looking at virtualising it all now as I am running a couple of servers now, one for BlueIris, which is Windows based and resource hungry, so it makes more sense for me to virtualise everything given the more powerful box is runnign 24/7 anyway. I was thinking of running ProxMox just for simplicity at home.
What are your thoughts on this?

Nice setup but what if you want to use vlans on the LAN side of your virtual switch eg: if you have a managed switch behind your Virtual switch via the servers NIC how would the vlans comunicate ?

good thing I found your channel

Many thanks for that ! Great work!

I've been running a firewall virtually on ESXi similar to this for years now. I ran IPfire virtually for years but just recently switched to pfSense. I like running it virtually and it's great for a home network. I have the ability to quickly provision and test new firewall distros if I want to.

Gaylord tech :DD

How did you create the LAN virtual switch for pfSense? Is it on the Internal network or external network virtual swithch?

hey! just asking why you do record the sound with this low quality?

I like the way you describe pfsense as the swiss army knife of networking! thats great!


BTW - If you are use Microsoft Hyper-V Server (Hypervisor only) you can use 10GbE Nics, if there is driver support. That hypervisor has no GUI unfortunately but can be setup to be managed using the standard mstoolset from a Win10Pro machine.


If Hyper-V see the 10GbE Nics and the drivers work, you got 10gig networking - setup a virtual switch (external) linked directly to the Nic, then attcah to VM, boot pfsense and you are good to go. pfsense will only see what ever virtual network adapters the hypervisor presents to it, so for this sceanrio, no issues.


If there are no linux drivers for the NIC for example and you load pfsense direct on to physical box, then this matters!


I selected a Broadcom 57xx series SFP+ Dual port PCI-e card for my setup as there are drivers for Windows Server 2008 R2 + 2012, 2012 R2, 2016 and 2019 that also work with the free Microsoft Hyper-V Server hypervisor only version. In to that I plugged my 2 x 10GbE Direct Attcah Copper cable, the in to a UniFi XG-16 switch - there you are 20GbbE aggregated LCAP Link to the switch.


Also, used in this setup is a QNAP NAS with sane dual port SFP+ NICs also bonded and connected to said switch.


Server is used was and old DELL T320 with a pair of SSDs for the OS only. iSCSI link to the NAS -where the VMs (VHDs) reside and run from. Hyper-V server just sees the NAS volume as a Local (iSCSI) Disk. data transfer rates are awsome!


All networking is done with VLANS through the UniFi XG-16 Switch.


Finally, my WAN link to the cable modem is made via 1Gig Ethernet to same XG-16 switch.


VLANs used - VLAN 0 (Default) & VLAN 10 (iSCSI) & VLAN 20 (WAN)
Server is VLAN Member of ALL VLANS
NAS see VLANs 10 only
VM running PFSense has 2 virtual NICs - one connected to VLAN 0, the other VLAN 20 for the WAN
VM Running UniFi controller has one virtual NIC on VLAN 0 (Default)
I could add another VLAN for a Guest Wi-Fi network if needed to very easily with this setup.


Granted this setup cost a fair few bucks, but it kicks ass! :-)

my setup is a hardware router (netgear nighthawk) running ddwrt. and a hardware firewall micro appliance running pfsense that i just setup. esxi hypervisor running a windows domain controller vm, plex vm, nagios vm and a couple other VMs for playing around with (windows, linux, kali)

im weary of running a firewall/router virtualized. im more old school and prefer (at least) my router to be hardware. firewall maybe acceptable as virtualized imo. however you did go over the cons of a virtualized firewall/router.

So after 2 years, what would you change? And would OpenBox be a better solution if you were using a Linus server and didn’t want to dedicate the whole box to PF? - great video. Thanks for the tips!

My experience virtualizing network appliances: set like 1-2vcpu tops, then set a reservation or set the hypervisor latency to low. When the VM is crunching lots of data the hyervisor will schedule time properly but if the network usage is low I've seen VMware & hypervisor unschedule the VM for longer causing multi millisecond latency. I especially find this on the F5 VM images

Can we create virtual instances or domains in pfsense

can we create virtual instances in pfsense?

Excellent video for a networking beginner, I learnt a lot. Thanks!

Should you have a dedicated hardware for pfSense? Otherwise, how are going ensure that you other VMs are secured?

Especially now you should be able to find plenty of used cheaper 10g or 40g switches that can do routing. Just not NAT or encrypted VPN and so on .. Pfsense can still do that part since Internet connections are waay unlikely to go over 1Gbps.

But he's using hyper-v tho

Hi, I can see where you put the links for information that you refer in video

Do you recommend virtualizing pfsense AND Freenas in the same computer? is of pfsense slower on a virtual machine???

Thanks dude.

I've got pretty much the same setup/networking running under ESXi. Works like a charm. ESXi has a free version btw. It's fine for this.
Nice video.

If you trust pfsense’s AV solution, you do deserve what is coming to you!

(I love pfsense, but I know how exactly it works. You should too!).

I did the same, HA pfSense virtualized.
But now I will change to educated software.
Why? If you have to ask, you still don’t have enough EXPERIENCE!!

Low volume

PFsense can't do 10Gb??? Why do they display options for 10Gbe cards during setup? I mean, why would it even recognize them?

Wasn't sure PFSsense would work in HyperV...it does. :)

Hi, Taylor Tech. Can i ask what network drawing tool/software you are using on 8:60?

Hi Taylor, great video. A tiny suggestion...if you are going speak in that low growl style then I suggest you bring the mic closer to you, else better change the low growl tone to a more clear one, as non-native English speakers will have to strain while listening.

Poor audio kwality

pfSense is definitely a go-to option. I have really taken a liking to Untangle. There’s some hate for it online, but it has been incredibly solid for me and very feature rich.

Why are you creating a Virtual Switch for each physical interface instead of giving the pfSense Virtual Machine direct access to the external interface if it's the only machine using that interface? (VSwitch0 and VSwitch1)

Hyper-V, lol.

Can you do 10GBE on ipcop instead of pfsense?

Gday. Any chance you can list the hyper options besides Microsft hyperv in the info tab please , thanks in advance