There is a point to this story, but it has temporarily escaped my mind...
Contact Me MyFaceBook MyLinkedIn MyGitHub MyTwitter

pfSense on Microsoft Hyper-V

I typically create an internal network on Hyper-V for my testing/lab environment. I like to use pfSense as a “firewall” between that internal network and the outside world. Microsoft has supported FreeBSD running as a guest on Hyper-V since May 2012. pfSense runs on a FreeBSD base, so it should have these supported drivers for Hyper-V. Unfortunately, pfSense 2.1 doesn't include the required drivers, so we're still stuck with Legacy NICs and other weird issues when pfSense runs as a Hyper-V guest. It is very unfortunate that an otherwise rock-solid fantastic firewall distribution would contain such an omission… Maybe I'll have to test some “Linux” based firewall products…

So, if you want to configure a pfSense Hyper-V guest, you'll have to stick with the 100Mbps limitation of the Legacy NICs and a little bit of time synchronization funkiness due to the Hyper-V Host CPUs entering into low power mode and pfSense not handling this all that well, resulting in a number of “calcru: runtime went backwards” error messages.

Installing pfSense - Create a Generation 1 Hyper-V Guest with one CPU, 512MB RAM, - Add two 2 Legacy NICs (de0 and de1). I usually assign de0 to the internal network and de1 to the external network. - Disable the Time Synchronization option. - Make a 4GB fixed VHDX file and assign the pfSense ISO as the DVD. - Start the VM - Choose the option to install to HDD and select the “easy” install. - Remove the ISO after the install and before the reboot happens. - After doing the initial network configuration, you'll need to open pfSense's console and select the shell option:

echo "ifconfig de0 down" >> /etc/rc.local
echo "ifconfig de0 up" >> /etc/rc.local
echo "ifconfig de1 down" >> /etc/rc.local
echo "ifconfig de1 up" >> /etc/rc.local
echo "kill `cat /var/run/`" >> /etc/rc.local
echo "dhclient de1"  >> /etc/rc.local
echo "sysctl kern.timecounter.hardware=TSC" >> /etc/sysctl.conf
chmod +rx /etc/rc.local
Copyright © 2019 by Julian Easterling. SOME RIGHTS RESERVED.
Privacy Policy              Terms of Use             

Creative Commons License
Except where otherwise noted, content on this site is
licensed under a Creative Common Attribution-Share Alike 4.0 International License.

All of the opinions expressed on this website are those of Julian Easterling and
do not represent the views of any of my current and previous clients or employers in any way.

If you notice an error on the site or content that has not been properly attributed, bring
it to my attention using the contact page and I will endeavor to fix it as soon as I can.

I accept no responsibility or liability for any damages incurred by following any of
my advice or by using any of the information on my site or of those sites that I link to.