pfSense Configuration
After the reboot, and the removal of the CD/USB media, pfSense will reboot into the newly installed operating system. By default, pfSense will pick an interface to set-up as the WAN interface with DHCP and leave the LAN interface unconfigured.
While pfSense does have a web based graphical configuration system, it is only running on the LAN side of the firewall but at the moment, the LAN side will be unconfigured. The first thing to do would be to set an IP address on the LAN interface.
To do this follow these steps:
- Take note of which interface name is the WAN interface (em0 above).
- Enter ‘1’ and press the ‘Enter’ key.
- Type ‘n’ and press the ‘Enter’ key when asked about VLANs.
- Type in the interface name recorded in step one when prompted for the WAN interface or change to the proper interface now. Again this example, ‘em0’ is the WAN interface as it will be the interface facing the Internet. use usable ip next to ip of gateway
- The next prompt will ask for the LAN interface, again type the proper interface name and hit the ‘Enter’ key. In this install, ‘em1’ is the LAN interface.
- pfSense will continue to ask for more interfaces if they are available but if all interfaces have been assigned, simply hit the ‘Enter’ key again.
- pfSense will now prompt to ensure that the interfaces are assigned properly.
- If the interfaces are correct, type ‘y’ and hit the ‘Enter’ key.
The next step will be to assign the interfaces the proper IP configuration. After pfSense returns to the main screen, type ‘2’ and hit the ‘Enter’ key. (Be sure to keep track of the interface names assigned to the WAN and LAN interfaces).
*NOTE* For this install the WAN interface can use DHCP without any problems but there may be instances where a static address would be required. The process for configuring a static interface on the WAN would be the same as the LAN interface that is about to be configured.
Type ‘2’ again when prompted for which interface to set IP information. Again 2 is the LAN interface in this walk through.
When prompted, type the IPv4 address desired for this interface and hit the ‘Enter’ key. This address should not be in use anywhere else on the network and will likely become the default gateway for the hosts that will be plugged into this interface.
The next prompt will ask for the subnet mask in what is known as prefix mask format. For this example network a simple /24 or 255.255.255.0 will be used. Hit the ‘Enter’ key when done.
The next question will ask about an ‘Upstream IPv4 Gateway’. Since the LAN interface is currently be configured, simply hit the ‘Enter’ key.
The next prompt will ask to configure IPv6 on the LAN interface. This guide is simply using IPv4 but should the environment require IPv6, it can be configured now. Otherwise, simply hitting the ‘Enter’ key will continue.
The next question will ask about starting the DHCP server on the LAN interface. Most home users will need to enable this feature. Again this may need to be adjusted depending on the environment.
This guide assumes that the user will want the firewall to provide DHCP services and will allocate 51 addresses for other computers to obtain an IP address from the pfSense device.
The next question will ask to revert pfSense’s web tool to the HTTP protocol. It is strongly encouraged NOT to do this as the HTTPS protocol will provide some level of security to prevent disclosure of the admin password for the web configuration tool.
Once the user hits ‘Enter’, pfSense will save the interface changes and start the DHCP services on the LAN interface.
Notice that pfSense will provide the web address to access the web configuration tool via a computer plugged in on the LAN side of the firewall device. This concludes the basic configuration steps to make the firewall device ready for more configurations and rules.
The web interface is accessed through a web browser by navigating to the LAN interface’s IP address.
