Installing pfSense on a Vultr Cloud Server
pfSense is an ideal tool for system administrators who are looking to add a broad range of features to their network. It is primarily an open-source router/firewall suite built on top of FreeBSD, but it also supports setting up a VPN or load balancer with just a few clicks. In this guide, we'll be looking at installing pfSense on a Vultr cloud server. I recommend a plan with at least 1 GB of RAM, however if you are on a budget, with some tweaking, a 512 MB plan might end up functioning as well.
Step 1: Uploading pfSense to Vultr
Vultr has pfSense available in its ISO Library, which can be chosen at the time of deployment. If you would like to use a different version of pfSense, you will need to upload the pfSense ISO file to Vultr before continuing. To upload an ISO, navigate to My Vultr, click "ISO" in the top bar, then click "Add ISO". Now enter the URL to your pfSense ISO. Wait for the ISO to be uploaded.
Step 2: Deploying a pfSense server
Navigate to My Vultr, click "Deploy New Server". Walkthrough the process like usual, but for "Server Type", select "Custom ISO" or "ISO Library". Deploy a new server. Wait for the server to become available.
Open the console for your server in My Vultr. Here you will see the progress for the pfSense installation. Because Vultr works with SSD drives, the installation will be relatively fast and you will see the following screen after some time:
We want to use the standard option "Quick/Easy Install". As this has already been selected, simply press Enter. If pfSense asks for a confirmation, press Enter again. Then you will need to select the kernel to use.
If you are unsure as to which kernel you should use, I recommend making use of the default kernel version.
After some time, pfSense will automatically reboot. This is somewhat confusing as after the restart, pfSense will start in the start screen which makes it look like you have to walk through the entire process again. However this is not necessary, navigate to "Reboot" with your arrow keys.
one thing to keep in mind is you must unmount the Custom ISO after the initial installation is complete so the instance can boot normally; otherwise, the instance will continuously enter the installation after each reboot:
- Visit your Vultr management page.
- Select the instance.
- Choose the "Settings" link near the top of the page.
- Click the "Custom ISO" link on the side.
- Select the 'Remove ISO' button.
The installation will now proceed in the console. Please match the questions with the appropriate letters as seen below.
Should VLANs be set up now? n Enter the WAN interface or "a" for auto-detection: vtnet0, press enter Enter the LAN interface name or "a" for auto-detection: press enter Do you want to proceed? y
You have now walked through the first part of pfSense's configuration. The actual configuration will be setup through the built-in
webConfigurator. This is a web interface used for administrating pfSense and accessing its tools. In order to use this tool, please navigate to the IP address of your Vultr server. You can find this IP address on the Vultr control panel.
Upon navigating to the
webConfigurator, you will see an SSL error. You can safely ignore this and proceed. The default user name is
admin and the default password is
pfsense. Enter this is in the login form and login.
Click "Next" to start the installation. I will guide you through this process step-by-step.
- Hostname: Do not enter an FQDN, but a general description such as "loadbalancer".
- Domain: Enter a domain name for your pfSense install.
- Primary & Secondary DNS server: If you are unsure as to which DNS server you should use, please use
- Override DNS: yes.
Time Server Information
pfSense uses a time server to determine the time. Leave this on the default setting. (Time server hostname: 0.pfsense.pool.ntp.org).
Configure WAN Interface
- SelectedType: DHCP.
- MAC Address: leave empty.
- MTU: leave empty.
- MSS: leave empty.
DHCP client configuration
Type the same domain name as you did at "General Information".
Set Admin WebGUI Password
Make sure to enter a strong password. This password will be used to access the pfSense web GUI.
Click "Click here to continue on to pfSense webConfigurator" to configure pfSense.
If for some reason you experience slow connectivity to your pfSense when downloading, go into
System > Advanced > Networking, and disable the following features:
- Hardware Checksum Offloading
- Hardware TCP Segmentation Offloading
The pfSense setup is complete. Congratulations, you are now able to use pfSense to its fullest extent on Vultr!