Installing and Configuring pfSense Firewall on AceCloud (via OpenStack Horizon)

Step 1: Download pfSense ISO Image

  1. Visit the official pfSense download page: https://www.pfsense.org/download/

  2. Select the following options:

  3. Installer: CD Image (ISO) Installer

  4. Proceed with checkout (amount will be $0). Create an account if prompted.

  5. Once downloaded, extract the compressed file using 7-Zip to obtain the raw ISO image.

Step 2: Upload ISO to AceCloud Horizon

  1. Log in to your AceCloud Horizon dashboard.

  2. Navigate to Project → Compute → Images.

  3. Click Create Image:

  • Name: pfSense ISO

  • Format: ISO

  • Image Source: File

  • Upload the extracted .iso file.

  1. Complete the creation process.

Step 3: Launch an Instance for pfSense Installation

  1. Navigate to Project → Compute → Instances.

  2. Click Launch Instance:

a. Use the pfSense ISO as the source image.

b. Select a flavor with a minimum of 2 vCPUs and 2 GB RAM.

c. Attach two NICs:

1. One public network interface (WAN)

2. One private/VPC interface (LAN)

d. Under Volumes, attach an additional blank volume (50 GB) for installation.

Step 4: Install pfSense on Volume via Console

  1. Open the console of the instance.

  2. Follow the installation steps as shown in the screenshots to install pfSense on the attached 50 GB volume.

  3. After successful installation, shut down the instance.

Step 5: Create a Bootable pfSense Volume

  1. Detach the 50 GB volume from the instance.

  2. Optionally, create an image from this volume for future use.

  3. Launch a new instance:

a. Source: Boot from Volume

b. Use the 50 GB volume or image created from it

c. Flavor: minimum 4 vCPUs, 8 GB RAM

d. Root Disk: minimum 50 GB (resized volume)

Step 6: Set up Networking for pfSense

  1. Attach a security group with all-allow rules.

  1. Assign a WAN interface (public network).

  2. Create a private network (VPC) without a router via Horizon.

a. Navigate to Project → Network → Networks → Create Network.

  1. Attach this private network to the pfSense VM.

  2. Set the gateway IP manually from the console.

  3. Disable port security for this private interface.

Picture
Picture

Step 7: pfSense Initial Console Configuration

  1. In the console, identify LAN and WAN interfaces using MAC addresses from Horizon.

  2. Set LAN IP via Option 2.

  3. Reset the default admin password via Option 3.

Step 8: Connect a Windows VM Behind pfSense

  1. Launch a Windows VM with only the private interface (same VPC as pfSense LAN).

  2. Access the VM via console.

  3. Open a browser and visit pfSense's LAN IP.

  4. Log in using default credentials (admin/pfsense) and follow the setup wizard.

Step 9: Configure 1:1 NAT for Internal Machine

  1. Attach a new public interface to pfSense (for mapping a public IP).

  2. Go to Interfaces → Assignments and add the new interface.

  3. Name and enable the interface.

  1. Go to Firewall → Rules → [New Interface] and allow all traffic.

  1. Navigate to Firewall → NAT → 1:1:

a. Interface: newly added interface

b. External Subnet IP: new public IP

c. Internal IP: Windows machine’s private IP

d. Save and apply changes

Step 10: Final Testing

Test connectivity to the Windows VM using the new public IP.

Ensure access to pfSense Web UI and confirm internet routing via the WAN interface.

pfSense Deployment Completed

You have now successfully:

  • Installed pfSense on a VM in AceCloud

  • Configured LAN/WAN interfaces

  • Deployed a Windows machine behind the firewall

  • Mapped a public IP via 1:1 NAT

PreviousHow to Install and Configure SSL Certificates in Apache?NextHow to Attach Multiple Interfaces to an Instance?

Last updated

Was this helpful?