How to Install pfSense From a Bootable USB Stick
Installing pfSense from a USB stick is much more convenient when compared to the live CD installation method.
CDs are quickly becoming obsolete and burning a new disk for each release of pfSense is wasteful and time consuming.
In this hub I'll show you how to create a bootable USB stick that can be used to quickly install pfSense on a PC.
Downloading the Memstick Image
First you'll need to download the USB memstick image for pfSense from one of the mirror sites.
The memstick images are available in both 32, or 64 bit versions. Download the version that's compatible with the hardware you'll be installing pfSense on.
Extracting the Image File
The file downloaded from the mirror site is compressed in gzip format. Before the image can be transferred to a USB drive it must be extracted. 7zip is a great free program that can be used to extract gzip archives.
Extract the IMG file to a location on your PCs hard drive.
Writing the Image to the USB Drive
Once you've extracted the image file you are ready to write it to a USB drive.
Uncompressed the image file for pfSense 2.0.1 is 253 megabytes so you'll need a thumb drive with at least that much capacity.
The image file can be written to the USB drive using Win32 Disk Imager.
This process will erase the contents of the target drive so be careful and make sure you select the correct drive.
- Download the win32diskimager-binary.zip file.
- Extract the contents of the zip file to a folder called Win32 Disk Imager.
- Run the Win32DiskImager.exe program.
- Click the blue folder icon and select the pfSense-memstick.img file that was extracted earler.
- Select the drive letter of the USB drive in the device drop down box.
- Click on write.
Booting From the USB Drive
After the image has been written to the USB drive it's ready to be plugged into the computer you wish to install pfSense on. You may have to adjust the computers bios settings in order to support booting from a USB device.
Most computers have a hot key that can be pressed when the system boots to access a boot device menu. For Dell computers the boot menu hotkey is F12.
If your system doesn't have a boot menu you can usually force the system to boot from USB devices first within the BIOS.
After booting from the drive select option number 3 from the pfSense welcome menu.
Launching the Installer
Shortly after pfSense begins to boot from the USB drive there will be an option to enter recovery mode or installer mode. Press 'I' to launch the installer.
If you miss the prompt you can reboot the system or select the hard drive install option from the main menu after the boot process completes.
The installer will allow you to specify a different font, screenmap, or keymap if needed. In most cases you can just accept the default settings here.
Selecting the Installation Mode
Next the installer will prompt you to select the installation mode. I like to run the quick/easy install because it bypasses some settings I usually don't need to modify. In quick mode the installer will automatically format the first hard disk and install pfSense on it.
If you have multiple drives in the system, or if you want full control over the installation then select the custom install option.
Using the Quick Install Method
If you choose the quick installer you will see the confirmation screen below. Make sure you don't have any data on the hard drive because this method will wipe out all of the data on it.
Most users will want to select the symmetric multiprocessing or SMP kernel.
The SMP kernel supports processors with one or more cores. If your box has a CPU that supports hyper threading then you should also select the multi-processor kernel.
The embedded kernel is designed for compact or low power hardware such as Soekris, Netgate, or PC Engines.
Finally a developers kernel is available which includes a debugger and other features you won't see in the standard kernel.
After selecting the kernel the installer will prompt you to reboot the system. While the system reboots you should remove the USB key from the system so pfSense can boot from the local hard drive.
The First System Boot
The first time pfSense boots it will start the interface assignment wizard which will allow you to define the LAN and WAN interfaces.
The wizard will ask you if you want to setup VLANs, most users should choose no here.
VLANs allow you to use a trunk connection to connect multiple networks to the system using a single physical connection.
Next the interface wizard will prompt you to enter the name of the interface you would like to use for the WAN connection, or press 'A' for auto detection.
I prefer to use the auto detection method because it saves me from guessing which interface corresponds to which network port on the box.
To use the auto detection function remove any network cables from the computer, then press 'A' and hit enter.
Next plug in the network cable to the NIC you want to use as the WAN interface and press enter. As long as link is established on that port the software will automatically detect which network card was connected. In other words the other end of the cable must be plugged into a device that is powered on.
Complete the same procedure for the LAN interface, and any additional interfaces you would like to add.
Completing Interface Assignment
After you've finished assigning interfaces press enter, then type 'Y' to confirm the selection. If you make a mistake you can type 'N' instead and complete the process all over again.
In the future you can reassign interfaces from the console, or SSH menu.
Assigning IP Addresses
After interfaces have been assigned the main console menu will be displayed.
By default DHCP is enabled for the WAN interface allowing it to obtain an address automatically. The LAN interface will receive an IP address of 192.168.1.1.
If you need to change the IP address assignments you can do so be selecting option #2 from the main menu.
Logging Into the Web Interface
At this point you should be able to connect to the web configurator by entering the LAN IP address of the system into your browser.
Default username: admin
Default password: pfsense
If you are unable to connect to the web interface try pinging the LAN IP address. If you can't ping it make sure that the PC is on the same subnet as the LAN interface for the system.
Sometimes tracing the connections and or re-assigning the interfaces will help identify where the problem lies.
© 2012 Sam Kear
More by this Author
Learn how to easily set up a captive portal using pfSense. Captive portals provide an easy way to authenticate users accessing the internet at Wi-Fi hotspots, hotels, apartments, or business centers.
Port forwarding (NAT) allows users on the internet to access services running on a computer inside your home network. This hub explains how to set up port forwarding using pfSense.
Most web filtering software is expensive and difficult to use. With the SquidGuard package you can set up a free, and powerful pfSense URL filter for your network.