I would hope that Limetech sees the brilliant work you are doing on Unraid tutorials and that they recognize you and bring you into their team. I think because of your videos more and more people are seeing the value, flexibility and are purchasing Unraid. Thank you!
Thanks diverhose. I really appreciate your kind words. Good news, Limetech have recently supported me on Patreon and added my videos to their website lime-technology.com/community-videos/ which is great :) Thanks for watching :)
@@SpaceinvaderOne You forgot to make the tuturial about the trunk. I have 2 ports on my unraid motherboard. I am on an itx with only one expansion that I will use withe the 10gbit SFP.
Hello Ed. Just wanted to thank you for putting this playlist series together on pfSense. I am new to Unraid and pfSense, but I was able to successfully get this up and running following your videos. For me, the only thing I had to change to get pfSense to recognize my Dell Intel quad NIC was to change the Machine type in the VM config to i440fx-4.2. Other than that, everything worked perfectly. Much appreciated amigo!
I've had an unraid server for almost 10 years and just used it for file storage and as a media server. Your videos have made me realize just how powerful that machine can be with the right tweaks! Thanks so much!
I've been using PfSense for around 2 years, both in a VM in UnRaid and now with a dedicated box. Looking forward to a video explaining how you do the auto switchover to physical box when your server goes down.
Hello Ed. I second the request for the switchover video. I need it as my family goes nuts when the network goes down. I have the hardware. Just need your guidance on how to set it all up. Please consider our request. It would be greatly appreciated if you could do something in this area.
Man! I love your videos and all the work you do it. Thank you for spending time working on these. I appreciate the attention to detail. Hope you are doing well!
I'm confused not by the amazing video which must have taken you ages.. But the (1) thumbs 👇 Amazing Ed, this video not only helps Unraid users but branches out to many outside unraid. I hope this gets a to a wider audience for you.
Good video, overall. I only have one discrepancy. I personally wouldn't have disabled HTTPS. A better way to go about this would be to leave HTTPS on and create some self signed certs and load the certificate authorities to whichever devices you would need to modify pfSense on. If you're assuming that your home network is safe and foregoing the concept of defense in depth, that's fine, just know that your traffic is being sent between your device and pfSense in clear text. Other than that, fantastic video as always, keep up the great work, can't wait for the rest of the series!
This video is 5 years old. so much has changed in unraid 6.11.5 that following your VM instructions have changed that it is difficult to follow any longer. You need to create an video update of what has changed in unraid 6.11.5 so your older video's are still relevant.
Spaceinvader One Fantastic work you do on your channel. You are the reason I went to Unraid and your videos helped me set everything up! You have a great and unique style of video which makes watching a great experience. Please do keep up the good work. Big thumbs up from me!!
Thanks for the video series. Not sure if you have a static ip or not, but your public ip address appears very really clearly in the transition at 16:40.
Hey Edward, can you do a video for the auto switchover to a hardware box? I have my primary running on unraid since it's on, but have Dell R210ii as a backup, when I need to do maintenance on the unraid server. It would be super helpful to not have to update it manually when I want to take down my server.
for the people trying to get this running but only one or none of the nic adapters show up, try Q35-2.11 as the machine type, it helped me in the end and most of the newer versions wont work, just as described in this tutorial
“Firewall Maximum Table Entries” should be 400000 (four hundred thousand, unlike forty thousand that was said in the video.) Latest 2.4.3 stable release of pfSense has this set to 400000 by default, so no longer necessary for that release or newer.
I'm running an Intel quad port NIC in a VM on an unRAID server and I'm a bit confused about the hardware checksum offload - in my setup do I check or uncheck the "disable hardware checksum offloading" box under System -> Advanced -> Networking? Everything else in the video was very clear and easy to follow, this was the only stumbling block and I'm not quite clear on what you were saying about this. Thanks for the video!
Thanks for your videos! They are fantastic and can't wait for more! 21:00 I did have to double check what I heard to what I saw here though, at changing Firewall Maximum Table Entries from twenty to forty-thousand lol ...I think it might be hundreds of thousands? :)
I only saw only one network interface appear during pfsense setup even though I had passed through both ports of my NIC. My problem was that I used machine type Q35-4.2. Don’t make the same mistake that I did and assume Q35-4.2 is just an evolution of Q35-2.11, there is a critical difference when it comes to having all interfaces from you nic appear in pfsense.
In the 2 part video you said that you would explain in an later video how to setup pfsense with 1 Port i skipped through this video (and the other videos for pfsense) but this important part (for me) was not there or did i missed it? If no, is there any other tutorial i can follow to set this up with one port (VLAN) pfsense VM? Thank you for your great work!! Without your help i could not make Unraid get going.
Thank you once again for a fantastic video series; waiting anxiously for each one! I had a question though on appending pci devices in the syslinux config file. You've done this in a couple other videos and I used it to pass a USB card, but can you append multiple cards for use in multiple VMs? I tried it once with negative results -- just wondering if there is anything special that needs to be done.
Hi Ed, thank you for the video ad great work, would you know what might be the cause of no Internet? I was able to follow your video and got a WAN public IP but no internet. Thanks.
Maximilian Philipp I ripped out what little hair I had, until I finally ended up changing it to i440fx and then my quad port intel NIC was recognised - however I haven’t tried any other Q35 versions yet - not sure if the differences would be relevant for a pFsense install though?
How do unraid connect to the pfsense VM ? Is it a cable from the NIC lan port to the switch and then back to the motherboard lan port? Awesome video as always!
I could not do PCI Passthrough with my quad NIC until I made the VM with i440fx rather than Q35. I'm not sure why Q35 doesn't work for me (2600X with Asus ROG Strix B-450F Gaming MB) but I hope this helps save somebody from a frustrating day!
When I start my pfSense VM, I get an Execution error like bellow. If I uncheck my pass trough NIC the vm is starting. However, I need the my passtrough NIC in order to use pfSense. Do you have any idea what good be wrong? "internal error: qemu unexpectedly closed the monitor: 2020-11-22T19:47:16.786696Z qemu-system-x86_64: -device vfio-pci,host=0000:12:00.0,id=hostdev0,bus=pci.0,addr=0x5: vfio 0000:12:00.0: failed to setup container for group 14: Failed to set iommu for container: Operation not permitted "
I've followed this guide and have everything working fine but this requires 3 Ethernet cables with the motherboard being the management and also tagged VLAN's for VM's, Dockers, etc. I'm wondering if I could eliminate this cable by allowing unRAID to see the quad port NIC and sharing it between pfSense and the Dockers, VM's, etc.? It wasn't clear why you don't want unRAID seeing it?
I forgot to account for my VoIP phones when I set this up. I followed all your guidance and router is working fine. Except I cannot figure out how to pass VoIP traffic. Port 5060. I would do a port forward but I have several Sip phones trying to reach out to my remote PBX.
Question for you. Once you start configuring pfSense, you tell it to use PPOE from you WAN. Are you putting your modem in bridge mode then? Wouldn't you be causing a conflict if both pfSense and your modem are trying to provide credentials to your ISP?
Great as always... I'm only passing one nic to my pfsense vm and using the bridge as my internal network (using e1000 in the xml) but I'm getting errors on the interface. Any clue as to what might be the cause? I'm going to try to turn off hardware offload now but if you might have any insights I'd greatly appreciate it. I use esxi pfsense vms all the time at work and have never had the same problem.
Great video you explained everything very detailed great job bro 😍 i have a small doubt i have a adsl connection using rj 11 connection is it possible to make it rj45
can this be done through a remote computer, as I have not even worked out how to get unraid working from the actual box of tricks. I can connect via wifi and lan to unraid, but if i plug my HDMI cable straight from unraid box to monitor nothing. the problem I am having with this guide is that I can connect the WAN and it finds it, as soon as I take out the LAN from old router into the 4 NIC card and press a to autodetect the VNC says i am not connected...any help appreciated
Rong Hsin Ang if you only have 2 onboard NICs, then obviously you need one for the UnRAID host ... and if the second NIC is not in its own IOMMU group, you will struggle to pass it through ... save yourself a LOT of hassle and just get a quad port Intel NIC and then pass it through
Having problems connecting Unraid to pfsense through the vm, how to regain internet access for the server, Unraid is not being assigned an ip through pfsense and I cannot access the webui. Any help would be appreciated thanks
Hey thanks for all your great videos. I need some help in cz i am not being able to access unraid even after dns resolver set as u showed in the video. I have attached 4port intel nic n a 10 gbe intel nic for pfsense. Pfsense should connect to unraid via virtual interface isnt it. Or do i need to physically connect it to pfsense. Hope you can resolve my queries.
I don't quite get what you put on the Redirect IP address when you're forcing your connections to have the DNS Server that's on your pfSense setup. When I use 127.0.0.1, it doesn't work. And I used LAN IP Address it doesn't work as well... Can I get some help please...?
I know this is a bit of an older post but I have a question. Is it possible to setup pfsense without connecting my modem to it directly until i am ready to switch to it? ie either no internet or maybe through current router till i am ready to switch old router out and if so how :) ? Thanks in advance Also great videos !!!
Hello again Spaceinvader! I am following your videos and have had nearly 100% success with everything! Motherboard not withstanding. But I have a quick relevant question. I am umrunning unraid, with a windows vm baremetal install, and want to also do pfsense, i have the nic on the motherboard and a dual port nic. Is this enough ports? Thanks SO SO much for your incredible videos!
Hi Medikherb. Yep that's fine. Use the onboard motherboard nic for unRAID. The windows vm will also use that. Then use the dual nic for pfsense. One port for wan and the other for lan. Glad the videos are helping you get your server set up. Thanks for watching :)
Awesome video! Loving this tutorial series. I am interested in changing my existing router to a pfSense. I have been using the Ubiquiti’s Edgerouter X series but its CPU is not powerful enough. I would have moved to pfSense already but in my setup I am load balancing 3 WAN adsl lines and have not found a solid tutorial on how to do it on pfSense. It would be awesome if you are planning a video tutorial on load balancing setups at some time!
Hi Emmanouil I would like to make that video, however, i only have one connection so couldn't really demonstrate how. i will have to think if there is any way i could make this video. Thanks for watching :)
Spaceinvader One wouldn't load balancing the WANs be the same as load balancing a LAN? You could show how to load balance a LAN even with one WAN connection
Well not sure why but I can't pass the Nic to the VM - not sure if is because is and AMD board. The NIC is an Intel added the exception for syslinux but when attempting to start pfsense it say that I have no nic's avail and is rebooting, any ideas, Thank you in advance.
Does the host machine have to have a physical ethernet interface to go from one of the pfsense LAN interfaces to it's uplink or is there another way to assign the host an IP from de pfsense VM ?
Hello Sir, if my motherboard has 2 ethernet ports, do I need a PCI network card? If I pass through both ethernet ports, will I able to access the array on my network?
Hi Jake. You dont actually need a separate gpu for the server (i am guessing you are talking about passing through a good gpu and using a lesser gpu for the host) You can just passthough the primary card if you want. I have done that with a gtx1080 on one of my servers. the other though i just use an amd radeon hd6450 1gb card which works great and only cost me $20
What to do if I installed two times the same NIC? If I look in my System devices IOMMU groups, the two NIC have their own group but the ID is for all of them the same. So How can I disable just one NIC when starting Unraid. So I can use One Nic for my VM and one for Unraid Dockers.
Hm. I got 4x gb ports on my supermicro board (my unraid server) but i guess i still need a dedicated pci card, right? I had a look in "System Devices "and all 4 Ethernet Controller have [8086:1533] also they are in two different IOMMU groups. But i cannot route only two of them to the VM. correct?
following your advice to go for an intel 4 port nic, I bought a "Intel Pro/1000 PT Quad Port Expansion Card; Model: EXPI9404PT" and unraid does not appear to recognise it. intel has linux drivers for it, how do I install those drivers on unraid?
Help I don't have a network card. Still I tried the above procedure with internal LAN ports. Now, even after back tracking my steps I'm unable to get my ethernet port to work. What to do?
After 3 hours of frustration, I booted into the BIOS to discover VT-x is not supported ... perhaps you can edit this and make a note to save somebody a headache. That said, are there other options? FWIW - I've pfSense on another machine, Proxmox, and needed to use PCI passthrough otherwise when rebooting Proxmox the modem would need rebooting also. I was considering moving it all to my unRAID PC but this CPU doesn't support VT-x ...
Well I abandoned this project on Unraid it was a pain, Plus what is a issue is getting the port open for my cctv cameras, that caused to break it and it locked up and the server so now I’m Frankensteining my asrock h110 with the dual nic I had, connected via the nvme port just waiting for parts so hope it works. Do you know how to open ports for cameras?
Thank you for all of your tutorials! Can you tell me more about append "vfio-pci.ids=" command? Can I disable unraid to use my main Nvidia GPU while boot up the same way? So maybe I will success with passing it through my Win10 VM.
ione dji yes you can use vfio to stub (disable from host) for your nvidia GPU, which you can then pssthrough to a VM - hundreds of tutorials about how to pass through GPUs on unraid already, so just follow one.
Sorry if I missed it but if I wanted to setup pfSense on Unraid in a VM and want to use the x2 Gigabit ethernet ports on my motherboard (x1 for WAN and x1 LAN) how do I configure that? If I missed it please comment time stamp. Thanks guys. Special thanks to "Spaceinvader One" I've learned so much from your videos!
Did you figure this out? That's what I plan to do, assuming you just treat the one NIC the same way you would a PCIe 4port switch and follow the same steps?
The problem with adding the ethernet controller to the syslinux config is that then it isn't accessible over the network, which kinda defeats the purpose.
I still am having a problem i cant seem to find a fix for: is there any other way to stub an pcie device? My network-card and onboard-lan have the same vendore id and product id. therefore i am only able to stub all my networking ports. that way, i cant connect to unraid anymore
Hey Ryan. Best of luck. Should be fine. Make sure to set a static ip on your unRAID server as the pfSense vm will be your dhcp server so you will need unRAID to have a static ip when it boots before the pfSense vm starts up.
I bought a cheap 4-port GbE Intel NIC (YT674) off eBay as recommended, installed and I see it in the my UnRAID 6.5.2 system devices list. IOMMU grouping looks very similar to yours (2 groups, each with a bridge and 2 ethernet controllers, device ids of 8086:10d6). However, when I edit the syslinux config on the flash boot drive, insert vfio-pci.ids=8086:10d6 into my append string, and reboot... the UnRAID system still shows the network interfaces. I cannot figure out how to get UnRAID to let go of these network ports. any ideas?
Great series. One problem I am having is that I'm running my unraid server with a supermicro board with 2 onboard ethernet nics. When I go to edit the flash file with the "vfio" command and reboot I lose access to my server on the network when it comes back up. When I reboot again and remove that line all is well. Is there a work around for this?
Hi Aaron. No, if your nic is a dual nic and each nic shares the same id then when you stub it in the syslinux config file it will isolate the whole controller from the host so you will not have network on the server. You are best to get a PCIe quad nic off eBay for around $20 and use that then you will be fine. Glad you are enjoying the series and thanks for watching :)
what if I changed the ISP DNS, I use a smart dns service for streaming. Pfsense recognize that? I have FTTN connection but its a phone cable that is connecting to the router/modem, would DHCP work for me?
Okay so after lots and lots of reading and testing I have come up with several config paths that will at least allow you to get pfSense installed on unraid 6.9.0-beta35 (and I assume other recent versions of unraid). i440fx-5.1,OVMF, qcow, sata q35-2.11,OVMF,qcow,sata q35-4.0,OVMF,qcow,sata all three of the above will at least allow you to make it through the install process as of 11/28/2020 I have not tested any further than the install (only to the first questions of if I want to configure vlans). These three configs avoid the issue I posted about previously on this video and do not require any of the other xml changes mentioned in the following links forums.unraid.net/topic/55478-pfsense-in-vm-with-pci-passthrough-issues/ forums.unraid.net/topic/71071-video-guide-a-comprehensive-guide-to-pfsense-both-unraid-vm-and-physical/page/4/?tab=comments#comment-822768 forums.unraid.net/topic/88748-682-please-help-pfsense-wont-install/ forums.unraid.net/topic/85848-pfsense-vm-fails-to-boot-after-upgrade-to-680-rc8/ forums.unraid.net/topic/89837-pfsense-setup-help/ forums.unraid.net/topic/90744-new-pfsense-kvm-boot-error-internal-error-qemu-unexpectedly-closed-the-monitor/ (this one is interesting as it is also very recent) Do also note: With all versions between q35-4.0 to the latest q35-5.1 i continuously received IRQ storms that made the install unworkable. If anyone finds away around this please share.
Followed every step but now stuck on VNC Remote, Click it and I get this message: guest has not initialize the display (yet).. I know this video is 2 years old now but was hoping still relevant.. anyone got any ideas?
Are there any drawbacks to running pfSense in a VM? Going to be finally doing the install this coming weekend when I move and I ordered a Unifi AP-Pro for my wireless access.
The drawbacks of using it in a VM are if you shutdown/restart your server then you will lose internet access in your home whilst the server is down. If your server is on 24/7 doesnt make any difference.
Thank you for the fast reply. Yeah my unRAID is on 24/7. Offloading my media server from my main rig allows me to power that down when I am not using it anymore. Is there anything I need to know when moving from a dedicated Router to pfSense VM? I was thinking just letting it assign the WAN a IP from the Router currently and assigning a new LAN IP Range to the pfSense config so they don't interfere with each other.
ugp that will be double NAT if you do that, so you will need to make sure you allow private network addresses to pFsense otherwise it will block traffic from your existing router ... however it’s not a good way to have it set up anyway ... turn your existing router into and access point instead
Can you install pfsense in a docker, I’m thinking of setting it up on a pi board that’s always on. But I also would like the pi to control ubiquity. I have to do more research but wanted to know if anyone is doing similar stuff.
14:37 How come and the wan interface has been assigned with a public-like ip (etc...173.22.58.77) and got an ip address of a privatelike network?? Was the modem in 192.168.2.1 and assigned the pfsense the 2.11?? So its still an internal ip? Does all configurations with pfsense need to have your modem setup as bridged to pass through the connection? (Edit: probably the answer to that is in 15:42 that you choose instead of DHCP the PPOE protocol? In that case why you need a modem at all? Because PFSense cant modulate-demodulate ISP signal??) Thank you
Dimitris Tsoutsouras pFsense is a router, not a modem - you still need a device to take your WAN service from your ISP (eg a modem) whether it’s ADSL, VDSL, NBN, Fibre ... they all come into some sort of modem/device which then connects to the WAN interface of pFsense ... an alternative to this would be if you are doing something like connecting multiple pFsense firewalls together, you probably wouldn’t be using a WAN interface expect on the master pFsense unit
Anybody able to help me out? I have everything set up like this video but when I boot up pfSense it doesn't show my NIC. I don't know what I am doing wrong. Thanks!
Spaceinvader got my Dual nics card but for the life of me I can’t get this to log in via my DrayTek 2860 router, I’ve entered the user name and password for my iSP Zen Internet but can’t get the wan side to function at all to make the connection. The router is making the connection fine, my setup is one single Ethernet cable from the router to a 24port switch and they disburse from there. Is there away that I can leave the router doing the connection and just run the Ethernet cable into pfsense and the output of pfsense to the switch as I’m losing the will to live 🤯
Thanks Medik, glad you like the videos. To install the extra icons take a look at this old video I made showing how. ruclips.net/video/LkW3niAWAHs/видео.html
@@SpaceinvaderOne WOW.... I just watched the icons video... rewatched, rewound, rewatched.... it's kinda tricky to me. I had to pull out the usb and put it in my laptop because there weren't instructions on navigating to it. Next, it wouldn't run the Icon script because it said that the directory didn't exist... but we weren't shown how to navigate to that one either... when I tried with krusader, ithe folder's not there. Whew. You make awesome videos man, but this one left me a little jaded.
For a future video I would really like to see how to config pfSense DMZ. My kids play games like Minecraft and Terraria and keep begging me to setup a gaming server for themselves and their friends. I refuse to do this on my local LAN, but would do so if I could figure out how to host a server in a DMZ that the local LAN and people from the Internet can access without exposing my local LAN. I currently have a pfSense router in use.
Your videos are awesome and I am looking at running PFsense on my Unraid Server. My server has 4 x 1GB Ethernet ports on the Motherboard and I am only using one at the moment. They are all on separate IOMMU groups, but the same address so I cant for instance tell Unraid to not use the 3 other ports by using your trick in the syslinux config. So would want to use 1 x port for Unraid native and the 3 other ports for PFsense. Is it possible?
Hi Ian. Yes its very annoying when you cant blacklist the nics as they share the same id. You will have to put a 1 port nic in your server for unRAID to use then stubb the 4 port card in the syslinux for use with pfsense.
Hey thanks for the reply. It did dawn on my that that was an issue I was not going to get round. Hence I followed your advise and bought a for port HP intel nic for £12 off ebay. Pfsense is up and running - all because of your videos. Your awesome mate. Keep up the good work.
I'm all ready running PfSense on a dell 990 separate machine from my unraid box can I use the backed up configs from that machine and use them in a VM? it looks like I should be able to
i second getting an update to this video - on unraid 6.9.0-beta35 and have tried using pfsense 2.4.3, 2.4.4, and 2.4.5 and no dice on any of them. I believe I have the nics in the proper state the issue seems to be the install location settings. When using your suggested settings of sata instead of VirtIO with qcow the install fails to even reach the first accept screen. I can change this to be VirtIO and it will then get the next screen but will fail to partition making the claim "No Disk Found. If you need to install a kernel driver, choose shell at the install menu". The above scenario has been repeatable for all 3 versions mentioned of pfsense. I have tried a fair number of the variations of Ovmf vs seabios as well as the suggestions here forums.unraid.net/topic/90744-new-pfsense-kvm-boot-error-internal-error-qemu-unexpectedly-closed-the-monitor/ , here forums.unraid.net/topic/85848-pfsense-vm-fails-to-boot-after-upgrade-to-680-rc8/ , and forums.unraid.net/topic/89837-pfsense-setup-help/ but have continued to come up empty
Hi mate can you do a video how you config a 2 nic one for the lan and the other to a pc I trie to do and I fail to connect to unraid PS love your videos
Spaveinvader great video i've finally got my thread ripper build complete, But I'm having issues installing this. Ok got everything done but its saying something about the iommu grouping. First I'm using the nic's on the board. i have a 10gb nic and two 1GB nic's. The 10Gb is used by unraid i have separated the 1GB nic's so unraid doesn't use it but it just won't install PfSense do i need a nic's card to get a separate iommu group. if its easier with a add in nic's i'll get that. Once again great vid
Update i've got a dual intel nic's on the way hopefully i can then separate that from the other iommu groupings and actually install the VM, But i don't want to by a modem will i be able to use my draytek 2860 router to make the connection i have access points setup already so I'm not reliant on router wifi
Hi Darren.Yes, I believe that you can put the 2860 into bridge mode to use it as a modem. However, I don't have a 2860 to check and see how to do this. Regarding the iommu yes the nics need to bein their own group without other hardware. Check my video (which should be up later today) about iommu. Thanks for watching :)
Spaceinvader One Thanks, No worries think I’ll reach out to DrayTek and find out how to do it, yeah I bought a dual nics which I’ve installed just need to find out how to make it a modem and finish the install and enjoy. The video’s are great you are the only reason why I’m using unraid and doing all this crazy stuff lol keep up the exceptional video’s
Spaceinvader, I am following your video to set up a stand alone PFSense. However my Intel i219-V is not being detected by PFSense. Any help would be greatly appreciated. I'm at a loss and cant find any info on it.
Hi sbrock99. It should work as it does in freebsd of which pfSense is based on. Try updating the bios in the motherboard and see if that makes a difference. You could also try adding the driver. Some one on this thread a few years ago compiled a driver you could try adding it. Check the post by shoggot here forum.netgate.com/topic/91062/gigabyte-h170n-wifi-lga1151-ddr4-mitx-dual-intel-gbe-lan/16
Spaceinvader One thanks. I found that just downloading the latest RC worked. The stable release does not seem to support intel i219-v so hopefully they support it fully in the next stable release, until then I’ll live with the RC
I cant get this to work with the Intel 82576 Quad port gigabit adapter. I tinkered with this tutorial last week and was able to eventually get the LAN port working but decided to start over today. Now, I can only get the WAN port working. During boot it comes up with the error "failed to allocate interrupt" for the NIC. I've tried to search the pfSense and FreeBSD forums for a solution but so far nothing I have found works. Any ideas? I checked the NIC in Ubuntu and Unraid and it works fine on all ports.
Hi Space I have a HP DL380 server with 4 ethernet ports onboard + ILO port. tryed to split the 4 nic's with the vfio-pci.ids=14e4:1639 option but didnt do anything and pfsense after deleting the virtual adapter says it cannot start up without a NIC. Can you offer any advice? Best regards from Portugal
Hi Nuno. So you stubbed the 4 ethernet ports with vfio-pci.ids=14e4:1639 . Did the 4 ports show up for passthrough in the vm manager under other pci devices, after rebooting the server? Also you do still have a nic for unRAID to use?
No, these 4 NICS are the server onboard NICS. On the sys devices, the 4 NICS show the same value inside the [xx] like in the video, the ID i used to add to vfio. After doing this, unraid kept the 4 NIC to itself, and nothing was available in the VM to use. I wanted one for unraid, and to be able to pass at least 2 to a pfsense machine to replace ISP router. Did not used the ACS overide yet.
Hi again This is from spec for the server from HP Two HP NC382i Dual Port Multifunction Gigabit Server Adapters (four ports total) with TCP/IP Offload Engine, including support for Accelerated iSCSI This is the print from sysdevices prntscr.com/kbso8w Normal or some servers came out with that setup? Either way, any advice is welcomed :P Was trying to prevent buying a new gig board or anoter dual or quad nic card. :\ to add to the server Best regards
I am unable to get pFsense to install. Everytime I start the VM after following your instructions it hangs after the 5 second countdown. Then the shell comes up and I do not know what to do. Please advise.
I've been using a physical pfSense box for over a year now. Decided to change from https to http after watching this video, but now I cannot login to pfsense gui. I had default login username and password but are no longer working. Not sure what to do now, please help.
Sorry for the late reply. Please try clearing your browser cache then you should be able to login as normal. Or try using another browser. Again sorry for the late reply. Thanks for watching :)
11:51 - Is anyone else getting stuck on "achich timeout... READ_FPDMA_QUEUED.... CAM status command timeout" ? I have set the vDisk Bus mode to SATA as instructed but I believe that's actually causing the issue. Something about the ACHI driver not working. Installing version 2.4.3
Hopping for a little help I have a HP 435506-003 NC364T Gigabit Quad Port card and installed it in to my Unraid box followed your video checked it like 3 times and still can not get this card to work properly. It starts to work on boot up the cable modem has a blinking light to tell me if I have connection or not on the line. So what is going on is this I have the line in going to the first port on the HP card and when I boot the machine it starts flashing on the modem that it sees the LAN connection the just before unraid gets to the part of booting the HDD's the flashing stops the computer keeps booting but when it gets to where it should pull the passphrase down from the internet it pauses a minute and then boots to the dashboard and wants the pass code to unlock the drives. I give that code and all the drives unlock. funny thing is if I boot the machine with no cable in it and wait for the computer to boot and start the PfSense VM then plug in the cable from the modem then I get internet any help would be appreciated. and the logs do not really show any thing I think would be a error
So you are pulling the unlock key for the array from the internet to unlock your encrypted array. The problem here is the array must be started before the VMs start. So as the VMs havent started and the pfSense VM is giving you internet, it isnt running to download the key to unlock the drives. Really there is only 2 choices. You will have to manually put the key in each time the unRAID server reboots. Or you could pull the key locally from either your flash drive or something else on your network (maybe a raspberry PI?) Have I answered your question or have I mis understood the problem?
is there a simple way to pull from the flash drive? I am thinking of ordering a pi zero just to hold the key file it runs off hardly any power but seems a little over kill. Or could I use my dd-wrt router to hold the key and then the unraid box could pull from there. could the same line in the go file be used to move the file I know it would have to be modded
Hi Dale have a look at bonienl's post on the unRAID forums here lime-technology.com/forums/topic/61973-encryption-and-auto-start/?tab=comments#comment-648148
I looked at that same page from one of your videos I got it from a still shot. I could use a little more help I have the keyfile on my router and it is accessible from the lan side only. I can ftp or smb to it but just can not get it to copy to my root directory could you post it so I can see or email to rott at bex .net I really want to get this working
Can I run pfsense with encrypted drives and some how use the remote key or is it run pfsense or remote key if you can do both maybe you could make a short video showing how Thanks looking forward to your next video
A VM router for your home where the main media/file server/vpn server is reliant on the VM booting up and serving DHCP and internet is SO STUPID, but because it saves money, I have had it implemented this way for 8 years and it only failed me once when plex cache overflowed the cache drive that pfsense runs on. Every time I am asked how its set up they laugh, scoff, or their brain starts smoking. It's routing inception
I would hope that Limetech sees the brilliant work you are doing on Unraid tutorials and that they recognize you and bring you into their team. I think because of your videos more and more people are seeing the value, flexibility and are purchasing Unraid. Thank you!
Thanks diverhose. I really appreciate your kind words. Good news, Limetech have recently supported me on Patreon and added my videos to their website lime-technology.com/community-videos/ which is great :) Thanks for watching :)
@@SpaceinvaderOne You forgot to make the tuturial about the trunk. I have 2 ports on my unraid motherboard. I am on an itx with only one expansion that I will use withe the 10gbit SFP.
Agreed... I have an Unraid machine, and without all of these video's, I'd be completely lost. Thanks Spaceinvader One
everything i have ever been able to do with unraid is all thanks to @Spaceinvader one
I agree as well.
Hello Ed. Just wanted to thank you for putting this playlist series together on pfSense. I am new to Unraid and pfSense, but I was able to successfully get this up and running following your videos. For me, the only thing I had to change to get pfSense to recognize my Dell Intel quad NIC was to change the Machine type in the VM config to i440fx-4.2. Other than that, everything worked perfectly. Much appreciated amigo!
Fernando Aleman same here
Thanks for this info. You saved me a lot of time
I've had an unraid server for almost 10 years and just used it for file storage and as a media server. Your videos have made me realize just how powerful that machine can be with the right tweaks! Thanks so much!
Hey noname mcgee. Glad you like the videos. thanks for watching :)
This is a 2 year old video, but thank you so much!!! I seriously wouldn't have had a chance without it.
I've been using PfSense for around 2 years, both in a VM in UnRaid and now with a dedicated box. Looking forward to a video explaining how you do the auto switchover to physical box when your server goes down.
Hello Ed. I second the request for the switchover video. I need it as my family goes nuts when the network goes down. I have the hardware. Just need your guidance on how to set it all up. Please consider our request. It would be greatly appreciated if you could do something in this area.
Man! I love your videos and all the work you do it. Thank you for spending time working on these. I appreciate the attention to detail. Hope you are doing well!
Thanks Landon. Yeah i'm good thanks. Glad you like the videos and the channel. Thanks for watching :)
I'm confused not by the amazing video which must have taken you ages.. But the (1) thumbs 👇
Amazing Ed, this video not only helps Unraid users but branches out to many outside unraid. I hope this gets a to a wider audience for you.
Thanks David glad you liked it and thanks for watching :)
That was a half blind Mac user down-voting anything but Apple...
Good video, overall. I only have one discrepancy. I personally wouldn't have disabled HTTPS. A better way to go about this would be to leave HTTPS on and create some self signed certs and load the certificate authorities to whichever devices you would need to modify pfSense on. If you're assuming that your home network is safe and foregoing the concept of defense in depth, that's fine, just know that your traffic is being sent between your device and pfSense in clear text. Other than that, fantastic video as always, keep up the great work, can't wait for the rest of the series!
Awesome. I was looking at all the options and was getting overwhelmed. Thanks for this easy setup!
Awesome video! I have been using pfSense for a few years now and look forward to your next one. I've been thinking about putting it in a VM.
This video is 5 years old. so much has changed in unraid 6.11.5 that following your VM instructions have changed that it is difficult to follow any longer. You need to create an video update of what has changed in unraid 6.11.5 so your older video's are still relevant.
Amazing work yet again
You rock S.I.O.thanks for the great video. Last time i played with pFSense, it was a few years back.
Have been waiting all week for this!
ha yeah sorry this one took me longer than i thought. hope you like it ! thanks for watching :)
Spaceinvader One Fantastic work you do on your channel. You are the reason I went to Unraid and your videos helped me set everything up! You have a great and unique style of video which makes watching a great experience. Please do keep up the good work. Big thumbs up from me!!
Thanks for the video series. Not sure if you have a static ip or not, but your public ip address appears very really clearly in the transition at 16:40.
Hey Edward, can you do a video for the auto switchover to a hardware box? I have my primary running on unraid since it's on, but have Dell R210ii as a backup, when I need to do maintenance on the unraid server. It would be super helpful to not have to update it manually when I want to take down my server.
FYI, for the "Disable Hardware checksum offload" option.
If you're using the virtual adapter for your LAN then make sure it's checked.
Hi Annabella, yes that is important to do that. Thanks for mentioning that.
Going to be setting this up soon. Thank you!
Your welcome. Thanks for watching. :)
for the people trying to get this running but only one or none of the nic adapters show up, try Q35-2.11 as the machine type, it helped me in the end and most of the newer versions wont work, just as described in this tutorial
“Firewall Maximum Table Entries” should be 400000 (four hundred thousand, unlike forty thousand that was said in the video.) Latest 2.4.3 stable release of pfSense has this set to 400000 by default, so no longer necessary for that release or newer.
I'm running an Intel quad port NIC in a VM on an unRAID server and I'm a bit confused about the hardware checksum offload - in my setup do I check or uncheck the "disable hardware checksum offloading" box under System -> Advanced -> Networking? Everything else in the video was very clear and easy to follow, this was the only stumbling block and I'm not quite clear on what you were saying about this. Thanks for the video!
Thanks for your videos! They are fantastic and can't wait for more!
21:00 I did have to double check what I heard to what I saw here though, at changing Firewall Maximum Table Entries from twenty to forty-thousand lol ...I think it might be hundreds of thousands? :)
Yes you are right MeLtedLogiK, should have been hundreds of thousands. I need to wear my glasses I think lol :) thanks for watching.
Please keep this going thanks
nice video, thanks a lot. One question tho, why don't you want ipv6 and has this changed in the 4 yesrs since you made this video?
I only saw only one network interface appear during pfsense setup even though I had passed through both ports of my NIC. My problem was that I used machine type Q35-4.2. Don’t make the same mistake that I did and assume Q35-4.2 is just an evolution of Q35-2.11, there is a critical difference when it comes to having all interfaces from you nic appear in pfsense.
In the 2 part video you said that you would explain in an later video how to setup pfsense with 1 Port i skipped through this video (and the other videos for pfsense) but this important part (for me) was not there or did i missed it? If no, is there any other tutorial i can follow to set this up with one port (VLAN) pfsense VM? Thank you for your great work!! Without your help i could not make Unraid get going.
Your tutorials are brilliant! I love it! Just one question. Is there anyway that unraid can connect to the pfsense's lan port virtually?
Thank you once again for a fantastic video series; waiting anxiously for each one! I had a question though on appending pci devices in the syslinux config file. You've done this in a couple other videos and I used it to pass a USB card, but can you append multiple cards for use in multiple VMs? I tried it once with negative results -- just wondering if there is anything special that needs to be done.
Hi Ed, thank you for the video ad great work, would you know what might be the cause of no Internet? I was able to follow your video and got a WAN public IP but no internet. Thanks.
If some people can't find their NICs ports try machine q35-2.6 instead of the default
Maximilian Philipp I ripped out what little hair I had, until I finally ended up changing it to i440fx and then my quad port intel NIC was recognised - however I haven’t tried any other Q35 versions yet - not sure if the differences would be relevant for a pFsense install though?
How do unraid connect to the pfsense VM ? Is it a cable from the NIC lan port to the switch and then back to the motherboard lan port?
Awesome video as always!
I could not do PCI Passthrough with my quad NIC until I made the VM with i440fx rather than Q35. I'm not sure why Q35 doesn't work for me (2600X with Asus ROG Strix B-450F Gaming MB) but I hope this helps save somebody from a frustrating day!
bugsysiegals same here! I ripped out what little hair I had, until I finally ended up changing it to i440fx and then my quad port intel was recognised
When I start my pfSense VM, I get an Execution error like bellow. If I uncheck my pass trough NIC the vm is starting. However, I need the my passtrough NIC in order to use pfSense. Do you have any idea what good be wrong?
"internal error: qemu unexpectedly closed the monitor: 2020-11-22T19:47:16.786696Z qemu-system-x86_64: -device vfio-pci,host=0000:12:00.0,id=hostdev0,bus=pci.0,addr=0x5: vfio 0000:12:00.0: failed to setup container for group 14: Failed to set iommu for container: Operation not permitted
"
I've followed this guide and have everything working fine but this requires 3 Ethernet cables with the motherboard being the management and also tagged VLAN's for VM's, Dockers, etc. I'm wondering if I could eliminate this cable by allowing unRAID to see the quad port NIC and sharing it between pfSense and the Dockers, VM's, etc.? It wasn't clear why you don't want unRAID seeing it?
I forgot to account for my VoIP phones when I set this up. I followed all your guidance and router is working fine. Except I cannot figure out how to pass VoIP traffic. Port 5060. I would do a port forward but I have several Sip phones trying to reach out to my remote PBX.
Awesome, thanks!
Great videos . I've been searching for a way to install it as a vm for hours now thx (btw Ich komme auch aus Deutschland)
Question for you. Once you start configuring pfSense, you tell it to use PPOE from you WAN. Are you putting your modem in bridge mode then? Wouldn't you be causing a conflict if both pfSense and your modem are trying to provide credentials to your ISP?
Great as always... I'm only passing one nic to my pfsense vm and using the bridge as my internal network (using e1000 in the xml) but I'm getting errors on the interface. Any clue as to what might be the cause? I'm going to try to turn off hardware offload now but if you might have any insights I'd greatly appreciate it. I use esxi pfsense vms all the time at work and have never had the same problem.
Awesome stuff!!
Great video you explained everything very detailed great job bro 😍 i have a small doubt i have a adsl connection using rj 11 connection is it possible to make it rj45
can this be done through a remote computer, as I have not even worked out how to get unraid working from the actual box of tricks. I can connect via wifi and lan to unraid, but if i plug my HDMI cable straight from unraid box to monitor nothing. the problem I am having with this guide is that I can connect the WAN and it finds it, as soon as I take out the LAN from old router into the 4 NIC card and press a to autodetect the VNC says i am not connected...any help appreciated
Hello, why have you deleted the virtual network adapter? Will it cause a problem if it stays in the VM?
Where's the part where you changed the SATA to VirtIO? I'm getting booting errors if change it to Virtio.
Thank you for the very detailed tutorial. How do you passthrough the nic if there is only 2 nic on the board?
Rong Hsin Ang if you only have 2 onboard NICs, then obviously you need one for the UnRAID host ... and if the second NIC is not in its own IOMMU group, you will struggle to pass it through ... save yourself a LOT of hassle and just get a quad port Intel NIC and then pass it through
Having problems connecting Unraid to pfsense through the vm, how to regain internet access for the server, Unraid is not being assigned an ip through pfsense and I cannot access the webui. Any help would be appreciated thanks
Hey thanks for all your great videos. I need some help in cz i am not being able to access unraid even after dns resolver set as u showed in the video. I have attached 4port intel nic n a 10 gbe intel nic for pfsense. Pfsense should connect to unraid via virtual interface isnt it. Or do i need to physically connect it to pfsense. Hope you can resolve my queries.
I don't quite get what you put on the Redirect IP address when you're forcing your connections to have the DNS Server that's on your pfSense setup. When I use 127.0.0.1, it doesn't work. And I used LAN IP Address it doesn't work as well... Can I get some help please...?
I know this is a bit of an older post but I have a question. Is it possible to setup pfsense without connecting my modem to it directly until i am ready to switch to it? ie either no internet or maybe through current router till i am ready to switch old router out and if so how :) ? Thanks in advance Also great videos !!!
Anyone?
Hello again Spaceinvader! I am following your videos and have had nearly 100% success with everything! Motherboard not withstanding. But I have a quick relevant question. I am umrunning unraid, with a windows vm baremetal install, and want to also do pfsense, i have the nic on the motherboard and a dual port nic. Is this enough ports? Thanks SO SO much for your incredible videos!
Hi Medikherb. Yep that's fine. Use the onboard motherboard nic for unRAID. The windows vm will also use that. Then use the dual nic for pfsense. One port for wan and the other for lan. Glad the videos are helping you get your server set up. Thanks for watching :)
Awesome video! Loving this tutorial series. I am interested in changing my existing router to a pfSense. I have been using the Ubiquiti’s Edgerouter X series but its CPU is not powerful enough. I would have moved to pfSense already but in my setup I am load balancing 3 WAN adsl lines and have not found a solid tutorial on how to do it on pfSense. It would be awesome if you are planning a video tutorial on load balancing setups at some time!
Hi Emmanouil I would like to make that video, however, i only have one connection so couldn't really demonstrate how. i will have to think if there is any way i could make this video. Thanks for watching :)
Spaceinvader One wouldn't load balancing the WANs be the same as load balancing a LAN? You could show how to load balance a LAN even with one WAN connection
Well not sure why but I can't pass the Nic to the VM - not sure if is because is and AMD board. The NIC is an Intel added the exception for syslinux but when attempting to start pfsense it say that I have no nic's avail and is rebooting, any ideas, Thank you in advance.
Does the host machine have to have a physical ethernet interface to go from one of the pfsense LAN interfaces to it's uplink or is there another way to assign the host an IP from de pfsense VM ?
What video editing and/or screen capturing software did you use to create this video?
Hello Sir, if my motherboard has 2 ethernet ports, do I need a PCI network card? If I pass through both ethernet ports, will I able to access the array on my network?
great work! I plan on building a Ryzen unraid server very soon. What motherboard are you using?
Hi Jake. I am using a gigabyte aorus ax370 gaming k7 . Works well and iommu is fine. www.gigabyte.com/us/Motherboard/GA-AX370-Gaming-K7-rev-10#kf
Spaceinvader One Thanks! I am between that one and the AsRock Taichi. What about your host graphics card, is it just some old junky one?
Hi Jake. You dont actually need a separate gpu for the server (i am guessing you are talking about passing through a good gpu and using a lesser gpu for the host) You can just passthough the primary card if you want. I have done that with a gtx1080 on one of my servers. the other though i just use an amd radeon hd6450 1gb card which works great and only cost me $20
21:05 isn't it Two Hundred Thousand to Four Hundred Thousand? My default is 2000000 Two Million on pfsense 2.4.3
What to do if I installed two times the same NIC? If I look in my System devices IOMMU groups, the two NIC have their own group but the ID is for all of them the same. So How can I disable just one NIC when starting Unraid. So I can use One Nic for my VM and one for Unraid Dockers.
Hm. I got 4x gb ports on my supermicro board (my unraid server) but i guess i still need a dedicated pci card, right? I had a look in "System Devices "and all 4 Ethernet Controller have [8086:1533] also they are in two different IOMMU groups. But i cannot route only two of them to the VM. correct?
following your advice to go for an intel 4 port nic, I bought a "Intel Pro/1000 PT Quad Port Expansion Card; Model: EXPI9404PT" and unraid does not appear to recognise it. intel has linux drivers for it, how do I install those drivers on unraid?
Help
I don't have a network card. Still I tried the above procedure with internal LAN ports. Now, even after back tracking my steps I'm unable to get my ethernet port to work. What to do?
After 3 hours of frustration, I booted into the BIOS to discover VT-x is not supported ... perhaps you can edit this and make a note to save somebody a headache.
That said, are there other options? FWIW - I've pfSense on another machine, Proxmox, and needed to use PCI passthrough otherwise when rebooting Proxmox the modem would need rebooting also. I was considering moving it all to my unRAID PC but this CPU doesn't support VT-x ...
Well I abandoned this project on Unraid it was a pain, Plus what is a issue is getting the port open for my cctv cameras, that caused to break it and it locked up and the server so now I’m Frankensteining my asrock h110 with the dual nic I had, connected via the nvme port just waiting for parts so hope it works. Do you know how to open ports for cameras?
Thank you for all of your tutorials! Can you tell me more about append "vfio-pci.ids=" command? Can I disable unraid to use my main Nvidia GPU while boot up the same way? So maybe I will success with passing it through my Win10 VM.
ione dji yes you can use vfio to stub (disable from host) for your nvidia GPU, which you can then pssthrough to a VM - hundreds of tutorials about how to pass through GPUs on unraid already, so just follow one.
Sorry if I missed it but if I wanted to setup pfSense on Unraid in a VM and want to use the x2 Gigabit ethernet ports on my motherboard (x1 for WAN and x1 LAN) how do I configure that? If I missed it please comment time stamp. Thanks guys. Special thanks to "Spaceinvader One" I've learned so much from your videos!
Did you figure this out? That's what I plan to do, assuming you just treat the one NIC the same way you would a PCIe 4port switch and follow the same steps?
The problem with adding the ethernet controller to the syslinux config is that then it isn't accessible over the network, which kinda defeats the purpose.
I still am having a problem i cant seem to find a fix for: is there any other way to stub an pcie device? My network-card and onboard-lan have the same vendore id and product id. therefore i am only able to stub all my networking ports. that way, i cant connect to unraid anymore
Thank you.
I'm so going to try this, i have a physical pfsense box and an overpowered unraid server. Would be great to only have 1 box running all the time
Hey Ryan. Best of luck. Should be fine. Make sure to set a static ip on your unRAID server as the pfSense vm will be your dhcp server so you will need unRAID to have a static ip when it boots before the pfSense vm starts up.
I bought a cheap 4-port GbE Intel NIC (YT674) off eBay as recommended, installed and I see it in the my UnRAID 6.5.2 system devices list. IOMMU grouping looks very similar to yours (2 groups, each with a bridge and 2 ethernet controllers, device ids of 8086:10d6). However, when I edit the syslinux config on the flash boot drive, insert vfio-pci.ids=8086:10d6 into my append string, and reboot... the UnRAID system still shows the network interfaces. I cannot figure out how to get UnRAID to let go of these network ports. any ideas?
looks like instead of vfio-pci.ids you now need to use pci-stub.ids?
Did you get it working? Similar problem!
need to use pci-stub.ids as the syntax... e.g. for my card, append pci-stub.ids=8086:10d6
neither append vfio-pci.ids=8086.10d5 or pci-stub.ids=8086:10d5 worked for me, both with and without the ACS patch enabled. Further digging required!
Ieuan Ellis I had a similar problem so I reenabled my onboard Ethernet port and that did. Quad nic disappeared. Hope that helps.
Great series. One problem I am having is that I'm running my unraid server with a supermicro board with 2 onboard ethernet nics. When I go to edit the flash file with the "vfio" command and reboot I lose access to my server on the network when it comes back up. When I reboot again and remove that line all is well. Is there a work around for this?
Hi Aaron. No, if your nic is a dual nic and each nic shares the same id then when you stub it in the syslinux config file it will isolate the whole controller from the host so you will not have network on the server. You are best to get a PCIe quad nic off eBay for around $20 and use that then you will be fine. Glad you are enjoying the series and thanks for watching :)
what if I changed the ISP DNS, I use a smart dns service for streaming. Pfsense recognize that?
I have FTTN connection but its a phone cable that is connecting to the router/modem, would DHCP work for me?
why did you change modems from open reach ? and i have same set up as you except 2 bt lines i merge so thats a pain for 100mb
Okay so after lots and lots of reading and testing I have come up with several config paths that will at least allow you to get pfSense installed on unraid 6.9.0-beta35 (and I assume other recent versions of unraid).
i440fx-5.1,OVMF, qcow, sata
q35-2.11,OVMF,qcow,sata
q35-4.0,OVMF,qcow,sata
all three of the above will at least allow you to make it through the install process as of 11/28/2020 I have not tested any further than the install (only to the first questions of if I want to configure vlans). These three configs avoid the issue I posted about previously on this video and do not require any of the other xml changes mentioned in the following links
forums.unraid.net/topic/55478-pfsense-in-vm-with-pci-passthrough-issues/
forums.unraid.net/topic/71071-video-guide-a-comprehensive-guide-to-pfsense-both-unraid-vm-and-physical/page/4/?tab=comments#comment-822768
forums.unraid.net/topic/88748-682-please-help-pfsense-wont-install/
forums.unraid.net/topic/85848-pfsense-vm-fails-to-boot-after-upgrade-to-680-rc8/
forums.unraid.net/topic/89837-pfsense-setup-help/
forums.unraid.net/topic/90744-new-pfsense-kvm-boot-error-internal-error-qemu-unexpectedly-closed-the-monitor/ (this one is interesting as it is also very recent)
Do also note: With all versions between q35-4.0 to the latest q35-5.1 i continuously received IRQ storms that made the install unworkable. If anyone finds away around this please share.
Followed every step but now stuck on VNC Remote, Click it and I get this message: guest has not initialize the display (yet).. I know this video is 2 years old now but was hoping still relevant.. anyone got any ideas?
Are there any drawbacks to running pfSense in a VM? Going to be finally doing the install this coming weekend when I move and I ordered a Unifi AP-Pro for my wireless access.
The drawbacks of using it in a VM are if you shutdown/restart your server then you will lose internet access in your home whilst the server is down. If your server is on 24/7 doesnt make any difference.
Thank you for the fast reply. Yeah my unRAID is on 24/7. Offloading my media server from my main rig allows me to power that down when I am not using it anymore. Is there anything I need to know when moving from a dedicated Router to pfSense VM? I was thinking just letting it assign the WAN a IP from the Router currently and assigning a new LAN IP Range to the pfSense config so they don't interfere with each other.
ugp that will be double NAT if you do that, so you will need to make sure you allow private network addresses to pFsense otherwise it will block traffic from your existing router ... however it’s not a good way to have it set up anyway ... turn your existing router into and access point instead
Can you install pfsense in a docker, I’m thinking of setting it up on a pi board that’s always on. But I also would like the pi to control ubiquity. I have to do more research but wanted to know if anyone is doing similar stuff.
14:37 How come and the wan interface has been assigned with a public-like ip (etc...173.22.58.77) and got an ip address of a privatelike network?? Was the modem in 192.168.2.1 and assigned the pfsense the 2.11?? So its still an internal ip?
Does all configurations with pfsense need to have your modem setup as bridged to pass through the connection? (Edit: probably the answer to that is in 15:42 that you choose instead of DHCP the PPOE protocol? In that case why you need a modem at all? Because PFSense cant modulate-demodulate ISP signal??)
Thank you
Dimitris Tsoutsouras pFsense is a router, not a modem - you still need a device to take your WAN service from your ISP (eg a modem) whether it’s ADSL, VDSL, NBN, Fibre ... they all come into some sort of modem/device which then connects to the WAN interface of pFsense ... an alternative to this would be if you are doing something like connecting multiple pFsense firewalls together, you probably wouldn’t be using a WAN interface expect on the master pFsense unit
Anybody able to help me out? I have everything set up like this video but when I boot up pfSense it doesn't show my NIC. I don't know what I am doing wrong. Thanks!
Spaceinvader got my Dual nics card but for the life of me I can’t get this to log in via my DrayTek 2860 router, I’ve entered the user name and password for my iSP Zen Internet but can’t get the wan side to function at all to make the connection. The router is making the connection fine, my setup is one single Ethernet cable from the router to a 24port switch and they disburse from there. Is there away that I can leave the router doing the connection and just run the Ethernet cable into pfsense and the output of pfsense to the switch as I’m losing the will to live 🤯
Where did you get all the extra icons?
I NEED them...
Excellent video's btw!
Thanks Medik, glad you like the videos. To install the extra icons take a look at this old video I made showing how. ruclips.net/video/LkW3niAWAHs/видео.html
@@SpaceinvaderOne WOW.... I just watched the icons video... rewatched, rewound, rewatched.... it's kinda tricky to me. I had to pull out the usb and put it in my laptop because there weren't instructions on navigating to it.
Next, it wouldn't run the Icon script because it said that the directory didn't exist... but we weren't shown how to navigate to that one either... when I tried with krusader, ithe folder's not there.
Whew. You make awesome videos man, but this one left me a little jaded.
For a future video I would really like to see how to config pfSense DMZ. My kids play games like Minecraft and Terraria and keep begging me to setup a gaming server for themselves and their friends. I refuse to do this on my local LAN, but would do so if I could figure out how to host a server in a DMZ that the local LAN and people from the Internet can access without exposing my local LAN. I currently have a pfSense router in use.
I will see what i can do subagon. Thanks for watching :)
Your videos are awesome and I am looking at running PFsense on my Unraid Server. My server has 4 x 1GB Ethernet ports on the Motherboard and I am only using one at the moment. They are all on separate IOMMU groups, but the same address so I cant for instance tell Unraid to not use the 3 other ports by using your trick in the syslinux config. So would want to use 1 x port for Unraid native and the 3 other ports for PFsense. Is it possible?
Hi Ian. Yes its very annoying when you cant blacklist the nics as they share the same id. You will have to put a 1 port nic in your server for unRAID to use then stubb the 4 port card in the syslinux for use with pfsense.
Hey thanks for the reply. It did dawn on my that that was an issue I was not going to get round. Hence I followed your advise and bought a for port HP intel nic for £12 off ebay. Pfsense is up and running - all because of your videos. Your awesome mate. Keep up the good work.
I'm all ready running PfSense on a dell 990 separate machine from my unraid box can I use the backed up configs from that machine and use them in a VM? it looks like I should be able to
Hi Dale. yes you can use the backed up config. You may just have to change the interfaces after thats all. thanks for watching:)
i second getting an update to this video - on unraid 6.9.0-beta35 and have tried using pfsense 2.4.3, 2.4.4, and 2.4.5 and no dice on any of them. I believe I have the nics in the proper state the issue seems to be the install location settings. When using your suggested settings of sata instead of VirtIO with qcow the install fails to even reach the first accept screen. I can change this to be VirtIO and it will then get the next screen but will fail to partition making the claim "No Disk Found. If you need to install a kernel driver, choose shell at the install menu". The above scenario has been repeatable for all 3 versions mentioned of pfsense. I have tried a fair number of the variations of Ovmf vs seabios as well as the suggestions here forums.unraid.net/topic/90744-new-pfsense-kvm-boot-error-internal-error-qemu-unexpectedly-closed-the-monitor/ , here forums.unraid.net/topic/85848-pfsense-vm-fails-to-boot-after-upgrade-to-680-rc8/ , and forums.unraid.net/topic/89837-pfsense-setup-help/ but have continued to come up empty
Hi mate can you do a video how you config a 2 nic one for the lan and the other to a pc I trie to do and I fail to connect to unraid PS love your videos
what is the format to have several entries? Is this correct
server:
private-domain: "example.com"
private-domain: "example2.com"
Spaveinvader great video i've finally got my thread ripper build complete, But I'm having issues installing this. Ok got everything done but its saying something about the iommu grouping. First I'm using the nic's on the board. i have a 10gb nic and two 1GB nic's. The 10Gb is used by unraid i have separated the 1GB nic's so unraid doesn't use it but it just won't install PfSense do i need a nic's card to get a separate iommu group. if its easier with a add in nic's i'll get that. Once again great vid
Update i've got a dual intel nic's on the way hopefully i can then separate that from the other iommu groupings and actually install the VM, But i don't want to by a modem will i be able to use my draytek 2860 router to make the connection i have access points setup already so I'm not reliant on router wifi
Hi Darren.Yes, I believe that you can put the 2860 into bridge mode to use it as a modem. However, I don't have a 2860 to check and see how to do this. Regarding the iommu yes the nics need to bein their own group without other hardware. Check my video (which should be up later today) about iommu. Thanks for watching :)
Spaceinvader One
Thanks, No worries think I’ll reach out to DrayTek and find out how to do it, yeah I bought a dual nics which I’ve installed just need to find out how to make it a modem and finish the install and enjoy. The video’s are great you are the only reason why I’m using unraid and doing all this crazy stuff lol keep up the exceptional video’s
Spaceinvader, I am following your video to set up a stand alone PFSense. However my Intel i219-V is not being detected by PFSense. Any help would be greatly appreciated. I'm at a loss and cant find any info on it.
Hi sbrock99. It should work as it does in freebsd of which pfSense is based on. Try updating the bios in the motherboard and see if that makes a difference. You could also try adding the driver. Some one on this thread a few years ago compiled a driver you could try adding it. Check the post by shoggot here forum.netgate.com/topic/91062/gigabyte-h170n-wifi-lga1151-ddr4-mitx-dual-intel-gbe-lan/16
Spaceinvader One thanks. I found that just downloading the latest RC worked. The stable release does not seem to support intel i219-v so hopefully they support it fully in the next stable release, until then I’ll live with the RC
I cant get this to work with the Intel 82576 Quad port gigabit adapter. I tinkered with this tutorial last week and was able to eventually get the LAN port working but decided to start over today. Now, I can only get the WAN port working. During boot it comes up with the error "failed to allocate interrupt" for the NIC. I've tried to search the pfSense and FreeBSD forums for a solution but so far nothing I have found works. Any ideas? I checked the NIC in Ubuntu and Unraid and it works fine on all ports.
Think I just fixed it.. Changed the bios from Q35-4 to Q35-2.11 and it sees my NIC.
Mobi you can also use i440fx too which should work
Hi Space
I have a HP DL380 server with 4 ethernet ports onboard + ILO port.
tryed to split the 4 nic's with the vfio-pci.ids=14e4:1639 option but didnt do anything and pfsense after deleting the virtual adapter says it cannot start up without a NIC.
Can you offer any advice?
Best regards from Portugal
Hi Nuno. So you stubbed the 4 ethernet ports with vfio-pci.ids=14e4:1639 . Did the 4 ports show up for passthrough in the vm manager under other pci devices, after rebooting the server? Also you do still have a nic for unRAID to use?
No, these 4 NICS are the server onboard NICS.
On the sys devices, the 4 NICS show the same value inside the [xx] like in the video, the ID i used to add to vfio.
After doing this, unraid kept the 4 NIC to itself, and nothing was available in the VM to use.
I wanted one for unraid, and to be able to pass at least 2 to a pfsense machine to replace ISP router.
Did not used the ACS overide yet.
Hi again
This is from spec for the server from HP
Two HP NC382i Dual Port Multifunction Gigabit Server Adapters (four ports total) with TCP/IP Offload Engine, including support for Accelerated iSCSI
This is the print from sysdevices
prntscr.com/kbso8w
Normal or some servers came out with that setup?
Either way, any advice is welcomed :P
Was trying to prevent buying a new gig board or anoter dual or quad nic card. :\ to add to the server
Best regards
to get through the install part i had to use i440fx-4.2
Anyway to passthrough mother board health in unraid to pfsense hardware monitor ? Thanks
Unfortunately not Tim. Thanks for watching.
How would i be able to do this with 4 on board intel NIC's ? is this possible
I am unable to get pFsense to install. Everytime I start the VM after following your instructions it hangs after the 5 second countdown. Then the shell comes up and I do not know what to do. Please advise.
I changed OVFM to SeaBIOS and I was successful
I could only get it to working in seabios as well
I've been using a physical pfSense box for over a year now. Decided to change from https to http after watching this video, but now I cannot login to pfsense gui. I had default login username and password but are no longer working. Not sure what to do now, please help.
Sorry for the late reply. Please try clearing your browser cache then you should be able to login as normal. Or try using another browser. Again sorry for the late reply. Thanks for watching :)
11:51 - Is anyone else getting stuck on "achich timeout... READ_FPDMA_QUEUED.... CAM status command timeout" ? I have set the vDisk Bus mode to SATA as instructed but I believe that's actually causing the issue. Something about the ACHI driver not working. Installing version 2.4.3
did you manage to fix it? I get the same error
Hopping for a little help I have a HP 435506-003 NC364T Gigabit Quad Port card and installed it in to my Unraid box followed your video checked it like 3 times and still can not get this card to work properly. It starts to work on boot up the cable modem has a blinking light to tell me if I have connection or not on the line. So what is going on is this I have the line in going to the first port on the HP card and when I boot the machine it starts flashing on the modem that it sees the LAN connection the just before unraid gets to the part of booting the HDD's the flashing stops the computer keeps booting but when it gets to where it should pull the passphrase down from the internet it pauses a minute and then boots to the dashboard and wants the pass code to unlock the drives. I give that code and all the drives unlock. funny thing is if I boot the machine with no cable in it and wait for the computer to boot and start the PfSense VM then plug in the cable from the modem then I get internet any help would be appreciated. and the logs do not really show any thing I think would be a error
So you are pulling the unlock key for the array from the internet to unlock your encrypted array. The problem here is the array must be started before the VMs start. So as the VMs havent started and the pfSense VM is giving you internet, it isnt running to download the key to unlock the drives. Really there is only 2 choices. You will have to manually put the key in each time the unRAID server reboots. Or you could pull the key locally from either your flash drive or something else on your network (maybe a raspberry PI?)
Have I answered your question or have I mis understood the problem?
is there a simple way to pull from the flash drive? I am thinking of ordering a pi zero just to hold the key file it runs off hardly any power but seems a little over kill. Or could I use my dd-wrt router to hold the key and then the unraid box could pull from there. could the same line in the go file be used to move the file I know it would have to be modded
Hi Dale have a look at bonienl's post on the unRAID forums here lime-technology.com/forums/topic/61973-encryption-and-auto-start/?tab=comments#comment-648148
I looked at that same page from one of your videos I got it from a still shot. I could use a little more help I have the keyfile on my router and it is accessible from the lan side only. I can ftp or smb to it but just can not get it to copy to my root directory could you post it so I can see or email to rott at bex .net I really want to get this working
Can I run pfsense with encrypted drives and some how use the remote key or is it run pfsense or remote key if you can do both maybe you could make a short video showing how
Thanks looking forward to your next video
If I want to passthrough two seperate network cards how do I do that? Do I just hit space and add the other id?
Pontus Thomsson separate by comma not space
A VM router for your home where the main media/file server/vpn server is reliant on the VM booting up and serving DHCP and internet is SO STUPID, but because it saves money, I have had it implemented this way for 8 years and it only failed me once when plex cache overflowed the cache drive that pfsense runs on. Every time I am asked how its set up they laugh, scoff, or their brain starts smoking. It's routing inception