pfSense is a widely used open-source Firewall product. Azure provides the commercial version of pfSense, but for some open-source fans, they’d like to create their own pfSense on cloud. Here is an example of how to create your own pfSense on Azure. This example requires you have a Windows 10, Windows 2016 Server, or Windows 2012R2 server, and that Hyper-V is enabled.
Install pfSense 2.3.4 on a VHD
- Download pfSense CE 2.3.4
- Create a VM with generation 1 and a 20G vhd from HyperV Manager, and install pfSense. Accept all default settings and select quick installation. Please note, using a vhd less than 20G is also okay.
- After installation, log in and choose:
- 14) to enable sshd
- 8) to login shell
- Update pkg (‘su’ to become root)
# pkg upgrade
- Install python, setuptools, and bash:
# pkg install -y python27-2.7.13_3 # pkg install -y py27-setuptools-32.1.0_1 # ln -s /usr/local/bin/python /usr/local/bin/python2.7 # pkg install -y bash
- Download waagent (v2.2.14):
# fetch https://github.com/Azure/WALinuxAgent/archive/v2.2.14.tar.gz
- untar the package, and install it:
# python setup.py install
- Download udf.ko here or from another shared link. Please see the links at the end of this blog post for additional information.
- Copy udf.ko to /boot/kernel
- Add the following lines into /boot/loader.conf:
kldload udf console="comconsole" vfs.mountroot.timeout=300
Add autostart script for waagent
Don’t forget to make it executable by “chmod +x waagent.sh”
[2.3.4-RELEASE][root@pfSense.localdomain]/usr/local/etc/rc.d: cat waagent.sh #! /bin/sh /usr/local/sbin/waagent --daemon [2.3.4-RELEASE][root@pfSense.localdomain]/usr/local/etc/rc.d: chmod +x waagent.sh
Upload the VHD to Azure
Learn more about how to upload the VHD to Azure.
Links and reference
The following are udf.ko and pfsense2.3.4.vhd for your reference. The SSL certificate is self-signed, please ignore the error.