How to install pfSense 2.5 & Feature Overview

The pfSense 2.5.0 Snapshot was just released a few hours, the perfect time to create a tutorial! In this guide, we will learn how to install pfSense 2.5 and we will go through the new features that are introduced with pfSense 2.5. I think the biggest news is that pfSense 2.5.0 will NOT require AES-NI! This is huge because it was the biggest fear of everyone running older hardware. AES-NI requires relatively up to date hardware, so this would have made a lot of pfSense appliances obsolete. I am glad to hear this myself.

But let’s dive right in! Let’s have a look at the new features before we install pfSense 2.5 on VirtualBox.

This tutorial covers the Development Version of pSense 2.5. You should only install or upgrade to a development version if you know what you are doing.

Although this is the Development Version of pfSense 2.5, this tutorial can be used to install pfSense 2.5 as soon as the live version is released. The steps are the same.

pfSense 2.5 Changes

pfSense version 2.5 is based on FreeBSD 12.0. This brings a couple of updates with it by itself.

  • OpenSSL 1.1.1a
  • Newer drivers
  • Improvements to ARM support
  • pf, carp, UFS, ZFS, Amazon EC2, NTP, and many other bug fixes
  • Upgrade to PHP 7.3 and Python3 .6 (PHP 7.2 will reach EOL in November 2019 and Python 2.7 goes EOL in January 2020)
  • Deprecation of relayd Server Load Balancer
  • AES-NI not required

 

pfSense 2.5 New Features

Let’s go over the most important features. For the full and detailed list, see the official release notes.

  • sshguard now blocks both, ssh and the GUI, using a single table.
  • Added DNS over TLS host verification
  • Numerous bug fixes

As you can see, it’s not too much, the biggest update is probably the upgrade to FreeBSD 12.0 along with all the changes this brings with itself.

 

 

Step 1 – Downloading pfSense 2.50

Now we get to the exciting part! Checking out the latest installer and see what has changed with the installation routine!

To install pfSense 2.5 on Virtualbox, we first need to download the latest snapshot. If you also install pfSense 2.5 on VirtualBox, choose the

pfSense-CE-2.5.0-DEVELOPMENT-amd64-latest.iso.gz file and download it. Once downloaded, right-click the iso.gz file and extract it using 7zip.

You should end up with a pfSense-CE-2.5.0-DEVELOPMENT-amd64.iso file.

 

Step 2 – Creating a new VirtualBox VM

Time to create a VirtualBox Virtual Machine. Open VirtualBox and select New.

Enter a Name, as Type select BSD and as for Version select FreeBSD (64-bit). Click Next.

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

Allocate at least 512MB of RAM. Click Next.

Choose to Create a virtual hard disk now. Click Create.

Select VDI and click Next.

Select Dynamically allocated and click Next.

Choose a location where you want to save your Virtual Machine, assign enough Hard Disk Space (8GB or more) and click on Create.

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

 

 

Configuring the Virtual Machine

Right-click the newly created Virtual Machine and click Settings.

Optionally, go to System -> Processor and assign 2 CPU cores if your hardware allows it.

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

 

Go to the Network tab next.

Now, if you want your pfSense 2.5 in VirtualBox has access to your existing Internet connection, select the following:

  • Adapter 1
    • Enable Network Adapter
    • Attached to: Bridged Adapter (This will use your existing internet connection on the pfSense WAN interface via your own routers DHCP server)
  • Adapter 2
    • Enable Network Adapter
    • Internal Adapter (This depends on how you want to use your pfSense in VirtualBox, you could also choose Bridged here if you want pfSense to be connected to your physical network. Just be aware to not run two DHCP servers on the same network!)

If you don’t want that your pfSense 2.5 has Internet available and just want to use pfSense in a laboratory environment, also choose Internal Adapter for Adapter 1!

Click on OK once you are done with this.

 

 

Step 3 – Install pfSense 2.5 on VirtualBox

Now on to the installation routine. Right-click your Virtual Machine, select Start -> Normal Start.

Select the pfSense 2.5 ISO file that you have downloaded and extracted earlier.

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

 

Click on Start.

Now we go through the pfSense 2.5 installation routine. Let’s see what’s new here!

Install pfSense 2.5

Accept the Copyright and distribution notice.

Select Install from the Welcome screen.

Choose a Keymap of your choice by selecting it and pressing Enter. Select continue with …. keymap and press Enter.

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

 

For Partitioning, the choice is yours. Choose either Auto (UFS) or the newer Auto (ZFS) filesystem. I recommend Auto (ZFS).

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

For the ZFS Configuration go with the following:

  • Pool Type / Disks:
    • Stripe
    • Select ada0 VBOX HARDDISK by pressing Space

Leave everything else on default. When you are done it should look something like this. Make sure the Partition Scheme is on GPT (BIOS).

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

 

Finally, select Install and hit Enter. Agree with YES in the following warning. Select No for the Manual Configuration question. Select Reboot.

You have to choose Devices -> Optical Drives -> Remove Disk from virtual drive -> Force Unmount in VirtualBox, otherwise pfsense will boot in the installation routine again. Once removed, select Machine -> Reset.

Now, pfSense is booting up your freshly installed system. So far, the installer is exactly the same as in pfSense 2.4. Nothing new here.

If you did everything correctly, pfSense should assign the interfaces automatically.

Once this is done, you end up in the Welcome Screen.

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

 

Here we can see that our LAN interface has the IP of 192.168.1.1/24. pfSense automatically has a DHCP server configured. We can also see that WAN has got an IP Address from my existing Router / DHCP Server on my local network.

Now connect a client computer to the same network as your pfSense’s LAN interface is connected to and open a Web Browser.

 

Step 4 – pfSense 2.5 Configuration Wizard

Enter 192.168.1.1 in your Web Browser. If you use Firefox, click on Advanced -> Add Exception to add a security exception. Don’t worry about it. If you want to fix this, I got you covered.

Log in with the default credentials:

  • Username: admin
  • Password: pfsense

On the first dialogue click Next.

On Step 1 of 9 click Next.

On Step 2 of 9 click Next or change the Hostname and Domain of your pfSense.

On Step 3 of 9 select your Timezone and click Next.

On Step 4 of 9 if you choose Bridged Network for your Adapter 1 settings above, leave it on DHCP. If you need to enter credentials provided by your ISP, choose PPPoE for SelectedType. This highly depends on your setup. If you have a modem connected to the WAN interface if your pfSense firewall, you most likely need to select PPPoE.

Scroll to the bottom and click on Next.

On Step 5 of 9 either change the default LAN IP Address and Subnet Mask or leave it as default and click Next.

On Step 6 of 9 change the default Admin Password. Click Next.

On Step 7 of 9 click Reload.

On Step 9 of 9 click Finish.

Install pfSense 2.5 on VirtualBox

 

 

 

 

 

 

And there we go. pfSense is completely installed and ready to use.

Conclusion

I didn’t see any difference in the installer or configuration wizard when I compare pfSense 2.4 with pfSense 2.5. The major changes that come with FreeBSD 12.0 and pfSense 2.5 are more on the backend. Better driver support, bugfixes, and updated software versions. That’s a good thing tho. There doesn’t need to be a ton of new features every release if you have lots of stuff to fix on the backend.

Make sure to check out my YouTube Channel and the pfSense Category for more pfSense Tutorials!

 

 

 

Tell us what you think!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: