• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 878
  • Last Modified:

Windows 2008 Hyper-v and pfsense / ddwrt

Hi,

I have a question for the crowd.

We have a DL360 G5 laying around with an intel 1000 PT quad port network interface card, Windows 2008 standard and a requirement for 2 OpenVPN clients.
 
I have been looking into using pfsense for this task, but having some issues with the implementation, I have experience with both pfsense and untangle on dedicated machines, but the virtualization aspect has me a little stumped.

Does anyone have experience with this setup, or a suggestion for something better?

Cheers

Leon
0
Leon Kammer
Asked:
Leon Kammer
  • 6
  • 3
1 Solution
 
Cliff GaliherCommented:
You can start by describing the problem. "I'm having some issues with the implementation" isn't exactly descriptive.
0
 
Leon KammerAuthor Commented:
Hi.

Sorry for the lack of description.

I have created the virtual machines, setup the NICs as external legacy adapters.
We can connect to the devices connected to the LAN interface, but cannot get out of the internal network.

The WAN and LAN interfaces both have valid IPs.
The WAN has been assigned 192.168.1.44/16 and can ping the address from the internal network.
The LAN has an IP of 192.168.10.1/16 and we cannot ping this, but can connect to the configurator.
I can see all the devices connected to the LAN connection on the network, and can connect to LAN side of the router. but there is nothing getting past the main gateway.

Leon
0
 
InfamusCommented:
First of all 192.168.1.0/16 overlaps with 192.168.10.1/16

192.168.1.0/16 covers from 192.168.1.0 to 192.168.255.255
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Leon KammerAuthor Commented:
Hi infamus,

Sorry for the misleading information, I just checked, and the IPs are 192.168.1.44/24 and 192.168.10.1/24
It's getting late here, the IPs are on 255.255.255.0, not 255.255.0.0

Cheers

Leon
0
 
Cliff GaliherCommented:
Did you also create two virtual networks? Connecting both VM NICs to the same virtual switch will not accomplish what you want.
0
 
Leon KammerAuthor Commented:
Hi Cliff, thanks for the response.

Yes, I have created 2 External virtual networks for the 2 NIC ports used by pfsense.
These have been assigned to the VM as "WAN" (00:15:5D:01:28:07) and "LAN" (00:15:5D:01:28:06)

From what I am understanding now, (in the physical world), what I have essentially done is take the WAN and LAN sides of a router and plugged them directly into a layer 2 device?

So, what should the setup be?
Do I need to separate the connections into VLANs?

Cheers

Leon
0
 
Cliff GaliherCommented:
Nope, shouldn't be necessary. Based on how you described network flow, the issue is not the virtualization setup, but is a configuration of traffic routing within the VM OS itself.
0
 
Leon KammerAuthor Commented:
Hi Cliff,

Thank you very much, I am quite new at this virtualisation concept.
I understand what you are getting at, and will make the adjustments within PFSense.

Thanks again.

Cheers

Leon
0
 
Leon KammerAuthor Commented:
Many thanks, easy to understand.
0
 
Leon KammerAuthor Commented:
For sake of clarity.

When attempting to setup the network adapters within Hyper-V, it creates a local area connection within the parent OS.
Removing all protocols from the created connections forces the VM to use the physical adapter, and therefore creates what is called a dedicated connection within 2008R2 Hyper-V and later.

This is what was causing the issue, PFSense was seeing the network interface created by the network manager, not the physical NIC.

Cheers

Leon
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now