pfSense is a widely used open-source Firewall product. Azure provides the commercial version of pfSense, but for some open-source fans, they'd like to create their own pfSense on cloud. Here is an example of how to create your own pfSense on Azure. This example requires you have a Windows 10, Windows 2016 Server, or Windows 2012R2 server, and that Hyper-V is enabled.
Install pfSense 2.3.4 on a VHD
Download pfSense CE 2.3.4
Create a VM with generation 1 and a 20G vhd from HyperV Manager, and install pfSense. Accept all default settings and select quick installation. Please note, using a vhd less than 20G is also okay.
After installation, log in and choose:
14) to enable sshd
8) to login shell
Install waagent
Update pkg ('su' to become root)
# pkg upgrade
Install python, setuptools, and bash:
# pkg install -y python27-2.7.13_3
# pkg install -y py27-setuptools-32.1.0_1
# ln -s /usr/local/bin/python /usr/local/bin/python2.7
# pkg install -y bash
Download waagent (v2.2.14):
# fetch https://github.com/Azure/WALinuxAgent/archive/v2.2.14.tar.gz
untar the package, and install it:
# python setup.py install
Enable udf
Download udf.ko here or from another shared link. Please see the links at the end of this blog post for additional information.
Copy udf.ko to /boot/kernel
Add the following lines into /boot/loader.conf:
kldload udf
console="comconsole"
vfs.mountroot.timeout=300
Add autostart script for waagent
Don't forget to make it executable by "chmod +x waagent.sh"
[2.3.4-RELEASE][root@pfSense.localdomain]/usr/local/etc/rc.d: cat waagent.sh
#! /bin/sh
/usr/local/sbin/waagent –daemon
[2.3.4-RELEASE][root@pfSense.localdomain]/usr/local/etc/rc.d: chmod +x waagent.sh
Upload the VHD to Azure
Learn more about how to upload the VHD to Azure.
Links and reference
The following are udf.ko and pfsense2.3.4.vhd for your reference. The SSL certificate is self-signed, please ignore the error.
udf.ko
pfsense2.3.4
Quelle: Azure
Published by