Create PfSense.md #13
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| In order to boot PfSense via iPXE, | ||
| you need to do the following: | ||
|
|
||
| 1. Download ISO from https://nyifiles.pfsense.org/mirror/downloads/pfSense-CE-2.3.4-RELEASE-amd64.iso.gz | ||
|
|
||
| You should also check the SHA256 hash: | ||
| `sha256 -c 610b2a8c696e1d1854845d553ce8540debaab9d78ed6c15ce83872eaeac9d05f pfSense-CE-2.3.4-RELEASE-amd64.iso.gz` | ||
|
|
||
| 2. Extract the ISO contents to a directory called | ||
| `images/pfsense` in TFTP root: | ||
| `gzip -d pfSense-CE-2.3.4-RELEASE-amd64.iso.gz` | ||
|
|
||
| In order to extract the contents, you need to mount | ||
| the ISO with following commands (example from FreeBSD): | ||
| `mount_cd9660 /dev/$(mdconfig -a -t vnode -f pfSense-CE-2.3.4-RELEASE-amd64.iso) /mnt` | ||
|
Member
There was a problem hiding this comment. @pkubaj on Debian like systems it would be easier to use this: There was a problem hiding this comment. Considering that most of our target audience (and our validation team) use Linux, please provide examples using some modern, popular distro (e.g. Debian). FreeBSD examples are also welcome, but shouldn't be the only one - sorry :) There was a problem hiding this comment. @miczyg1 it looks that rsync couldn't transfer some files attributes exactly (like read/write/execute permissions). |
||
|
|
||
| To mount the ISO from GNU / Linux use: | ||
| `mount -o loop pfSense-CE-2.3.4-RELEASE-amd64.iso /mnt` | ||
|
|
||
| Then: | ||
| `rsync -avvP /mnt/ /srv/tftp/images/pfsense/` | ||
| You need to have `rsync` installed. | ||
|
|
||
| 2. Relevant entry in DHCP server config: | ||
| `option root-path /srv/tftp/images/pfsense;` | ||
|
Member
There was a problem hiding this comment. @pkubaj I would appreciate to prepare a solution for a network without running DHCP server on linux machine. Please provide necessary kernel command line with nfs options if possible. I will be able then to reproduce it
Author
There was a problem hiding this comment. Sorry, this time you must adjust to the standard :) |
||
| `/srv/tftp/images/pfsense` is the path to the extracted ISO. | ||
|
|
||
| 3. Relevant entries in PXELINUX config: | ||
| ``` | ||
| label PfSense | ||
| menu label PfSense | ||
| pxe images/pfsense/boot/pxeboot | ||
| ``` | ||
|
Member
There was a problem hiding this comment. @pkubaj why don't you add this entry to our configuation of PXE server ? |
||
|
|
||
| The path `images/pfsense/boot/pxeboot` is relative to TFTP root directory. | ||
| It's a path to the PXE loader in the extracted PfSense installation image. | ||
|
|
||
| Unfortunately, there's no mechanism for unattended installation of PfSense. | ||
|
Author
There was a problem hiding this comment. There's just no reference to unattended installation in the docs or in the official forum. It's possible though too install with Foreman. Also, OPNSense, which forked from PfSense, also doesn't support it.
Member
There was a problem hiding this comment. @pkubaj please add this information as note to documentation. It would be very helpful for future developers. |
||
| PfSense documentation doesn't mention this: | ||
| https://doc.pfsense.org/index.php/Installing_pfSense | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe this is redundant. Please choose between providing the hash in command to execute or asking people to check it using the site. IMHO, I'm not a huge fan of putting such "harcoded" values in documentation (it's doing redundancy with the image owner's site).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have removed the info about website. SHA256 is hardcoded, because the command uses it.