Suggestions about a cheap pfsense box?

Hello everyone,

I have been messing around with VMware for a while now, and I am deciding to get a pfsense router with Wifi support and specifically looking for this Wifi feature in the wifi adapter ( Multiple User-Multiple Input Multiple Output ), so that the wifi adapter can talk to the access point integrated to the modem we have at home, since my dad won’t let my even go near the modem at all. My plan is to have a pfsense box that is connected to my laptop through Ethernet cable to routes all my external requests to the modem through wifi, and have a private NAT subnet for my VMs to talk. The reason I want to do this is, because my laptop now has 32 GB of ram and 1 TB nvme hard drive and it is literally being wasted just setting there with nothing on it, also it would be nice to experiment with real routers like pfsense instead of doing internal NAT in VMware!

At least thank you for reading if you can’t help :slight_smile: !

@miguel I am sure you can help me with this!

I installed pfsense inside my VMware ESXi box. Works great. But unless you can do VLANs, it’s better with two physical ethernet interfaces.

If your laptop has wifi and ethernet, then you can use one interface to connect to your father’s network, and the other interface to create your own network. You can do all this inside VMware as well.

Otherwise, if you have an old PC, even an old junky one, you can use that for pfsense.

I will keep my eyes open for an old computer for you too…

1 Like

oh, finally I did it with ubuntu 20.04!
Thank you!

Ubuntu router VM:

  • external IP: [ obtained through dhcp which is translated from the host machine address ]
  • internal IP: [ used as the gateway for a LAN segment called Ubuntu router ]

The [ C1 ] VM and the [ Ubuntu router ] VM are both connected to the [ Ubuntu router ] LAN segment. The [ Ubuntu router ] is connected to the host through NAT.

if I add another VM, like [ C2 ]. It will get to access the internet.

now I can use Iptables on [ Ubuntu router to restrict access, allow specific IP’s, Limit network speed for a specific client on the subnet, allow or disable access from one VM to another through the Ubuntu router, and most impotently is drop all traffics from the VMs to my home LAN so that I can go learn more about kali linux without getting anyone access to my home network through the VM that I am using to learn. All that up there was just to block the VM from accessing my home LAN since I am not really that smart about running specific commands and I always want to experiment and see how things work even if they get the VM hacked or controlled by some malicious codes!

mainly followed Ubuntu forum [ this is the link ] instructions on this site, but I had to tweak lots of things since they don’t do it in the way I want it

@miguel I am planning on messing around with pfsense, but it will take me some time to adopt to FreeBSD since the first linux distro’s I am comfortable with the most are Debian based distro’s.

@miguel take a look at the bandwidth on LAN from one client to the other using iperf3.

FreeBSD isn’t Linux :slight_smile:

Here’s my iperf3:

So for pfsense, I just put it inside a ESXI vm, and it’s the only VM that has access to the outside NIC, which is connected to my modem. The internal VM network is the same network as my switch.

Wow, is that just pfsense is faster?

I don’t know how your network is setup, but on a LAN, if your packets have to be processed at any time, it’s going to slow things down. Which is why we tend to segment the LAN right at the router, either using a physical or virtual switch, and maybe even a VLAN.

Like if your packets are being “routed” on a LAN, then every single one needs to be looked at before being forwarded.

Whereas if you’re just on the same network segment (layer 2 segment), then great, all your packets just go direct, with the frames being processed by the switch.

I actually have the same setup where I am taking one IP that is NATed from my host dhcp IP.

  1. Host connected to wifi.
  2. Host address [ ]
  3. Ubuntu-Router [ ] gateway [ ]
  4. Ubuntu-Router LAN segment [ ] which is routed by the Ubuntu router through Iptables to [ ].
  5. Client virtual machine #1 [ ]
  6. Client virtual machine #2 [ ]

The way I did this test is, that on [ Client virtual machine #1 ] I have iperf3 running as a server iperf3 -s on [ Client virtual machine #2 ] I have iperf3 running as the client iperf3 -c and the speed I get on that LAN segment is about 3.67 Gbps.

I think the reason you got that speed 23.0 Gbps on the LAN segment might be because you are running a type 1 hypervisor like Vmware Esxi , but the reason I got this speed 3.67 Gbps might be because I am running a type 2 hypervisor like Vmware workstation pro!

Even the ping from 1 host to another on the LAN segment is really good!