Install pfSense Firewall on KVM


In this guide, we are going to learn how to install pfSense firewall on KVM. pfSense is a free and open source firewall and router that also features unified threat management, load balancing, multi WAN and many more features that are comprehensively described on pfSense features page.

Install pfSense Firewall on KVM

Install pfSense Firewall on KVM

Download pfSense installation ISO file

Navigate to pfSense iso downloads page and grab the latest installation iso file. Obtain the download link and pull the iso archive using wget command or any other download tool of your choice.

wget -c

Also download the checksum file to verify the integrity of the downloaded iso file above.

wget -c

Verify Integrity of downloaded pfSense ISO file

To ensure that the downloaded ISO file is not broken/damaged in some way, calculate the SHA256 hash of the file and compare the resulting hash with value contained in the checksum file downloaded.

sha256sum pfSense-CE-2.4.5-RELEASE-amd64.iso
fda93684669ad0b2b9e314a53d5c7272076484a6b714d60d5e06f14e1c7ce049 pfSense-CE-2.4.5-RELEASE-amd64.iso.gz

To display the contents of the hash file;

cat pfSense-CE-2.4.5-RELEASE-amd64.iso.gz.sha256
SHA256 (pfSense-CE-2.4.5-RELEASE-amd64.iso.gz) = fda93684669ad0b2b9e314a53d5c7272076484a6b714d60d5e06f14e1c7ce049

Once you have verified that the integrity of the archive file is okay, proceed to extract the iso file. pfSense iso archive file is created using the gzip tool and can be extracted using the gunzip command;

gunzip pfSense-CE-2.4.5-RELEASE-amd64.iso.gz

Install pfSense on KVM

You can choose to create the virtual machine using the virt-manager or simply create and start the vm install from the command line. In this demo, we chose the later.

Therefore, create pfSense virtual disk, say of 10G. Replace the paths accordingly.

qemu-img create -f qcow2 /home/koromicha/kvm/images/pfsense.qcow2 10G

Launch the installation of pfSense on KVM. Change the vm settings to suite your needs.

virt-install --virt-type kvm --name pfsense --ram 2048 --vcpus 2 \
--cdrom=/home/koromicha/Downloads/iso/freebsd/pfSense-CE-2.4.5-RELEASE-amd64.iso \
--disk /home/koromicha/kvm/images/pfsense.qcow2,bus=virtio,size=10,format=qcow2 \
--network default \
--network bridge=virbr1 \
--graphics vnc,listen= --noautoconsole \
--os-type=linux --os-variant=freebsd10.0

Note that you need to have the bridge interface created prior to assigning it to a vm.

Press ENTER to launch the installation of pfSense on KVM. After that, connect to the virt-manager console to complete the installation.

To connect to virt-manager, simpl run;


Otherwise, you can connect to pfSense domain console by running;

virt-viewer -c qemu:///system pfsense

Once the pfSense installer runs, it will prompt you to accept the copyright and distribution notice. Accept the notice to proceed with installation.

Install pfSense Firewall on KVM

Select Install to install pfSense to KVM

Install pfSense Firewall on KVM

Click Ok to continue. Accept the default keymap settings

Install pfSense Firewall on KVM

On disk partitioning, select Auto (UFS) Guided Disk Setup or any option of your choice.

Install pfSense Firewall on KVM

The installation then begins and when it completes, you should see such a screen;

Install pfSense Firewall on KVM

If you need to do any further manual configs, select Yes. Otherwise select No and proceed.

Reboot the pfSense virtual machine.

When it reboots, you are prompted configure VLANs, set the WAN and LAN interface. Enter your appropriate settings.

Install pfSense Firewall on KVM

When the pfSense virtual machine boots completely, such a screen welcomes you;

Install pfSense Firewall on KVM

If you noticed, the WAN interface is assigned dynamic IP addresses. If you need to set static IP addresses, simply select option 2, Set Interface(s) IP Addresses. For example, to set static IP address for WAN interface;

Install pfSense Firewall on KVM

You should now have a static WAN interface IP address.

Similarly, set the appropriate IP address for your LAN interface. This is the IP addresses with which you access pfSense from web.

Install pfSense Firewall on KVM

Access pfSense via SSH

By default, SSH is disabled on pfSense. To enable SSH logins, select option 14, Enable Secure Shell (sshd).

You can then access it using the assigned LAN IP address. Use the default credentials:

username: admin
password: pfsense
ssh [email protected]_IP

Access pfSense Web Interface

You can now access pfSense from web using the LAN IP address. pfSense uses self signed SSL certs and hence, you can access using the address, https://LAN_IP.

Note that pfSense uses same credentials to access the WebGUI and also SSH services Hence, login using the same credentials above.

Install pfSense Firewall on KVM

Upon successful authentication, you are welcomed by pfSense setup wizard.

Install pfSense Firewall on KVM

You can reset the admin password by clicking, Change the password in the User Manager or you can do the reset from the backend shell by selecting option 3, Reset webConfigurator password.

Go through the setup wizard to setup your pfSense firewall.

That marks the end of our guide on how to install pfSense firewall on KVM.

Related Tutorials

How to Install OPNsense on VirtualBox

How To Reset Or Recover Root Password On OPNsense

How to enable Secure Shell (SSH) server on OPNsense

Monitor Squid Access Logs with Graylog Server


  1. Hello good afternoon
    I would like to know if you can help me, I test this confid with ubuntu server 18.04 and 20.04 in both cases replicated the configuration you present but at the time of running the commands virt-manager and virt-viewer -c qemu:///system pfsense i have this response:

    Unable to init server: Could not connect: Connection refused
    Unable to init server: Could not connect: Connection refused
    Unable to init server: Could not connect: Connection refused

    (virt-manager:6241): Gtk-WARNING **: 22:28:39.443: cannot open display

    If i execute the command virsh console pfsense my Virtual Machine freeze in this:

    virsh console pfsense
    Connected to domain pfsense
    Escape character is ^]

    Can you help me??



Please enter your comment!
Please enter your name here