Inspired by this post, I’m basically re-creating it with copy/paste commands instead of images of the commands and updating the partitioning portion as I found some steps the original author took are no longer required.
Create your droplet
- Login to your DigitalOcean Dashboard and create a new droplet
- Select ‘FreeBSD 11.1 x64’ as your droplet image
- Select the data center region of your choice
- Check mark ‘Private Networking’ and ‘IPv6’ if you want it
- Add your SSH key
- Enter a hostname
- Click ‘Create’
Once the droplet has been created boot it up, grab the public IP and SSH into it as root.
Note: If you don’t SSH in as root put “sudo” in front of all of the commands after step 7
- Go to https://www.pfsense.org/download/
- Select ‘AMD64 (64-bit)’ as the architecture
- Select ‘USB Memstick Installer’ as the installer
- Select ‘VGA’ for the console
- Pick which ever mirror you want
- Right click the ‘Download’ button and choose ‘Copy Link Location’
- On your SSH connection to your droplet run the following command:
cd /tmp curl -O <URL FROM STEP 6> # Example curl -O https://nyifiles.pfsense.org/mirror/downloads/pfSense-CE-memstick-2.4.4-RELEASE-p1-amd64.img.gz
- Disable SWAP
- Enable debug mode for GEOM, more info on why here
- Write the ISO of pfSense to /dev/vtbd0
gunzip <PFSENSE DOWNLOAD> | dd of=/dev/vtbd0 bs=512k # Example: gunzip -c pfSense-CE-memstick-2.4.4-RELEASE-p1-amd64.img.gz | dd of=/dev/vtbd0 bs=512k
- You can now reboot the droplet and the the pfSense installer will start
Go back to the DigitalOcean interface, select your droplet and open the console window
- Once the installer starts hit <ENTER> to accept the copy right notice
- Choose ‘Install’
- Choose ‘>>> Continue with default keymap’
- Choose ‘Manual’
- Delete everything listed EXCEPT for vtbd0, vtbd0s2 and vtbd0s2a
- Highlight vtbd0 and press ‘C’ and choose ‘OK’
- Select vtbd0s1 and press ‘C’
- Change the mount point to “/” and choose ‘OK’
- Choose ‘Finish’
- Choose ‘Commit’
- The installation will now progress, once complete choose ‘No’ and ‘Reboot’
Once the droplet reboots you’ll be at the initial configuration wizard for setting up pfSense. Since this is deployment specific I will leave it to you to configure.
17 thoughts on “How to install pfSense in DigitalOcean”
Thanks for sharing this small and to the point setup. You have really done it the easy way. However, I don’t have the normal server of DO but instead I own the managed DigitalOcean web hosting server which is powered by Cloudways. So, can I pursue the installation of pfsense with the managed DO server. You can check the features of the managed DO server by clicking on the below mentioned link: cloudways.com/en/digital-ocean-cloud-hosting.php
Thank you. All the credit goes to the original author. All I did was transcribe some screenshots and update a few steps.
…can’t get this working. I get this message on the very last step: “No root partition was found. The root pfSense partition must have a mount point of ‘/’.”
note: FreeBSD 11.1 is no longer available. I’m using 11.2.
never mind. I was doing step 8 incorrectly.
No worries. Thank you for the update. Saved me going back through my documentation to make sure I hadn’t made a mistake :)
Thanks for putting this documentation together. I’ve had to do it a couple of times now and I can get through it in less than 10 min.
In case you want to update the article, swapoff /dev/gpt/swap does not work. You have to do swapoff /dev/gpt/swap0 or swapoff -a
Hope this helps.
Thanks for the info. I’ve updated the original post.
Thank you, Thank you, Thank you !!!
I have gotten this to install pfSense successfully, but on boot my digital ocean pfSense box won’t detect network settings for the interface. It continuosly gets stuck in Configuring WAN interface….and then shows either “interface down” or it’s not drawing DHCP on the WAN interface.
Could this have something to do that the earliest version of FreeBSD I can select is v11.3? I have options for 11.3 or 12.0 in UFS or ZFS but no 11.1.
I honestly do not know. I’m no longer using my pfSense Droplet so I can’t test if these steps still work on 11.3.
You might try the pfSense Forums or IRC.
same issue here… did you find a solution?
Try configuring the server with a static ip instead of dhcp.
You can find the settings on the networking option tab in the control panel.
i configured it with a static ip and it is working for me.
I did not have success running these exact steps using FreeBSD 11.3 ZFS. When I ran gunzip, it didn’t write anything to the disk (indicated by 0 bytes written). Instead, what I needed to was write the .img file using dd (like dd if=pfSense.img of=/dev/vtbd0 bs=1m).
It’s been a while since I wrote this and I don’t use pfsense anymore.
Verify that the disk is still ‘/dev/vtdb0’ and hasn’t changed to something else with the newer version of FreeBSD and ZFS. You should be able to list the disks attached to the VM with ‘fdisk -l’
Excellent tutorial, kudos to you.
Hi All, just adding that step 8 required me to add “sudo” infront.
$ sudo swapoff -a
swapoff: removing /dev/gpt/swap as swap device
As without the sudo the droplet just doesn’t want to do it.
Digitalocean removed FreeBSD support from the droplet creation process.
Anyone tried to create a pfsense droplet with an uploaded custom image?