How To Install pfSense Firewall On a Hard Disk Drive With Serial Console Support On the Soekris net5501 Router

I‘m looking to install pfSense 2.2.x and I would like to install it on a hard disk drive rather than CF (compact flash). How can I install hard disk install via serial console on the soekris net5501 server?

USB booting for the net5501 is not supported. You need to use net6501 with comBIOS version 1.41. However, you can use the following method to install pfSense using a desktop or laptop computer.[donotprint]

Tutorial details
Difficulty	Advanced (rss)
Root privileges	Yes
Requirements	Linux/OSX
Time	20m

[/donotprint]

My sample setup

1. Dell laptop running Ubuntu Linux LTS latest stable.
2. External USB universal drive adapter which connect any 2.5″ or 3.5″ hard disk to a Mac or Linux based PC.
3. 2GB Usb stick (/dev/sdc).
4. Soekris net5501

Procedure

1. Download pfSense.
2. Write pfSense installer image to a USB pen.
3. Attach hard disk to an external USB universal drive adapter.
4. Install pfSense on a hard disk.
5. Complete the installation.
6. After installation attach back hard to the net5501 router.
7. Configure the serial console.
8. Configure the firewall.

DATA LOSS Warning: By choosing the wrong destination one of the system hard disks could be erased! Check and recheck the disk selection before writing an image including USB pen and destination hard disk.

Step 1: Download pfSense

Visit this page to grab the correct version:

Type the following wget command:
$ wget wget http://files.uk.pfsense.org/mirror/downloads/pfSense-memstick-serial-2.2.4-RELEASE-i386.img.gz
$ wget https://files.pfsense.org/hashes/pfSense-memstick-serial-2.2.4-RELEASE-i386.img.gz.md5
$ ls
$ md5sum -c pfSense-memstick-serial-2.2.4-RELEASE-i386.img.gz.md5
Sample outputs:

-rw-r--r--  1 vivek  staff  99324384 Jul 27 04:32 pfSense-memstick-serial-2.2.4-RELEASE-i386.img.gz
-rw-r--r--  1 vivek  staff        91 Jul 27 04:34 pfSense-memstick-serial-2.2.4-RELEASE-i386.img.gz.md5
pfSense-memstick-serial-2.2.4-RELEASE-i386.img.gz: OK

Step 2: Wrtie pfSense memstick image

Use the dd command as follows as root user:
# gzip -dc pfSense-memstick-serial-2.2.4-RELEASE-i386.img.gz | dd of=/dev/sdc bs=1M

Step 3: Boot from a usb stick/pen

I’ve attached both bookable USB pen and hard disk to my Dell laptop. Turn on the laptop. Press F12 to select boot menu (check your bios settings for more info). Select USB storage device:

Step 4: Installation

pfSense will start installation from a USB pen. You will be prompted as follows to start an installer:

Next accept the console settings (or change it as per your need):
At the Select Task prompt, choose “Custom Install”. If you select “Quick/Easy Install”, the installer will install pfSense on the first located disk. I’ve multiple disk in my laptop. So I selected the “Custom Install” option:
Finally, select a disk. I’m going to install it on my WDC-160 GB SATA 2.5 hard disk which is connected to my laptop via an external USB universal drive adapter:
Now, the installer will continue wiping the selected disk WDC and installing pfSense. Copying files may take some time to finish. Feel free to click the following images to see the exact steps:

Would like to format WDC disk?

Select disk geometry (accept default)

Confirm disk formatting

Partition disk as per your need

Create slices

Format slices

The disk was partitioned

Make sure you install bootloader on this WDC disk

Bootloader was successfully installed

Select partition to install pfSense

Confirm it

Parition was formatted

Set / and swap area (defaults are fine)

Installing pfSense

For Soekris embedded device select NO VGA/Keyboard option i.e. use serial console to see boot options

Reboot the system?

Note down the default config LAN IP and username/password.

Step 5: Install hard disk in your embedded soekris device

You need to mount WDC 160 GB hard disk on your embedded soekris server. Once installed you can boot the device and continue with firewall configuration.

Step 6: Connecting to the serial console

The primary console interface of the Soekris boards is the external serial port on my net5501. The soekris default port speed set to 19200 baud. But, pfSense set it to 115200 baud. You can use any one of the following command to (assuming a serial line on /dev/ttyUSB0):
$ cu -l /dev/tty00 -s 115200
OR
$ screen /dev/ttyS0 115200
Sample outputs:

NOTE: To change the BIOS speed from default to 115200 on the net5501 router:
Press control-P to jump into the comBIOS monitor and set the speed:
> set ConSpeed=115200
> reboot

Step 7: Configure the firewall

Type the following url:
http://192.168.1.254/
OR
http://192.168.1.1
Here is my firewall:

You can use the same technique to install Linux, FreeBSD, OpenBSD or any other operating system on hard disk drive for the net5501 router. It is also possible to use PXE boot for installing Linux/{Free,Open,Net}BSD as described here.

Hardware and software used

• Router hardware Soekris net5501
• PCI ADSL card for net5501 (open source Linux driver available)
• NewerTech universal drive adapter for accessing data on IDE, ATA, ATAPI, and SATA drives.
• Firewall software pfSense project.

Category	List of Unix and Linux commands
File Management	cat
Firewall	Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04
Network Utilities	dig • host • ip • nmap
OpenVPN	CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04
Package Manager	apk • apt
Processes Management	bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time
Searching	grep • whereis • which
User Information	groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w
WireGuard VPN	Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04