Remotely installing PFSense to hard drive with VGA and without CD-ROM

FreeBSD is great for certain tasks (such as firewalls and other embedded devices), but has some real shortcomings when it comes to booting from attached or remote storage. This severely complicates the installation process in some cases.

In my case, I have a remote server in a rack with no CD-ROM. Pulling the server from the rack and plugging in an IDE/SATA CD-ROM is not an option, as there is no physical access at the current moment (I’m about 90 miles away on travel). So far the following methods of getting FreeBSD / PFSense installed have failed miserably:

1. Boot CD-ROM ISO over PXE (current memdisk). Negative.

2. Boot CD-ROM ISO from USB CD-ROM. Negative.

3. Boot CD-ROM ISO from virtual storage (IPMI CD-ROM). Negative.

OK, so it’s 2010 and FreeBSD can’t boot from anything other than a plain old IDE/PATA CD-ROM (which isn’t an option). Seriously, WTF?

So back to the drawing board. Let’s try some other more or less obvious options:

4. Burn PFSense embedded image directly to hard drive using the same instructions for CF memory. Negative. I even watched the serial console through IPMI – nothing.

5. Boot embedded image from network (memdisk). Negative.

All five of these methods have failed.


Time to use brute force, and if this doesn’t work I am banning FreeBSD from my life.

Yank HDD from laptop, throw in a spare, and boot the CD-ROM on the laptop.

Proceed to install PFSense.

Boot into Linux (or FreeBSD, doesn’t matter) rescue mode CD with network connectivity.

Copy the HDD image off to a remote site:

Remote machine (intermediary storage server, in this case my mirror box):

nc -l -p 2222 | dd of=pfsense.img.gz

Local machine (laptop):

dd if=/dev/sda conv=sync,noerror bs=64K | gzip -c -9  | nc mirror.ash.fastserv.com -p 2222

Once you’ve got the image, it’s time to boot the target PFSense machine into the same Linux/FreeBSD rescue mode and copy the image to the HDD. In the previous step, my working directory was the /pub folder on a public HTTP mirror. This allows me to burn the image directly over HTTP in the following step:

wget -O- http://mirror.ash.fastserv.com/pub/pfsense.img.gz | gzip -cd | dd of=/dev/sda

Much to my surprise, this actually worked! The saving grace for FreeBSD/PFSense, is that it’s able to be installed on one machine, then booted on another. Now on to learning how to use PFSense and configuring firewall rules.

If you want a copy of the HDD image to save you over half of this hassle, you can find it HERE. It was created with an 80Gb HDD so you’ll need at least an 80Gb disk for this to work. Good luck, you’ll probably need it.

4 Responses to Remotely installing PFSense to hard drive with VGA and without CD-ROM

  1. Our 2.0-BETA3 image features a couple of changes that allows for booting from USB-CDRom as it has the newer USB stack features in 8.X.

  2. Randy says:

    Hey Scott,

    Thanks for the info. I’ll be sure to check it out and likely roll it into production once it becomes stable.

    I’m happy FreeBSD is becoming more flexible: now all they need is a kickstart/preseed mechanism that works over PXE/network 🙂

  3. Timothy B says:

    Wrting raw image worked for Supermicro X8SIE-LN4F using 2.0.1-RELEASE-…amd64_vga

    HOWEVER, the boot stalled out at IPSec initialization. This is after quite some time changing the BIOS to make the SATA look like IDE, and other IPMI struggles.

    Apparently this is a problem being experienced on -some- hardware, which is not terribly defined…. I’d suggest before installing pfSense that you check FreeBSD compatibility with the hardware you have, using the fork of FreeBSD that pfSense uses for its particular version.

  4. Randy says:

    Not the best performance compared to bare metal but PFSense 2.x works great on Xen/XenServer HVM’s. For small tasks you might look into this otherwise gotta play the hardware roulette game.