The lab I am going setup it looks some what like this:

Pentest Lab

Here pfsense is both firewall and router. So that I can setup both internal and external pentesting lab.



What is pfSense firewall?

pfSense is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a computer to make a dedicated firewall/router for a network and is noted for its reliability and offering features often only found in expensive commercial firewalls. It can be configured and upgraded through a web-based interface, and requires no knowledge of the underlying FreeBSD system to manage. pfSense is commonly deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server, and as a VPN endpoint.

The name was derived from the fact that it helps make the stateful packet-filtering tool PF (which acts as a firewall, packet filter, and routing service on many BSD and Unix platforms) make more sense to non-technical users.

Installing and Configuring pfSense

Step 1: Install VMware

Step 2: download .iso image from link given above

Step 3 :goto VMware –> File –> New virtual machine –> Typical


Configuring pfsense

Step 4: For PfSense you need add 2 network adapter. So that you can have 2 different network. For both internal and external pentesting

  • First network adapter you have keep it in Bridge Mode


  • Second network adapter should be custom mode(VMnet 2)

Penetration Test Lab

Pentest Lab setup

Step 5: finish –> run the machine.


Configuring the pfSense:

    • Automatically takes the option by itself

pfsense Network configure

    • Press I to launch installer.

pfsense pentest Lab

    • Select “Accept these setting”

VLan Pfsense

    • When it prompts for VLAN setup, just type “n” and hit enter

WAN Pentest Lab

    • Name the WAN interface as em0
    • Name the LAN interface as le0

Pentesting pfsense

The above step creates an IP address for the WAN interface automatically. This is shown in the figure below.

Network Firewall

Now, let us hit enter. We will be prompted for the subnet mask bit count.
Enter 24 as shown below.
Pentest Lab Firewall

Hit enter 3 times to get the screen to configure DHCP service for private LAN.
Pfsense Pentesting

As we can see in the above figure, we need to enable DHCP server on LAN interface by typing “Y”.

Checking connectivity from pfSense to public users
Now, let us see if we are able to ping the host machine.

Select “Ping host” by typing 7 in the command line as shown below.

Using pfsense in VMware

Then enter the IP address of the host machine. We should see it getting responses.

Configuring private network
Setting up Kali Linux, window 7 , windows servers :

Assign the network adapter for every machine same has pfSense (VMnet 2)

Pentest Lab in VMware

    • Check IP address in kali, windows 7 and window server

Setting up pfsense

Let us open up a browser and type in in the URL. We should see pfSense’s login screen as shown below.

pentesting in VMware

The default username is “admin” and password is “pfsense”. Consider changing your password after logging in for the first time.

VMware firewall

We should see the dashboard as shown in the above figure. We can play around with various settings available in pfsense.

Now both public and private network is created using VMware