Contact UsGet started

pfSense

Updated September 9, 2025

pfSense is a multifunctional software router-firewall based on FreeBSD.

Key features: routing (including dynamic routing), firewall protection, NAT, DHCP server, load balancing, VPN (including OpenVPN and L2TP), dDNS, PPPoE, IDS, and proxying.

Benefits

  • Modular architecture.
  • Own package manager.
  • Built-in monitoring, logging, and reporting.
  • Firewall, intrusion detection and prevention systems (IDS/IPS), and antivirus.
  • Integrations with Security Onion, Wazuh, etc.
Deployment instructions

Alert

If you are creating a VM with more than eight interfaces, SSH may not be available on the first interface. SSH will most likely be available at the IP address of the ninth interface, but this is not guaranteed.

  1. Get an SSH key pair for connection to a virtual machine.

  2. Create a security group in the network where you will deploy the VM with pfSense and configure the following rules:

    Traffic direction Port range Protocol Destination / Source CIDR blocks
    Inbound 22 Any CIDR 0.0.0.0/0
    Inbound 25 Any CIDR 0.0.0.0/0
    Inbound 465 Any CIDR 0.0.0.0/0
    Inbound 587 Any CIDR 0.0.0.0/0
    Inbound 80 Any CIDR 0.0.0.0/0
    Inbound 443 Any CIDR 0.0.0.0/0
    Outbound All range Any CIDR 0.0.0.0/0

    Security groups are used in Yandex Cloud services to control network access to the object they apply to. If you assign a security group without rules to the network interface of a VM, the VM will not be able to send or receive traffic.

  3. Create a VM from a public image:

    • Under Image/boot disk selection, in the Product search field, enter pfSense and select the pfSense public image.

    • Under Network settings, in the Security groups field, select the security group you created previously.

    • Under Access:

      • Enter freebsd in the Login field.

        Warning

        You must not use admin or other logins. Use freebsd only.

      • Paste the contents of the public SSH key file in the SSH key field.

      Save the VM public IP address.

  4. Connect to the VM over SSH. To do this, use the freebsd username and the private SSH key you previously created.

  5. To access the console, click 8. Open root_password:

    ee /conf/root_password

  6. Copy the password. You will need it to access the web interface.

  7. In the browser, go to https://<VM_public_IP_address>/.

  8. Use the following parameters to connect to the service:

    • Username: admin.
    • Password: <password_from_root_password_file>.

    Change the password if needed.

Billing type
Hourly (Pay as you go)
Type
Virtual Machine
Category
Network infrastructure
Security
Publisher
OpenNix Cloud security
Use cases
  • Creating VPN connections between physical and cloud resources.
  • Protecting sites and applications.
  • Translating addresses.
  • Filtering traffic.
  • Routing on the internet.
  • Detecting intrusions (IDS/IPS).
  • Traffic monitoring.
  • Dynamic routing.
Links
pfSense documentationOpenNix official websiteIntegration with SecurityOnionIntegration with SnortIntegration with Suricata
Technical support

OpenNix
OpenNix provides support to pfSense users in Yandex Cloud. You can contact their support team by email at support@opennix.ru. Support is available on business days from 9 a.m. to 6 p.m., GMT+3.

Yandex Cloud
Yandex Cloud does not provide technical support for this product. If you have any issues, please refer to the vendor’s information resources.

Product IDs
image_id:
fd8ca4pmrvqpfvfqm0mn
family_id:
opennix-pfsense
Product composition
SoftwareVersion
FreeBSD14.0
pfSense2.7.2
wazuh-agent4.7.3
Terms
By using this product you agree to the Yandex Cloud Marketplace Terms of Service and the terms and conditions of the following software: End user license agreement
Billing type
Hourly (Pay as you go)
Type
Virtual Machine
Category
Network infrastructure
Security
Publisher
OpenNix Cloud security