*Disclaimer
This howto refers on VMWare Workstation Player using version 15.5 of the software and IPFire 2.23 Core 126. There's more way to do this, so if you want to improve the howto, you're welcome. Please do not delete anything that's not wrong.
Get the iso!
I prefer using ISO files for setup VM, so fully download the ISO File and keep in a handy place.
Create the Machine
Use the option "I will install the operating system later", then click Next.
As guest Operating System, pick Linux and Other Linux 4.x 64 Bit.
After defining the name of your VM, you're asked to choose the size of the disk and how it's stored.
20GB should be enough for most Firewall setups, but this value depends on the addons you need or you want to configure.
Split files is the default option, with smaller installation is easier to manage.
* IMPORTANT
Do not complete the creation of the VM without customizing the hardware!
VmWare Player is desktop-setup oriented, so most of the hardware proposed may not be interesting for create a firewall setup.
Also, at this point of the setup the virtual to physical network topology can be arranged in easier way than adjusting it later.
This is an example of a GREEN + RED network setup
with the RED interface bridged to current LAN adapter; for edit VmWare virtual adapter topology, use vmnetcfg.exe.
Quite useful is generate the MACAddress of the adapters when you add them , it will help to pick the right virtual adapter according to the role you designed while installing IPFire. Please take a note MAC Address .
Don't forget to set the ISO file as media for the CD/DVD Adapter and boot for setup IPFire.
Follow the handbook
The installation procedure should start correctly, so following the Installation Handbook is quite a great idea to have a running IPFire.
* installation
Access the web interface from RED
Into my setup RED interface lay on the same LAN that i use to connect internet on my pc. Default IPFire settings do not allow connection to webinterface from RED zone.
Login as root, then input this command
iptables -A CUSTOMINPUT -p tcp --dport 444 -j ACCEPT
and it will create a temporary access to port 444 from RED interface, which it will be gone at the reboot.
If you need a stable access from your LAN to RED interface, you have to create a rule like this one
don't forget to correct the source accordingly to your subnet.
Virtualization Tools
You can install Tools for managing Virtual machines from PAKFire.
Access to IPFire Menu, than click on Pakfire.
Look for openvmtools into Available Addons, highlight, then click on install button (marked as +).
Follow the Pakfire howto to complete the installation
* pakfire