I am trying to set up a pfSense router to use as a separate network from my main network but I am having some problems. I have set up an configured the pfSense router and have it up and running but I can’t seem to get the internet working on it. It is running on a VM in ESXi 6.7 and I have a virtual switch set up that takes in the internet from my ISP’s router into the pfsense VM as the WAN connection. Then another virtual switch going from the pfSense VM LAN into the other VMs.
PfSense was getting an IPv6 and IPv4 address but I couldn’t connect to the internet from it. Then I tried putting it in the DMZ of my ISP’s router nothing really changed. When I set up the pfSense box I unchecked the “Block RFC1918 Private Networks” and “Block bogon networks.”
My ISP requires the router WAN be set up with VLAN Tag 2 and VLAN priority as 3 so I also tried setting that up while the pfSense box is in the DMZ but with this configuration pfSense doesn’t get any IP addresses.
What is the best way to go about this? Should I keep the pfSense box in the DMZ or not? Am I doing something wrong?
By all accounts, connecting your pfSense in the first way you described should have worked. Do you have multiple physical NICs connected to the virtual switch in ESXi? I’ve found pfSense wigs out when there’s more than 1 physical NIC to 1 virtual switch in the VM (odd as that sounds)
Unless you know what you’re doing with IPv6, turn it off on the PFSENSE side (or use pfsense as the isp router).
pfsense will be (Possibly) sending ipv6 router advertisements to the rest of your network advertising itself as the default gateway to everything (for ipv6), including your ISP router.
Resulting in a routing loop…
I turned off IPv6 and turned off automatic DNS, Gateway, etc on the VM I had connected pfSense and that worked. Thanks for your help!
Haha. Called it.
I’ve burned myself that way before. 
I set up pfsense in a lab network, left ipv6 turned on, it sent router advertisements over my LAN to advertise itself as the default ipv6 gateway. broke routing for my entire network.
If you know what you’re doing with ipv6 you can likely fix it trivially (left as an exercise to the reader), but the quick fix is just don’t run ipv6 on a pfsense instance inside your LAN unless it is your real internet router. Otherwise, due to the way router advertisements work in ipv6, you’ll probably break your internet access.
For the record - this isn’t a pfsense problem - same thing will happen with any ipv6 capable routing box in the same circumstances.