Install pfSense nanobsd 2.0 to thumb drive
This how-to describes the steps needed to take to run pfSense from a USB thumb drive.
The instructions should also work with other non-embedded hardware.
Step 1, Download pfSense Image
Download a pfSense image from . I used the pfSense-2.1.5-RELEASE-4g-amd64-nanobsd_vga.img.gz image file.
Step 2, Write image to thumb drive
See Writing Disk Images for instructions on writing the image to a drive.
Step3, Run the pfSense Install
Eject the thumb drive from the computer and plug into the computer that will run pfSense. Be sure the BIOS is set to boot from the thumb drive, then it should boot up. Follow the pfSense installation instructions to setup the NICs and other necessary items.
Step 4, Resolve USB mountroot error
To ensure the drive is mounted properly on the next boot, run the following:
/etc/rc.conf_mount_rw echo kern.cam.boot_delay=10000 >> /boot/loader.conf.local
The kern.cam.boot_relay=10000 line may also be added to /boot/loader.conf.local from the GUI using Diagnostics > Edit File.
Without the above setting, on bootup an error that looks like this block of text will be encountered: 
Trying to mount root from ufs:/dev/ufs/pfsense0 ROOT MOUNT ERROR: If you have invalid mount options, reboot, and first try the following from the loader prompt: set vfs.root.mountfrom.options=rw and then remove invalid mount options from /etc/fstab. Loader variables: vfs.root.mountfrom=ufs:/dev/ufs/pfsense0 vfs.root.mountfrom.options=ro,sync,noatime Manual root filesystem specification: <fstype>:<device> Mount <device> using filesystem <fstype> eg. ufs:/dev/ad0 eg. cd9660:/dev/acd0 This is equivalent to: mount -t cd9660 /dev/ad0 / mountroot>
Reboot the device and select Option 3 (boot from USB) from the pfSense loader menu. pfSense will fully boot. Once booted, select Option 8 to go to shell.
In Shell, type the following command to make the file system writeable .
Then, type the following command to add a boot delay to /boot/loader.conf.local. This allows the USB devices to be fully detected before the disk mount is attempted.
echo kern.cam.boot_delay=10000 >> /boot/loader.conf.local
Note: /boot/loader.conf.local must be used instead of /boot/loader.conf because loader.conf.local is preserved across upgrades.
hw.ata.atapi_dma="1" hw.ata.ata_dma="1" hw.ata.wc="1"
Run the following command to To make the file system read only.
Type the following to exit shell
When back at the pfSense menu, reboot the firewall.
Thanks to the users of the pfSense Forum who have experienced and solved these issues before me. I wrote this how to after I had issues setting up pfSense on a thumb drive. After a bit of Googleing I had solutions to my problems. I linked to the various forum threads for further reading.
[Ed Note: Additional changes have been made to bring this document up-to-date and correct some information -jimp]