OpnSense - jacob-dinapoli/tech-journal GitHub Wiki

OpnSense is an Open Source Firewall and routing software, which is easy to use and build on all platforms. This software includes most of the features available in expensive and commercial firewalls, which brings a rich feature set of commercial offerings with the benefit of open and verifiable sources. Some features include forward caching proxy's, traffic shaping, and intrusion detection and easy OpenVPN setup. In the configuration below we will provide routing services between a Local Area Network and Wide Area Network within the VSphere environment.

  • First Step: Edit Settings
    • Make sure the Network Adapter 1 is set to the WAN.
    • Make sure the Network Adapter 2 is set to the LAN.
  • Second Step: Enter Login Info
    • The login was provided to us and is located on the home page in Canvas.
  • Third Step: Assign Interfaces
    • When you have the "enter an option" select 1 to reassign interfaces
    • Do not configure the VLANs for now
    • The WAN interface name should be changed to em0
    • The LAN interface name should be changed to em1
    • When prompted for an optional interface just select
  • Fourth Step: Set Interface IP address
    • Select 2 to Set Interface IP address
    • Select 2 again to pick the WAN interface
    • Do not use DHCP to configure the WAN IPv4 address
    • Enter the address of 10.0.17.x, where X is your assigned /24 octet.
    • We are using a 24 bit subnet mask.
    • for the WAN, the upstream gateway is 10.0.17.2.
    • Use the gateway as your IPv4 name server as well, so put yes.
    • Put no for configuring the WAN interface via DHCP6.
    • Press to bypass the IPv6 configuration.
    • Respond NO to revert to HTTP as the web GUI protocol.
    • This will use a secure https.
  • Fifth Step: Configure LANs Interface
    • Select 2 to set Interface Ip address.
    • Select 1 to pick the LAN interface.
    • Do not use DHCP to configure the WAN IPv4 address.
    • Enter the new LAN Ipv4 address: this will be 10.0.5.2.
    • We are using a 24 bit subnet mask.
    • There is no upstream LAN gateway, so press .
    • Put no for configuring the LAN interface via DHCP6.
    • Press to bypass the IPv6 configuration.
    • Put no for the DHCP server on LAN.
    • Respond NO to revert to HTTP as the web GUI protocol.
  • Sixth Step: Network Configuration on Windows desktop
    • Make sure Network Adapter 1 is on the LAN.
  • Seventh Step: Internet Protocol
    • Edit the Internet Protocol Version 4 Properties.
    • Make sure the IP address is "10.0.5.100"
    • Make sure the subnet mask is "255.255.255.0"
    • Make sure the default gateway is "10.0.5.2"
    • Click use the following DNS server address and input "10.0.5.2"
    • The hostname/computer name should be set to wks01-jacob-dinapoli
  • Eighth Step: Navigate to LAN IP address
    • In a web browser, go to "https://10.0.5.2"
    • Bypass the certificate warning
    • Use the same login when logging into the OpnSense console.
  • Ninth Step: Changing the Defaults
    • System Wizard: General Information
    • Change the hostname to fw1-jacob-dinapoli.
    • Change the domain name to jacob-dinapoli.local.
    • System Wizard: Configure WAN Interface
    • Uncheck the "Block private networks from entering via WAN." in the RFC1918 Networks tab You are all finished! OpnSense is now configured!
⚠️ **GitHub.com Fallback** ⚠️