OPNsense as NAT instance
After creating the virtual machine, you will be able to use SSH to connect and obtain a password to access the OPNsense web interface.
Connecting via ssh
ssh freebsd@public_vm_public_ip
Then run the command sudo su
and press 8
The file with the new password is available at the path
/conf/root_password
With this password you can log in to the web interface at https://публичный-ip-vm
.
Username: root
Password: from file
After successful authorization you can proceed with basic configuration, but first add permissions to the firewall for http and https(WAN interface)
Now let’s get to the settings.
On the right menu select System and then Wizard
The initial setup manager will be launched.
Click next. On the next screen, set
Hostname: | You can leave the current name, as it will be taken from the cloud metadata when deployed and will match the virtual machine name |
Domain: | You can also leave it as is |
Language: | Choose whichever one you prefer |
Primary DNS Server: | Primary DNS |
Secondary DNS Server: | Optional |
Override DNS: | [x]Allow DNS servers to be overridden by DHCP/PPP on WAN |
The rest of the settings are up to you
Click Next
Select your time zone
Move on to configuring the WAN interface. In my case, you can leave all parameters unchanged, because I use DHCP and no additional settings are required.
Then set the IP address for the LAN interface.
In my case it is 10.128.0.10/24
On the next screen you can change the password if you want
I left it as is and clicked Next
Do a reload
Wait for the page to refresh
Then activate the LAN interface by going to “Interfaces” and selecting “LAN” from the menu.
Make sure the IP address of your interface is configured correctly and click Save
Now it’s time to configure NAT
Go to the “Firewall” section, then select “NAT” and “Outbound”.
You can leave it as it is to start with.
Don’t forget to add Floating rules.
To do this, open me Firewall and select Floating
Then you can move on to the routing settings in the VK Cloud platform.