OPNsense as NAT instance

After creating the virtual machine, you will be able to use SSH to connect and obtain a password to access the OPNsense web interface.

Connecting via ssh

ssh freebsd@public_vm_public_ip

Then run the command sudo su and press 8

The file with the new password is available at the path

/conf/root_password 

With this password you can log in to the web interface at https://публичный-ip-vm.

Username: root

Password: from file

After successful authorization you can proceed with basic configuration, but first add permissions to the firewall for http and https(WAN interface)

Now let’s get to the settings.

On the right menu select System and then Wizard

The initial setup manager will be launched.

Click next. On the next screen, set

Hostname:You can leave the current name, as it will be taken from the cloud metadata when deployed and will match the virtual machine name
Domain:You can also leave it as is
Language:Choose whichever one you prefer
Primary DNS Server:Primary DNS
Secondary DNS Server:Optional
Override DNS:[x]Allow DNS servers to be overridden by DHCP/PPP on WAN

The rest of the settings are up to you

Click Next

Select your time zone

Move on to configuring the WAN interface. In my case, you can leave all parameters unchanged, because I use DHCP and no additional settings are required.

Then set the IP address for the LAN interface.

In my case it is 10.128.0.10/24

On the next screen you can change the password if you want

I left it as is and clicked Next

Do a reload

Wait for the page to refresh

Then activate the LAN interface by going to “Interfaces” and selecting “LAN” from the menu.

Make sure the IP address of your interface is configured correctly and click Save

Now it’s time to configure NAT

Go to the “Firewall” section, then select “NAT” and “Outbound”.

You can leave it as it is to start with.

Don’t forget to add Floating rules.

To do this, open me Firewall and select Floating

Then you can move on to the routing settings in the VK Cloud platform.