OPNsense as NAT instance
After creating the virtual machine, you will be able to use SSH to connect and obtain a password to access the OPNsense web interface.
Connecting via ssh
ssh freebsd@public_vm_public_ipThen run the command sudo su and press 8
The file with the new password is available at
/conf/root_password With this password, you can log in to the web interface at https://публичный-ip-vm
Username: root
Password: from file.
After successful authorization you can proceed with basic configuration, but first add permissions to the firewall for http and https(WAN interface)
Now let’s get to the settings.
In the right menu select System and then Wizard
The Initial Setup Manager will be launched.
Click next. On the next screen, set
| Hostname: | You can leave the current name, as it will be taken from the cloud metadata when deployed and will match the virtual machine name |
| Domain: | You can also leave it as is |
| Language: | Choose whichever one you prefer |
| Primary DNS Server: | Primary DNS |
| Secondary DNS Server: | Optional |
| Override DNS: | [x]Allow DNS servers to be overridden by DHCP/PPP on WAN |
The rest of the settings are as you wish
Click Next
Select your time zone
Let’s move on to configuring the WAN interface. In my case, you can leave all parameters unchanged, as I use DHCP and no additional settings are required.
Then set the IP address for the LAN interface.
In my case it is 10.128.0.10/24
The next screen allows you to change the password if you wish
I left it as it was and clicked Next
Reload
Wait for the page to refresh
Then activate the LAN interface by going to “Interfaces” and selecting “LAN” from the menu.
Make sure the IP address of your interface is configured correctly and click Save
Now it’s time to configure NAT
Go to the Firewall section, then select NAT and Outbound.
You can leave it as it is for starters.
Don’t forget to add Floating rules.
To do this, open me Firewall and select Floating
Then you can go to the routing settings in the Yandex Cloud platform.