Changes between Version 3 and Version 4 of Cnbp2019/Agenda/pfSenseSetup


Ignore:
Timestamp:
Mar 10, 2019, 5:23:01 AM (5 years ago)
Author:
admin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • Cnbp2019/Agenda/pfSenseSetup

    v3 v4  
    3030    • We are going to have a static IP for WAN Interface. So press n and enter to avoid pfSense to configure the interface IP by DHCP.
    3131    • Enter the '''WAN IP address''' assigned to you as '''192.248.7.PQ''' and enter. Give a subnet mask as '''24''' and gateway in the next steps. You can find your IP allocation from the [wiki:Cnbp2019/Agenda/IpAllocation IP table], WANv4 gateway for the lab is '''192.248.7.254'''
    32     • Do the same for IPv6 address, WANv6 gateway for the lab is '''2401:dd00:2000::ffff'''
     32    • Next, you will be asked to configure WAN Ipv6 address via DHCP. Press '''n''' and enter to avoid DHCP address.
     33    • In the next step enter the Ipv6 address of WAN interface. Enter '''2401:dd00:2000::ffXY''' as your WAN Ipv6 address and '''64''' as subnet mask. In the next step enter WANv6 gateway for lab as '''2401:dd00:2000::ffff'''
    3334    • Press '''n''' and enter to disable http on WAN interface
    3435    • You will be prompted back to main interface after pressing '''Enter''' when it prompts.
     
    3839    • To change the LAN interface IP Address press '''2''' and '''enter'''.
    3940    • Enter the LAN IP address as '''192.168.XY.254'''. Enter the subnet mask as '''24'''. We are going to have this IP address as our DMZ's gateway IP. Do not give any parameters to the gateway on LAN. Just press enter.
    40     • Enter the LAN IPv6 address as '''2401:DD00:20XY:1::FFFF'''. Enter the subnet mask as 64. We are going to have this IP address as our LAN's gateway IPv6. Do not give any parameters to the gateway on LAN. Just press enter.
     41    • Enter the LAN IPv6 address as '''2401:DD00:20XY:0::FFFF'''. Enter the subnet mask as 64. We are going to have this IP address as our LAN's gateway IPv6. Do not give any parameters to the gateway on LAN. Just press enter.
    4142    • To enable DHCP server on DMZ press '''y''' and press enter
    4243    • For this workshop, our DMZ DHCP range is '''192.168.XY.10 to 192.168.XY.50'''. Give start and end IP addresses in the next steps.
     
    117118
    118119Go to Interfaces -> LAN
    119 Ipv4 Configuration Type : Static IPV4
    120 Ipv4 Address : 10.XY.0.2 , Prefix length : 30
    121 Ipv4 Upstream gateway : none
     120* Ipv4 Configuration Type : Static IPV4
     121* Ipv4 Address : 10.XY.0.2 , Prefix length : 30
     122* Ipv6 Address : 2401:dd00:20XY:1::ffff , Prefix length : 64
     123* Ipv4 Upstream gateway : none
     124* Ipv6 gateway : none
    122125
    123126=== Add internal route ===
    124127
    125 Add a firewall rule to allow from LAN to outside
     128Add internal route allow connectivity to LAN network, Before add an internal route we will need to add a Gateway to use for the route.
     129
     130go to System > Routing  and go to Gateways tab. Click add button to add a  gateway.
     131
     132    • Interface: LAN
     133    • Address Family: IPv4
     134    • Name : LAN_GW
     135    • Gateway : 10.XY.0.2
     136    • Description : Gateway for LAN
     137       
     138go to System > Routing  and go to Routing tab. Click add button to add a  route.
     139    • Destination network: 10.XY.0.0 , and select 16 as prefix length
     140    • Gateway: Select above created gateway from drop down list.
     141    • Description: LAN Network
     142
     143=== Add a firewall rule to allow from LAN to outside ===
    126144
    127145go to Firewall > Rules > LAN > Add to end