Changes between Version 7 and Version 8 of noc2018/agenda/PfsenseBasics


Ignore:
Timestamp:
Dec 4, 2018, 7:08:16 PM (5 years ago)
Author:
admin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • noc2018/agenda/PfsenseBasics

    v7 v8  
    3636 - Select storage type to '''Fixed size''' and '''Continue'''
    3737
    38  - Make sure virtual hard disk file name in following format
    39 
    40  '''pfsense.instXY.ac.lk'''
     38 - Make sure virtual hard disk file name in following format '''pfsense.instXY.ac.lk'''
    4139
    4240 - adjust the disk size to '''10.0GB''' and click on '''Create''' to create the VM
     
    4947 - Click on the '''Network''' title
    5048
    51  - On '''Adapter 1''' While ''Enable'' Network Adapter selected choose Attached to be '''Bride Adapter'''. This virtual interface will work as the WAN port of the firewall (Can be connect from out side).
     49 - On '''Adapter 1''' While '''Enable''' Network Adapter selected choose Attached to be '''Bridge Adapter'''. This virtual interface will work as the WAN port of the firewall (Can be connect from out side).
    5250
    5351 - On '''Adapter 2''' While '''Enable''' Network Adapter selected choose Attached to be '''Internal Network'''. Default name is '''intnet'''. keep it that way. This virtual interface will work as our LAN port (Can't connect from out side).
     
    6361 - Right click on VM to make a '''Normal Start''' VM. You should now see a separate window with PFSense Installation screen
    6462
    65 == Pfsense Installation ==
    6663
    6764=== Initial Installation ===
     
    7168 - Next, press '''Enter''' to Accept copyright notice,
    7269
    73 - Select Install and press OK
    74 
    75 - Select "Continue with default keymap"
    76 
    77 - Select "Auto (UFS)" for Partitioning and click OK
    78 
    79 - Now the Installation is finished So it will ask to enter to a manual modification state, Select No and enter.
    80 
    81 - Now Reboot, As soon as it start to reboot power off the vm manually, Go to settings of the vm and remove the iso image from Storage.
     70- Select '''Install''' and press '''OK'''
     71
     72- Select '''Continue with default keymap'''
     73
     74- Select '''Auto (UFS)''' for Partitioning and click '''OK'''
     75
     76- Now the Installation is finished So it will ask to enter to a manual modification state, Select '''No''' and enter.
     77
     78- Now Reboot, '''As soon as it start to reboot power off the vm manually''', Go to settings of the vm and remove the iso image from Storage.
    8279
    8380- Then Start the vm
     
    8582=== First Bootup ===
    8683
    87 '''note :''' If you reboot your vm manually you will be prompted straight to the pfSense [#point1 configuration user interface]. But do not worry it will not effect on your firewall
    88 
    89 After rebooting, you will get the a screen with available interfaces to configure the network.
    90 
    91  - The first option is presented as '''VLAN’s''', simply here say No by pressing '''n''' and '''enter'''.
    92 
    93  - There are two interface’s em0 and em1, pfSense will ask which interface to use as WAN and which interface to use as LAN. Press '''a''' and '''enter''' to auto configure the interfaces. please note that in this case pfSense is intelligent to assign correct virtual interfaces as WAN and LAN ports, Because only one interface can be connect from out side. Even if the interfaces are wrong you can assign them correctly later.
    94 
    95  - It will ask for the '''confirmation''' and you can proceed with '''Y''' and press '''enter''' to continue to the
    96 
    97 == [=#point1 pfSense Console Configuration] ==
    98 
    99 pfSense console configuration interface has the basic configuration options in pfSense. You can select these options by typing there index number and pressing enter.
    100 
    101 === Assign WAN & LAN Interfaces ===
    102 
    103  - Note that WAN and LAN Interfaces are assigned by PFSense itself. To change that press '''1''' and '''enter'''
    104 
    105  - The first step is presented as '''VLAN’s''', simply here say No by pressing '''n''' and '''enter'''.
     84After booting, you will get the a console screen with available options and summaries. pfSense console configuration interface has the basic configuration options in pfSense. You can select these options by typing their index number and pressing enter.
     85
     86=== Assign Interfaces ===
     87
     88In this pfSense installation we will have two networks as WAN and LAN. For the box to work we need to assign connected NIC's to these networks.
     89
     90 - To assign interfaces to networks press '''1''' and enter
     91
     92 - It will ask you to assign VLANs, press '''N''' as we don't need it now.
     93
     94 - There are two interface’s '''em0''' and '''em1''', pfSense will ask which interface to use as WAN and which interface to use as LAN.
    10695
    10796 - To select em0 as WAN interface type '''em0''' and press '''enter'''
     
    10998 - To select em1 as LAN interface type '''em1''' and press '''enter'''
    11099
    111  - We do not need optional interfaces so press '''enter''' at the next step
    112 
    113100 - Do you want to proceed? press '''y''' to say yes and '''enter'''
    114101
     
    128115 - Press '''n''' and '''enter''' to disable http on WAN interface
    129116
    130  - You will be prompted back to main interface.
     117 - You will be prompted back to main interface after pressing Enter when it prompts.
    131118
    132119=== Assign LAN IP addresses ===
     
    136123 - To change the WAN interface IP Address press '''2''' and '''enter'''.
    137124
    138  - Enter the LAN Ip address as ''' 10.XY.1.254'''. Enter subnet mask as '''24'''. We are going to have this IP address as our LAN's gateway IP. Do not give any parameters to gateway on LAN. Just press enter.
    139 
    140  - We are not going to have an IPv6 address for LAN at this point. So just Press enter.
     125 - Enter the LAN IP address as ''' 10.XY.1.254'''. Enter subnet mask as '''24'''. We are going to have this IP address as our LAN's gateway IP. Do not give any parameters to gateway on LAN. Just press enter.
     126
     127 -  Enter the LAN IPv6 address as ''' 2401:DD00:XXXX:WXYZ::FFFF''. Enter subnet mask as '''64'''. We are going to have this IP address as our LAN's gateway IPv6. Do not give any parameters to gateway on LAN. Just press enter.
    141128
    142129 - To enable DHCP server on LAN press '''y''' and press enter
    143130
    144131 - For this workshop our LAN DHCP range is 10.XY.1.10 to 10.XY.1.50. Give start and end IP addresses in next steps.
     132 
     133 - When it asks to enable dhcp for IPv6 press '''n''' as we are not to enable dhcpv6 at this time
    145134
    146135 - Press '''n''' and '''enter''' to disable http on WAN interface
     
    181170On your Server vm log in and edit ip configuration `sudo nano /etc/netplan/50-cloud-init.yaml`
    182171
    183 **Change** IP addresses to match your addresses 
     172'''Change''' IP addresses to match your addresses 
    184173
    185174{{{
     
    277266Save and Apply Changes
    278267
    279 
    280 
    281 
    282 
    283 
     268Now you can use your host machine's web browser to login to your pfsense box web configurator using its WAN address.
     269
     270== Interfaces ==
     271
     272In this menu we can re-do assigning interfaces, assigning IP addresses etc. As we have already done that using CLI, we will skip this.
     273