Sorry, I do not speak English, I try to translate the step I took, after reading several documents online
If someone can use the steps to configure your firewall in Microsoft Azure
FreeBSD Azure
1- Create MV FreeBSD 11.0 https://docs.microsoft.com/en-us/azure/virtual-machines/windows/classic/tutorial
2- Create another additional network interface https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface
3- Attach the NIC to a VM https://www.petri.com/add-network-interface-azure-vm
4- Connect with ssh MV
Before we have to enable the root user by ssh
$ sudo vi / etc / ssh / sshd_config
Locate the following line that is disabled
#PermitRootLogin on
Uncomment the line and change it in yes
PermitRootLogin yes
$ sudo /etc/rc.d/sshd restart
$ sudo passwd root
Changing local password for root
New Password:
Retype New Password:
5- Follow the next steps on the page https://github.com/opnsense/update#
$ sudo pkg install ca_root_nss
$ sudo fetch https://raw.githubusercontent.com/opnsense/update/master/bootstrap/opnsense-bootstrap.sh
Connect with WinSCP Transfer Attachment file configure.xml
Edit the opnsense-bootstrap.sh file and comment the line
$ sudo vi opnsense-bootstrap.sh
#reboot
$ sudo sh ./opnsense-bootstrap.sh
Before the MV restarts you must do this step, otherwise you will not have access to the MV
Open another end with the root user and copy the file
#cp config.xml /usr/local/etc/config.xml
After a successful restart, OPNsense should be up and running, Can improve the configuration to your liking
Connect via web interface https://<ip>/
6- Portal Azure Configure Route Table https://campus.barracuda.com/product/nextgenfirewallf/article/NGF62/AzureARMUDRWebPortal/
Rute table does operation NAT and redirection traffic the OPNsense
If there is anything else to improve, please suggest
Thanks OPNsense Teams, that's what I can contribute
Hi Bulmaro,
Thank you very much for this. Your English is just fine. :)
May I move this to the Tutorial / How-To forum?
Small improvements:
o "sudo" should always be lowercase
o config.xml, not configuration.xml
o copying config.xml can be done before package install, /usr/local/etc/config.xml should not be overwritten by the bootstrap process
o the former makes the opnsense-bootstrap.sh edit obsolete
Cheers,
Franco
Thanks Franco for the observation, I made small changes of your observation.
I think it's a good idea to move to the Tutorial section
I would suggest you to use sudo -s or sudo -i as all operations require root privileges. This way you don't have to type sudo all the time and you should use code tags.
Thanks Fabian, interesting tips
Hi,
Thanks for the instructions - I've successfully installed and can access OPNsense via web interface, but I'm having a couple of big initial problems with the Azure FreeBSD VM.
1. Immediately after restarting the Azure vm (after installing OPNsense) I am unable to SSH to the VM - I can only access OPNsense and the VM generally via web interface
2. I am unable to create an azure backup of the VM - there appears to be a problem with the azure agent following OPNsense install and first restart.
Any idea why I am doing wrong or what I can do to fix?
Thanks in advance.
check
System> Settings> Administration
if it is enabled Secure Shell
Enable Secure Shell
Permit password login
Open the ssh port on the WAN interface
I attached the image
Hi all,
is this still the way to go for OPNsense on Azure? I'm looking for a firewall for a small project. Have used pfSense and a couple of commercial firewalls before but never tried OPNsense. But I was told how much better OPNsense is compared to pfSense so I would like to give it a try for this new project.
Best regards, Karsten
Karsten Iwen? ;D