OPNsense Forum
Archive => 22.7 Legacy Series => Topic started by: daven2411 on November 09, 2022, 02:36:50 pm
-
Is it possible to install OPNSense as a Virtual Machine running on a Windows 10 PC? Can someone send me a link on how to do it.
-
If you can run Vagrant on your Windows PC you might want to try my project:
https://github.com/punktDe/vagrant-opnsense
You need to stick to Virtualbox 6.x at the moment. I need to update the network topology for Virtualbox 7. They actively removed features. *sigh*
-
Thanks. I will investigate the possibility.
-
Is it possible to install OPNSense as a Virtual Machine running on a Windows 10 PC? Can someone send me a link on how to do it.
It runs on Hyper-V, so yes, it should be able to run on a PC running Windows 10 Pro.
-
I've tried Hyper-V but I still cannot get into the GUI. Did you follow some instructions off the Internet.? Can you send me a link to follow.
-
I can ping 8.8.8.8 but cannot ping any other devices on my LAN which is 192.168.1.0/24. Also, my gateway is 192.168.1.254 but most of the tutorials have the gateway as 192.168.1.1.
Should I be using .1 or .254?
-
A factory new OPNsense has got 192.168.1.1 on its LAN interface and this is the DHCP server, gateway, and DNS server for all devices in that network.
If you already have an existing network using 192.168.1.0/24 and want to use that as the upstream (WAN) for your OPNsense, you need to change either that existing network or OPNsense's LAN. You cannot have the same network on two interfaces. OPNsense can be changed at the console, which should be easily accessible in a hypervisor environment.
-
Use VmWare Player...
Much better support for drivers
https://www.vmware.com/dk/products/workstation-player/workstation-player-evaluation.html
-
Does the WAN interface have to be a different network as well as the LAN?
-
You need to isolate the WAN on the virtual machine so it cant get in touch with anything on the physical machine...
-
Does the WAN interface have to be a different network as well as the LAN?
The WAN and the LAN have to be different from each other. For testing or whatever it is you want to do with your virtualised environment you can connect your WAN to your existing network and configure it to use DHCP (which is the default, anyway).
The LAN on OPNsense must be a different network. You can configure a host-only network in your hypervisor of choice, enable the DHCP server on OPNsense in that network, then tell your Windows PC to use that host-only network as its Internet uplink. Thereby connecting your Windows through the virtualised OPNsense to your existing network infrastructure and finally to the Internet.
Or create a second virtual machine running e.g. Windows, connect that to said host-only network, let that one access the Internet through the virtualised OPNsense ... it all depends on what you want to do.
Basic networking knowledge will be required.
If your idea is to run your PC in production through a virtualised OPNsense to add ... well, what exactly? ... that's probably possible but difficult.
My Vagrant project - just check the README on github - has got some hints on how to route traffic through the virtualised firewall for selected target addresses.
HTH,
Patrick
-
The WAN is 192.168.1.2 which is the same as my internal LAN. The LAN is 192.168.10.100 which is specific to the VM. Screenshots below, if you wouldn't mind taking a look. I am using Hyper-V on Windows 10. Regards, Dave.
https://i.imgur.com/odMqgXR.png
https://i.imgur.com/ikPqUMf.png
https://i.imgur.com/P3kVMQ8.png
-
with out vlans to seperate the traffic OR a second nic, this is going to be hard.
-
Even though I am installing it as a VM with virtual NIC's???
-
You can run OPNsense with two virtual NICs. What exactly are you trying to do with it, then?
-
I live in the UK and have the 'standard' router issued to me by BT. What I am trying to do is create a VM, on a spare laptop that I have, then put the BT router into 'bridge' mode and forward all traffic to the ip address of my OPNsense VM. The OPNsense VM will then be my router and do the little bit of port forwarding that I currently have. My internal network is 192.168.1.0/24 and my gateway is 192.168.1.254.
-
You will need two interfaces then. Any if you do have a spare machine, why don't you just install OPNsense on that?
-
There is only one network port on my laptop. that is why I am trying to install it on a VM.
-
And how will you connect it to your network and to the ISP bridge modem, then? You could use VLANs and a VLAN capable switch. E.g. a Unifi Edgerouter-X makes a nice 5 port switch for around 50 euro/dollar/pounds.
Did you check that you can run your laptop with the lid closed, that it won't go to sleep unexpectedly, that it can shut down the display ...
Laptops are not well suited to run services that are supposed to be available 24x7.
-
Laptop can run perfectly with the lid closed. I was hoping to install OPNsense into a VM in either VirtualBox, Hyper-V or even install Proxmox VE on my laptop and install it in a VM under that. I thought I might be able to create multiple NIC's and give them appropriate IP addresses based on the fact that my current internal LAN is 192.168.1.0/24.
-
That you can but with one physical nic only on the device, once it is connected to the bridge, there's no nic left to go downstream to your local network. Unless all your devices are only VMs inside the laptop.
-
https://www.youtube.com/watch?v=rVQFGoUG6II
Can you tell me if the instructions in this video will help me in any way?
-
It does as a theoretical exercise. If you look at the very beginning, it shows the only physical interface is allocated to wan. The two virtual ones are for "internal". Imagine that was a very beefy server and has 20 virtual machines on it. With that tutorial you have a firewall/router vm and two virtual nics for two independent networks, two vlans to be specific. So all traffic is internal to hypervisor and its guests.
If what you want to to is setup a virtual machine for OPN or any router/firewall OS, you need two physical network interfaces minimum unless you go on a very hackish way splitting cables from an rj45 connector for a 100 mb part but only good for academic purposes.
Forgive the plug but I'll be having a spare APU4 in a couple of weeks if interested.
-
Thanks for the advice. I have sent you a private message.
-
As others have said, if you want to use OPNsense as a router / firewall for other devices, you need a dedicated WAN interface. If you're running it on a laptop with only one ethernet port, you could get a USB ethernet interface.
To be honest, a laptop is far from an ideal computer to run a router, unless you are only using it with virtual clients.