OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: Tim on February 22, 2017, 10:33:06 pm

Title: How to deploy in Azure
Post by: Tim on February 22, 2017, 10:33:06 pm
Has anyone been able to deploy the OpnSense to Azure. I've tried the bootstrap opnsense version with the FreeBSD 11 marketplace image. But after the reboot, the webinterface IS reachable but you CAN'T login (HTTP_REFERER error). SSH is impossible after the bootstrap.

Where does this come from and how to solve? Any help would be great!
Title: Re: How to deploy in Azure
Post by: Tim on February 27, 2017, 11:42:19 pm
We were able to bring an instance online and accessible.
Now struggling to get traffic through from inside to outside. We are working with a single interface.
Title: Re: How to deploy in Azure
Post by: weust on February 28, 2017, 06:15:26 am
Can you describe what you did to get the instance online and accessible?

Why a single interface? Cost?
Title: Re: How to deploy in Azure
Post by: Tim on February 28, 2017, 07:51:54 am
We performed the following steps:
- Created a prepared VHD using hyper-v locally
- Configured with single nic (LAN)
- DHCP Server disabled
- SSH Enabled
- hn0 interface enable DHCP (In Azure a VM gets their IP settings using DHCP)
- uploaded VHD to azure and created new VM

I've used a single interface because of the networking in Azure. Other virtual network appliances are also using a single arm mode. Just as the Amazon image provided for OPNSense.

Do i need to perform additional steps to allow the firewall to forward traffic? In Azure I enabled IP Forwarding, what is a standard option for virtual network appliances in Azure.
Title: Re: How to deploy in Azure
Post by: weust on February 28, 2017, 12:59:26 pm
I haven't used any cloud solution myself, but describing what you did might help others.
Hence I asked.

Additional steps for forwarding traffic normally isn't needed.
Are you using VLAN tagging for WAN and LAN?
Title: Re: How to deploy in Azure
Post by: Tim on March 01, 2017, 12:04:23 pm
Hi, no VLAN tagging is used.
We can ping the gateway from the server, but internet traffic is not flowing through the firewall.
Title: Re: How to deploy in Azure
Post by: weust on March 01, 2017, 12:20:38 pm
I wouldn't know why traffic isn't flowing, but how do you separate WAN and LAN traffic in you situation?