OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: Ashwini on March 20, 2018, 11:15:51 am
-
Hi,
I am new to Opnsense.
Is it mandatory to have internet connection to use security feature of Opnsense?
I see there is a "Download and Update" option in IPS for installing few rules.
My question is can i download all rules and update at once and use it later without internet.
Will my Opnsense work perfectly without internet after updating once?
thanks in advance
-
I don't really understand your question, what would be the point of installing OPNsense if you're not using an internet connection? What is it you're actually trying to achieve?
-
Hi,
I am new to Opnsense.
Is it mandatory to have internet connection to use security feature of Opnsense?
I see there is a "Download and Update" option in IPS for installing few rules.
My question is can i download all rules and update at once and use it later without internet.
Will my Opnsense work perfectly without internet after updating once?
thanks in advance
To answer your question without other questions, YES, you CAN do that.
Now I have a question: what are you trying to protect/ secure since there is no internet involved? If you are using OPNsense just to connect/ route private networks, the approach is a totally different one.
Cheers, good luck!
-
Some lab environments require this. Some plugins won't work, but you can even bring updates into your private network for the OPNsense to use (it's a web server, rsync + enter firmware mirror URL).
Cheers,
Franco
-
Hi,
My aim is to achieve below settings:
I have one hardware which has Opnsense(behaves as router and firewall) set up in vmware with no internet access. And i have a server where i have internet access. Other machines in network will have to communicate with this server.
So my intention is to protect this network, so that any external attacks to the server should not impact other machines connected in the network.
Now I wanted to know if it is possible to protect my network using Opnsense?
-
It's not quite clear for me:
Hi,
My aim is to achieve below settings:
I have one hardware which has Opnsense(behaves as router and firewall) set up in vmware with no internet access. And i have a server where i have internet access.
No internet access for vmware host? Or for OPNsense virtual appliance?
Other machines in network will have to communicate with this server.
Which network? Is this network the single existing network in which everything resides? Or your vmware host/ guests are in a different network?
So my intention is to protect this network, so that any external attacks to the server should not impact other machines connected in the network.
You said there is no internet acces to vmware (or OPNsense), but there is to the server: so the vmware hardware is a different hw than of the server that has internet access? Or maybe both OPNsense and the server with internet are vm appliances? Again, what is your network(s) topology?
Now I wanted to know if it is possible to protect my network using Opnsense?
Let's see how, but first let's see where we are (see above)!... :)
-
It's not quite clear for me:
Hi,
My aim is to achieve below settings:
I have one hardware which has Opnsense(behaves as router and firewall) set up in vmware with no internet access. And i have a server where i have internet access.
No internet access for vmware host? Or for OPNsense virtual appliance?
Other machines in network will have to communicate with this server.
Which network? Is this network the single existing network in which everything resides? Or your vmware host/ guests are in a different network?
So my intention is to protect this network, so that any external attacks to the server should not impact other machines connected in the network.
You said there is no internet acces to vmware (or OPNsense), but there is to the server: so the vmware hardware is a different hw than of the server that has internet access? Or maybe both OPNsense and the server with internet are vm appliances? Again, what is your network(s) topology?
Now I wanted to know if it is possible to protect my network using Opnsense?
Let's see how, but first let's see where we are (see above)!... :)
Hardware 1- Opnsense host
Hardware 2 - Server
Hardware 3 - Client
HW 1,2,3 are in same network.
Internet access is given only for HW2(server).
HW3(Client) can access HW2(Server).
HW1 ( opnsense ) will act as a firewall/router between HW2 and HW3.
My question is how to protect HW3(client) in case of external attack to HW2(server) using security features of HW1(opnsense).
-
Strictly answering your question, HW3 is protected by design.
Extending the answer, a lateral spread of viruses, worms, malware in general is impossible to be stopped by a router or a firewall if everything resides on only one network/ broadcast domain.
You might start by designing different interfaces for client hosts (like HW3) and servers (like HW2), meaning you define in your firewall (at least) 3 interfaces: WAN, LAN, DMZ (servers) (and maybe even Wi-Fi/ WLAN). That way, you protect each category of machines by isolating them in their own broadcast domain.
Then, carefully defining FW rules, NAT rules, policies and other protection mechanisms like IPS, you accomplish what you aim for.
Good luck, and cheers!