Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Bob Jones

Pages1
#1
Tutorials and FAQs / Re: Install OpnSense on OVH Public VPS
January 18, 2024, 08:47:20 PM
With the image size of OPNsense getting larger and the urge to use VPS with a small amount of RAM I have modified the process:

1- Boot the VPS in Rescue mode, it does not matter what OS is installed, it will be wiped in this process
2- Find your VPS hard drive

Code Select

fdisk -l  ### Should return a line that is near the same size as the VPS disk drive.  /dev/sda is typically the rescue disk

/dev/sdb1  227328 41943006 41715679 19.9G Linux filesystem


3- Install and launch netcat
Code Select

apt update && apt install netcat
nc -l -p 19000 | bzip2 -d | dd bs=16M of=/dev/sdb


4- On your local laptop or another server, not the VPS.  Download the nano image:
Code Select

cd ~/Downloads
wget https://mirror.ams1.nl.leaseweb.net/opnsense/releases/23.7/OPNsense-23.7-vga-amd64.img.bz2

5- Extract
Code Select

bzip2 -dk OPNsense-23.7-nano-amd64.img.bz2

6- Send the disk image to the server
Code Select

dd bs=16M if=OPNsense-23.7-nano-amd64.img | bzip2 -c | nc xx.xx.xx.xx 19000     ## The public IP of your server

7- Reboot in the OVH control panel and log in via KVM by clicking the three dots in the name square.  Log in with: root/opnsense

8- Set the only interface as the WAN vtnet0 was mine

9- Set the WAN IP to static:  xx.xx.xx.xx/24 <-- not /32

10- Log into the shell and set a default route

Code Select

route add default x.x.x.1

11.  Disable the firewall to access the web gui
Code Select

pfctl -d


12- Create a firewall rule that allows you to access the GUI; this will reload the firewall.

This did work on 1GB RAM, I am not sure if it will work on 512MB



#2
Tutorials and FAQs / Re: Install OpnSense on OVH Public VPS
March 02, 2021, 05:36:22 PM
Quote from: Bob Jones on February 01, 2020, 10:47:29 PM
Hello -
  This process can be confusing, I wanted to post the steps I took:

1. Reboot into rescue mode from the OVH console, you will get a temporary root password via email.  You can also go into Account Summary, emails sent to me.
2.  SSH into the rescue VM with port forwarding.  You can do this with putty or if you have a shell:
Code Select

ssh root@x.x.x.x -L 5900:localhost:5900

3.  Download the iso to the RAM /tmp, I used "DVD" "i386"
Code Select

wget -P /tmp http://mirror.wdc1.us.leaseweb.net/opnsense/releases/20.1/OPNsense-20.1-OpenSSL-dvd-i386.iso.bz2

4. Install bz2
Code Select

apt update
apt install bzip2

5. Extract and delete old
Code Select

cd /tmp
bzip2 -dk OPNsense-20.1-OpenSSL-dvd-i386.iso.bz2
rm OPNsense-20.1-OpenSSL-dvd-i386.iso.bz2

6. Download and start VNC
Code Select

wget -qO- /tmp http://www.danpros.com/content/files/vkvm.tar.gz | tar xvz -C /tmp

/tmp/qemu-system-x86_64 -net nic -net user,hostfwd=tcp::80-:80,hostfwd=tcp::443-:443 -m 1024M -localtime -enable-kvm -hda /dev/sda -hdb /dev/sdb -vnc 127.0.0.1:0 -cdrom /tmp/OPNsense-20.1-OpenSSL-dvd-i386.iso -boot d


7. Connect your VNC client to 127.0.0.1:5900, i use VNC connect by RealVNC
8.  I did guided install, some notes:
    - There are sections that take forever to complete, specifically cdpup but this install did finish after many long delays within 20 min
    - I did DHCP, manually set the WAN interface to vtnet0
    - When selecting a drive to install to, the first drive is ~2500mb and the rescue partition.  You should be installing to the second, larger drive.  Mine was ~ 18000mb
9.  When the install finishes, it will reboot.  Go into the OVH panel and reboot your VM, not into rescue mode.
10.  After reboot, open the KVM panel and login as root.  Select option 8 for Shell access
11.  Add route (your default gateway is typically x.x.x.1 of your primary IP with OVH)
Code Select

route add -inet x.x.x.1/32 -link -iface vtnet0
route add default x.x.x.1

11.  Disable firewall to access the web gui
Code Select

pfctl -d

12.  Log into the GUI via the WAN IP (https://), I skip the wizard.. you can always go back to it.
13. Go to Gateways, edit the ipv4 DHCP one... set the ip x.x.x.1 and set it as a "far gateway"
14. Make sure you have a rule or interface to access the admin interface
15. Reboot and test

Let me know if you have any suggestions or questions.


I just had to redo this process and found the RAM can no longer handle the size of the uncompressed file.  To resolve this, I took these steps:

1 - Install Ubuntu (18.04)
3 - reboot in rescue mode
4 - step 5
Code Select
  cd  /mnt/sdb1/root/
5 - step 6 and replace your CDROM with the appropriate filename:
Code Select

/tmp/qemu-system-x86_64 -net nic -net user,hostfwd=tcp::80-:80,hostfwd=tcp::443-:443 -m 1024M -localtime -enable-kvm -hda /dev/sda -hdb /dev/sdb -vnc 127.0.0.1:0 -cdrom /mnt/sdb1/root/OPNsense-20.1-OpenSSL-vga-amd64.img -boot d


#3
Tutorials and FAQs / Re: Install OpnSense on OVH Public VPS
September 23, 2020, 05:17:38 PM
When you are using RAM as your drive you need to be aware of your space in the /tmp folder (this writes directly to RAM, not your HDD)... I believe the VPS i was using has 1GB of RAM.  I would make sure you are selecting the smallest image you can install.  What size VPS are you trying to install to?
#4
Tutorials and FAQs / Install OpnSense on OVH Public VPS
February 01, 2020, 10:47:29 PM
*** Updated process below https://forum.opnsense.org/index.php?topic=15699.msg187076#msg187076

Hello -
  This process can be confusing, I wanted to post the steps I took:

1. Reboot into rescue mode from the OVH console, you will get a temporary root password via email.  You can also go into Account Summary, emails sent to me.
2.  SSH into the rescue VM with port forwarding.  You can do this with putty or if you have a shell:
Code Select

ssh root@x.x.x.x -L 5900:localhost:5900

3.  Download the iso to the RAM /tmp, I used "DVD" "i386"
Code Select

wget -P /tmp http://mirror.wdc1.us.leaseweb.net/opnsense/releases/20.1/OPNsense-20.1-OpenSSL-dvd-i386.iso.bz2

4. Install bz2
Code Select

apt update
apt install bzip2

5. Extract and delete old
Code Select

cd /tmp
bzip2 -dk OPNsense-20.1-OpenSSL-dvd-i386.iso.bz2
rm OPNsense-20.1-OpenSSL-dvd-i386.iso.bz2

6. Download and start VNC
Code Select

wget -qO- /tmp http://www.danpros.com/content/files/vkvm.tar.gz | tar xvz -C /tmp

/tmp/qemu-system-x86_64 -net nic -net user,hostfwd=tcp::80-:80,hostfwd=tcp::443-:443 -m 1024M -localtime -enable-kvm -hda /dev/sda -hdb /dev/sdb -vnc 127.0.0.1:0 -cdrom /tmp/OPNsense-20.1-OpenSSL-dvd-i386.iso -boot d


7. Connect your VNC client to 127.0.0.1:5900, i use VNC connect by RealVNC
8.  I did guided install, some notes:
    - There are sections that take forever to complete, specifically cdpup but this install did finish after many long delays within 20 min
    - I did DHCP, manually set the WAN interface to vtnet0
    - When selecting a drive to install to, the first drive is ~2500mb and the rescue partition.  You should be installing to the second, larger drive.  Mine was ~ 18000mb
9.  When the install finishes, it will reboot.  Go into the OVH panel and reboot your VM, not into rescue mode.
10.  After reboot, open the KVM panel and login as root.  Select option 8 for Shell access
11.  Add route (your default gateway is typically x.x.x.1 of your primary IP with OVH)
Code Select

route add -inet x.x.x.1/32 -link -iface vtnet0
route add default x.x.x.1

11.  Disable firewall to access the web gui
Code Select

pfctl -d

12.  Log into the GUI via the WAN IP (https://), I skip the wizard.. you can always go back to it.
13. Go to Gateways, edit the ipv4 DHCP one... set the ip x.x.x.1 and set it as a "far gateway"
14. Make sure you have a rule or interface to access the admin interface
15. Reboot and test

Let me know if you have any suggestions or questions.
Pages1