Quick tutorial: how to deploy OPNsense easily on Oracle Cloud for free.

Started by jazzy, February 18, 2023, 05:56:30 AM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
May 31, 2024, 04:11:26 PM #30
solved the problem: just not install ca_root_nss
BR
Christian
June 03, 2024, 05:11:07 PM #31
Quote from: Bob.Dig on May 29, 2024, 07:55:54 PM
Quote from: kohly on May 29, 2024, 04:23:03 PM
What can i do?
Use the latest nano image and don't select the mirror yourself.

found the nano image and was able to deploy it on oci.
what kind of ease!
December 16, 2024, 03:05:10 PM #32
I did spend some time to document what I've done. So maybe useful for others: https://blog.dieschmitterlinge.de/cloud/install-opnsense-oracle-oci/
August 12, 2025, 03:42:18 PM #33 Last Edit: August 14, 2025, 08:32:24 PM by aleixsr@gmail.com Reason: Adding final steps
Hello, just to clarify:

1. Downloaded the latest OPNsense-24.1.7-ufs-serial-vm-aarch64.qcow2.bz2 (Important: serial works, efi doesn't for me)
2. Unzipped and uploaded qcow2 to bucket
3. Imported custom image (type qcow2, launch mode native / paravirtualized -> tried both)
4. Modify image in order to be available for VM.Standard.A1.Flex
5. Modify image "Launch options" in order to be UEFI_64 only (disable BIOS)
6. Create Instance from this custom image
7. From Instance > OS Management > Launch Cloud Shell connection
8. Click Enter and login using: root/opnsense
9. Assign Interfaces (at least WAN is needed). Using DHCP works fine.
10. Enable Admin Web access via WAN interface:
     - 8) Shell
          >> cd /conf
          >> cp config.xml config.bkp
          >> vi config.xml
- Lookup <webgui> :
          >> :/<webgui
- Add these two lines after </ssl-certref>:
               <nohttpreferercheck>1</nohttpreferercheck>
               <nodnsrebindcheck>1</nodnsrebindcheck>
So it should be like this:
          <webgui>
               <protocol>https</protocol>
               <ssl-certref>64b1234567</ssl-certref>
               <nohttpreferercheck>1</nohttpreferercheck>
               <nodnsrebindcheck>1</nodnsrebindcheck>
            </webgui>
11. Access using a web browser https://<public_ip_address>

Thanks everyone.
August 12, 2025, 04:25:27 PM #34
Correct, the cloud shell requires an image with enabled serial console. That's why I created the fork in the first place. ;)
Launch mode "Paravirtualized" (the default setting) is correct. Also, setting the OS to "Generic Linux"  is recommended (there is no *BSD option).

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
Print
Go Up Pages 1 2 3
User actions