DA On-Prem -> OCI Journey when UR on a Budget --aka Cheep like Me - Part 3 Building the PFSense VBox

 

Part 3: The VirtualBox Setup: The PFSense VBox


Ok, so what I will be covering in this Part is the Virtual Box. Here are some assumptions.


1> you know how to download and reference a Linux Distribution for the machine. In this case I have TWO distributions.

a. The Oracle Linux Distribution (7.9)

b. The BSD Distribution, This comes with the PFSense mentioned in the first part.


2> you know at least a little bit about networking a Virtual Box. What you need to know, is in this section so don’t freak out.



Da Setup Part 1: Your PFSense installation.


Here is the basic setup in pics:


System Stats:


So let’s create one:


Use all the settings below: (yeah just go through the different parts and set it up)



 

 

 

 

Ok, main things (highlighted ones) are:


1. here is the Type and version selected (BSD 64 bit).


2. processor settings


3. Network Cards (Bridged and Internal)


4. Set the boot cd to the PFSense iso



Da Install:

a> hit the start machine button:



b> Choose to ‘Accept’


c> Stay on the ‘install’ option, it’ll start installing:


 

d> it will notify you are through. And prompt to reboot into the installed system. At this point

close the machine @ the VirtualBox Console and Remove the boot from the ‘CD’


e> restart the machine. It will boot to the following screen:



 

 

 

 

 

 

 Note a few things:


1> the WAN address is something you will want to change most likely. Notice I kept the 192.168.1 subnet for the WAN. Remember that the 'Bridged' card in VBOX handles connections to/from the outside world to the internal card. This simulates a Datacenter connection. When talking enterprise, this is a good represenation of that. Note that  the 192.168.2 subnet is relevant on the cloud side that I configured during the cloud build (see the ingress/egress rules for verification).This means that incoming/outgoing traffic to that subnet routes through the Public IP -> Bridged Network -> Internal One. So it's all there.


2> note also the assigned interfaces. Use option 2 above to set them. You will set the LAN internal networks:


a> select option #2:


b> choose option #2 again (for LAN Setup)







c> enter in the Ip for the internal Ip of the PFSense Vbox – in this case it is

192.168.2.1 (yeah a CIDR when you get done here, you’ll see.



Told ya.


We will talk about the IPSEC1000 interface in a bit. This is configured in the GUI tool for

pfsense but we ain’t there yet.


At this point PFSense is up.


You can’ get there yet because you need another Virtual Box (Oracle Linux) ON THAT SAME SUBNET! To get there. Let’s build that Vbox next time. Cya for now!


Comments

Post a Comment

Popular posts from this blog

DA On-Prem -> OCI Journey when UR on a Budget --aka Cheep like Me - Part 4 - Config Da Oracle Vbox

Image
  Part 4 : The VirtualBox Setup: The DBServer Vbox T his is Vbox is key to the final section dealing with the PFSense configuration. Note that this Vbox will be on the same internal subnet (192.168.2) CIDR range as the PFSense Box. So you will be able to access the configuration console of the PFSensee box from it. If you want o add additional boxes for different purposes, go ahead. Just remember resources, subnet and ability to reach the internet via this PFSense router Vbox for software, etc. So anyway. Let’s get to it. Here is the configuration – highlighted entries are what you need to configure:     Ok so to summarize Ya need to: 1> use an Oracle Linux 64-bit version (I used 8.5 – but as long as compatible with any db binary. Ur good. 2> Base memory 2gb and all the acceleration stuff as noted above (ur jus checking boxes so don’t forget. 3> You binary Iso (ya got to download this to ur host server)...
Read more

DA On-Prem -> OCI Journey when UR on a Budget --aka Cheep like Me - Part 5 - Plumbing another Tunnel

Image
  Part 5: Da Last Tunnel I said last time I was missing a tunnel...Ok so let’s put one there. This isn’t too bad really. A lot of the pre-work and config is there. Let’s see the stuff already there: On the Cloud:          So, two tunnels were constructed in OCI but onlyone configured. Note that all the ingress/egress rules still apply and do not required any modifications on the cloud. For example: On the PFSense router (Vbox): WAN (outward facing): Nothing more needed….Just have it opened from ANY machine on the OCI VCN subnet to the endpoint for the PFSense router in the outfacing subnet. LAN (Internal Subnet): These rules will work fine. Remember the DRG thatis attached to the VCN and also roues to the tunnels has everything it needs configured.     IPSEC: Again...no changes:     ...
Read more

DA On-Prem -> OCI Journey when UR on a Budget --aka Cheep like Me - Part 4 - The Secret Sauce: PFsense Config

Image
  Part5: Da PFSense Configuration. Ok now that you have the pfsense and the Oracle Linux Vboxes on the same subnet. You should be able to pull up the PFSense dashboard on the Oracle Linux Machine’s browser. Note that the ip address is 192.168.2.1. So let’s just take a look at the Dashboard first: A few things to note here: 1> the Oracle Linux Box is reported to be @ 192.168.2.77 – which is the IP address assigned to it when the Oracle Linux Box was created. 2> the Interface are the same as assigned on the pfsense (WAN,LAN and OPT1) Note the subnet differences between the WAN and the others. So you can see that the pFSense can get to both the outside and inside internal network. Again, this emulates an on-prem datacenter. Before we go through the configuration, lets look at the final result first. So from the dashboard above, go to the top menu bar and select Status → IPSEC. As below:    ...
Read more