OPNsense Firewall Installation and Setup Tutorial

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

this video is about to walk you through how to install open sense um it's a begin of video so if you've not installed open sense before it'll be quite easy for you to do it seemed like good timing with the changes that netgate have made um with respect to pfSense their home lab licenses have well but first they just knocked them on the head and killed them uh then they changed it to $129 a year um for home use a lot of people have been complaining about that and said they'd like to move to open sense so I figured I'd do a video on it um as a side note there is an offer on at the moment I think you can get it 30% off so it's like $99 a year or something um I don't know if that's continuous but if you've installed pfSense plus uh and you don't pay it well basically you're not going to get any updates so this video is going to walk you through how to use open sense um if you have installed pfSense plus there is also an option of just reinstall Community Edition of PF sense um restore make a backup before you do that and then once you've reinstall the Community Edition just restore the backup it's as simple as that uh if you do want to move over to open sense this video is for you uh I'm Sam from Sheridan computers let's get started Sheridan computers it Communications support so the first thing we're going to want to do obviously is to to um download open sense so I just whichever search and you're using find that um so the URL is open sense.org download let go ahead and visit that page um so we've got the options of which version we want to download um the defaults fine so the architecture there is only one version um but then you've got an image type so you've got DVD VGA serial and Nano um so we're going to go with the default which is the VGA one because we're installing it on a device that has a VGA adapter in it the other options you've got is serial so if you're installing on a PC engines device for example which doesn't have a uh VGA output then you'll be install using the serial installer so you can access the console VI the serial port and then there's a nano option um which is a pre-installed image um so if you need to burn it to a um it says USB stick SD card CF card so if it's compact flash whatever you'll be using the Nano option but we'll go ahead with the VGA version um select a mirror closest to you so we'll go with University of Kent as I'm in the UK and then hit download okay that didn't work um manually find the mirror uh United Kingdom University of Kent and as I mentioned previously we want the 23.7 VGA amd64 image. bz2 um bz2 means it's archived so once we've downloaded it we'll need to um extract the actual image file from the archive so let's go ahead and download that okay we downloaded that so um let's go ahead and extract it um if you're using Windows I'm on Linux so it'll just extract but if you're using Windows um to extract a bz2 file you can use seven zip let me go ahead and extract this real quick once the file is extracted as you can see the uh initial download is like 400 Meg but the um actual extracted file is like 2 gig so now I'm going to use um banet eter to burn this to a dis um if you're using Windows you can use the same program um or you can use Reus for example so I'm going to use uh B ater so um select your image file select the Target in this case I have a USB stick installed we'll go ahead and Flash the stick okay with that looks like we're uh finished and we're ready to proceed to uh act installing so for this um I'm actually going to be installing it on one of those um devices from zoom in there we go uh one of these devices from AliExpress this is one of those Tipton ones um this one's um they got four USB on it get me face out the we it um display Bo HDMI and SIM card it's got four network cards on the front um and an auxiliary and you've got your power of course and the lights so I'm going to be installing on one of these um it's a test why not so let me just get this um set up real quick hold up okay so the open sentence installer has started um it's a line image when you first boot off open sense um not an install as such um should get the option to run the Importer in a second y so you can do press any key to start configuration importer um the purpose of that is if you have a firewall that's dyed you can literally boot off the AL live image which is the installer um and if you have a backup of the config and you put it onto a second USB stick then you can import the config and it'll boot live until you have time to change the hardware um obviously we don't which to Fresh installation so as I mentioned it's uh boots to a live environment um so you can actually access open sense at this stage um we want don't want to do that you've got two options here you can log in as root with the password of um open sense or you can log in as installer with the password of open sense if you log in as route then obviously it'll just you can access the system as is the system um we want to install it onto a hard drive so we're going to be logging in as installer so on keyboard installer and open sent okay so this is like a standard FreeBSD install so choose your country for your keyboard layout uh I don't want to test it so I want to continue um now you've got two options you can start using VFS or ZFS um generally recommend ZFS there are use cases for ufs but um so we've only got one drive in here so we're going to be doing stripe and the one that we want is this one here which is a MV me drive um are you sure you want to destroy the contents um there is nothing on it well there is a previous open sense installation that came on the device um so at this stage now the system will go ahead and start installing open sense so it's cloning the coint system so the uh install has completed so um I've got various options one of which is to change the root password so uh go ahead and change your root password um just verify the password so that's done now we can um complete the install and reboot um in which case we'll actually be booting off the installed version of open sense so one thing about the live installer um the live environment it's just that and any changes that you make won't persist um you can import the config file like I mentioned but if you do any changes to it you'll lose them as soon as you restart so you do need to install it um so anyway we'll go ahead and complete the install so we're going to try and obviously do some Auto configuration at this stage I haven't yet got a l one cable plugged in I've just got the lamb one connected so I know which Port is which um so now we can go ahead and log into the system on the Lan um just log into this real quick and uh this time want to log in as rout whatever you set the password to uh just going to drop to a shell real quick where is it eight same as pfSense it's good I do if config uh igc Z is not connected and igc 3 is active which is fine so exit oh on keyboard again exit that we'll go ahead and assign the interfaces so I don't want to assign a lag um don't need any VLS for this example so my uh L is going to be sorry it wants a one on it which is IG c0 um and the L interface is going to be IG C3 so we're good with that let's go ahead and proceed I was just doing that so I could actually the um figure out which interface is plugged in uh with that we should be good to log in so you'll get the um obviously the security warning that's because it's a cell sign certificate um you can s out but obviously save to ignore for the time being now we've got the open sense um logging screen so we are up and running but we need to configure it and go through the wizard so I'll just go through that with you real quick so we're going to log in with rout and whatever you set the password to um so at this stage it's going to start the initial setup wizard so you can click you can exit the wizard if you'd rather manually Do It um for showing people these of use I'm just going to go ahead and do this so set your host name um whatever domain you want uh obviously your English language um go ahead unset the primary DNS servers I'm just going to use quad 9 for this um you can use Google um which is 8888 um I'm going to untick override DNS so um that basically will allow the you want to sign DNS settings um we don't want to do that in this case whether you do you not it depends on your connection enable resolver um basically enables open sense as a DNS resolver and then you've got additional options such as enabling DNS sex support and um hardening we'll just go next from here go ahead and set your time zone so where am I in the UK so Europe London um this is to configure one interface so I'm going to leave M set to DHCP because that's just how my Network's configured um you can set this yourself so static DHCP pboe Etc um if you need to set MTU in MSS um your static configuration if will be editable if you set it to static um bpe configuration and the other configuration options are here I'm just going to leave these um one thing I do want I'm just going to unblock these you'll probably want to leave them um you'll probably want them ticked but I'm just unticking them because my one IP address will be a local IP address um configure your L interface I'm just going to leave this on the defaults 192168 1.1 with a 24 subnet mask um it's probably a good idea to change this because that's one of the most popular uh IP ranges used by private networks and things so you probably want to change that um root password if you want to put a new one in or um just leave it blank if you want to keep a current one then click reload to apply the changes so that's just basically confirming the set that we've done um at this stage it says congratulations open sense is now configured um consider donate to the project over to our website if you want to donate the Link's there um you can continue to the dashboard or check for updates checking for updates is um probably wise so there's no updates available in this case um I'm going to leave that there head over to the dashboard um so you've got various settings obviously overview from the dashboard the interface is a little different than um PF sense it's personal preference whether you prefer it or not to the PF sense interface um like I said I'm going to leave this video there this was literally just a a quick video on how to install open sense just for those that have not done it before because the install is a bit different we're booting from a live image um I do have a lot more videos planned on open sense um and PF sense as it happens um if you did find this video useful please um consider liking the video and consider subscribing to the channel hit notifications if you'd like to receive notifications of any videos that we do um any comments suggestions um types of vide that you'd like to see please feel free to leave them Below in the comments

Info

Channel: Sheridan Computers

Views: 7,829

Rating: undefined out of 5

Keywords: OPNsense, OPNsense Installation, OPNsense Beginner Tutorial, OPNsense Guide, Firewall Configuration, install opnsense, OPNsense 2023, OPNsense Setup Tutorial, opnsense web interface, opnsense download, opnsense installation, opnsense firewall, how to install opnsense, opnsense firewall configuration step by step, home lab, open source, how to, open source firewall, opnsense firewall setup, opnsense firewall tutorial, Firewall Setup, Network Security, OPNsense 2023 install

Id: bJ_-KzH94gk

Channel Id: undefined

Length: 17min 4sec (1024 seconds)

Published: Wed Nov 01 2023