Running OPNSense Firewall and Router in a Proxmox VM 🌱

What is OPNSense?

OPNsense is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources. -https://opnsense.org/about/about-opnsense/

Creating the OPNSense VM

  1. Download the OPNSense AMD64 DVD .iso Download
  2. Extract the downloaded OPNSense .bz2
  3. Log into the ProxMox web UI
  4. Select a storage from the left navigation pane to upload the .iso to
  5. Select ISO Images in the left sub-navigation pane
  6. Upload the OPNSense .iso file to the ProxMox ISO image library
  7. Right click the ProxMox node name > Create VM
  8. Type OPNSense in the name field and set a unique VM ID > Next
  9. On the OS tab, set the Type field to Linux, Version to 5.x - 2.6 Kernel and select the OPNSense .iso in the ISO Image field > Next
  10. On the System tab, leave the defaults > Next
  11. On the Hard Disk tab, set the Disk size field to 8 > Next
  12. On the CPU tab, set Cores field to 2, Type field to Host > Next
  13. On the Memory tab, set the Memory to 2048 and Uncheck Ballooning Device > Next
  14. On the Network tab, set the Model field to VirtIO (paravirtualized), Uncheck the Firewall box > Next
  15. Verify the summary and click Finish
  16. Click the OPNSense VM in the left navigation menu > Select Hardware from the left sub-navigation menu
  17. Click Add > Network Device
  18. Set the Model field to VirtIO (paravirtualized), Uncheck the Firewall box > Click Add
  19. Select Options from the left sub-navigation menu > Double click Use tablet for pointer > Uncheck the Enabled box > Click OK
  20. Right click the OPNSense VM in the left navigation pane > Start
  21. Click console in the left sub-navigation menu
  22. Press Enter at the Welcome screen
  23. Wait for the login prompt to display
  24. Login with the username installer and password opnsense
  25. Select a keymap > Press Enter
  26. Select Install (UFS) > Press Enter
  27. Select the QEMU HARDDISK option > Press Enter
  28. Select Yes to confirm destroying the contents of the disk > Press Enter
  29. Wait for OPNSense to copy files and install
  30. Press Enter to Change Root Password
  31. Type and re-type a new root password > Press Enter
  32. Select Complete Install > Press Enter
  33. Select Shutdown > Stop to power off the VM
  34. Navigate back to the Hardware options
  35. Double click the CD/DVD Drive > Select Do not use any media > Click OK
  36. Right click the OPNSense VM in the left navigation pane > Start
  37. Click console in the left sub-navigation menu
  38. Welcome to the OPNSense terminal

Configuring Network Interfaces and Web UI

  1. At the login prompt, login with username root and the root password set earlier
  2. At the OPNSense menu, select Set interface IP address by typing 2 and pressing Enter
  3. Enter the number that corresponds to the LAN interface > Press Enter
  4. At the DHCP prompt type n > Press Enter
  5. Enter a LAN IP address on the same subnet as your LAN
  6. At the bit count prompt type 24 > Press Enter
  7. Leave the IPv4 upstream gateway blank press Enter
  8. At the IPv6 WAN tracking type n > Press Enter
  9. At the IPv6 DHCP prompt type n > Press Enter
  10. Leave the IPv6 address blank and press Enter
  11. At the DHCP server prompt type n > Press Enter
  12. At the revert to HTTP prompt type y > Press Enter
  13. At the Restore web GUI access defaults type y > Press Enter
  14. The http address of the OPNSense Web UI will be displayed
  15. Minimize the OPNSense VM and open a web browser
  16. Navigate to the web UI http address
  17. Log into the web UI with the username root and the root password set earlier
  18. Enjoy exploring OPNSense