Post

Home Lab 1 E1

Posted Updated
By
9 min read
Home Lab 1 E1

Opnsense Firewall installation in Virtual Lab

  1. Opnsense Firewall ISO download
    • Go to the link : https://opnsense.org/download/
    • Go down the n select these options
      • System architecture : amd64
      • Image type : dvd (ISO installer image with live system capabilities running in VGA mode)
      • Mirror Location/2 : Just select the closest mirror to your location
      • Click Download OPNsense
  2. Get the OPNsense ISO
    • Go to the link : https://gnuwin32.sourceforge.net/packages/bzip2.htm
    • Download the setup. We will need the Bzip because the downloaded Opnsense iso is compressed in bzip format
    • After installing Bzip, go to the path : C:\Program Files (x86)\GnuWin32\bin
    • Run this command to extract the iso : bunzip2.exe -d C:\Users\PathToTheDownloadedOpnSenseISO\Downloads\OPNsense-25.1-dvd-amd64.iso.bz2
    • Now, you have OPNsense ISO to mount and install in Virtual Machine
  3. OPNsense Installation
    • Start the virtual machine (Oracle VM)
    • Click on the create new vm button
    • Give a name, choose the ISO location. Make sure to choose type is “BSD” and subtype as “FreeBSD” (wasted 40 mins trying to fix an error because I choose something different)
    • Make sure to give minimum 2 GB RAM and 4 to 8 GB disk space
    • In Network, keep adapter 1 as “NAT” and adapter 2 as “Internal Network
    • Now start the vm
    • After loading up, login will come. u: installer, p: opnsense
    • Steps :
      1. Choose default keymapping
      2. Install UFS option. (UFS : Unix File System)
      3. Then choose disk as ada0
      4. Set “Root” password
      5. Complete installation then reboot
      6. Make sure to unmount the mounted iso, since the installation in disk is done, next bootup will be from the disk.

Can’t access internet through LAN, its been over 3 hours. Still trying to fix this !! After close to 7 hours, I fixed it. I can access the internet (search google.com from browser) from Kali Linux (LAN) through the OPNsense firewall. It was a misconfiguration. I had to set DNS server inside “System->Settings->General” then add 8.8.8.8 (Google) and 1.1.1.1 (Cloudflare) in next row.

Few important commands I used

Restart the Network Interface
sudo nmcli connection down 'Wired connection 1' && sudo nmcli connection up 'Wired connection 1'
Check the IP Address
ip a
ip route
Check the DNS Server
cat /etc/resolv.conf
Test DNS
dig google.com

What is a Firewall and Why You Need One

In the vast and often-turbulent seas of the internet, navigating safely is paramount. Malicious actors, digital pirates, and unseen threats lurk in the depths, waiting to exploit unsuspecting users. This is where a crucial piece of cybersecurity technology comes into play: the firewall. For anyone with an online presence, from the casual blogger to the multinational corporation, understanding what a firewall is and how it works is fundamental to digital safety.

The Gatekeeper of Your Digital World

At its core, a firewall is a security system that acts as a barrier between a trusted internal network (like your home Wi-Fi or a company’s intranet) and untrusted external networks (the internet). Imagine it as a digital bouncer or a security guard for your computer or network. Its primary job is to monitor and control incoming and outgoing network traffic based on a set of predefined security rules.

How Does a Firewall Work?

Firewalls operate by inspecting data packets, which are small chunks of data that travel across networks. They analyze these packets for various characteristics, such as their source, destination, and the type of data they contain. This inspection process allows the firewall to make a determination: allow the packet to pass, or deny it access.

There are several methods firewalls use to achieve this:

  • Packet Filtering: This is the most basic form of firewalling. It examines each packet’s header, which contains information like the source and destination IP addresses, port numbers, and the protocol being used. It then compares this information to a set of rules to decide whether to allow or block the packet.
  • Stateful Inspection: This method is more advanced. It not only inspects individual packets but also keeps track of the state of active connections. It understands the context of the traffic, making it more effective at identifying and blocking malicious activity that might slip past a simple packet-filtering firewall.
  • Proxy Service: A proxy firewall acts as an intermediary between your computer and the internet. When you request information from a website, the request first goes to the proxy firewall, which then fetches the information on your behalf. This prevents a direct connection between your device and potentially harmful external networks.

A Spectrum of Protection: Types of Firewalls

Firewalls are not a one-size-fits-all solution. They come in various forms, each designed to meet different security needs:

  • Software Firewalls: These are programs installed on individual computers that protect that specific device. Most modern operating systems, like Windows and macOS, come with a built-in software firewall.
  • Hardware Firewalls: These are physical devices that are placed between a network and the internet. They are often used by businesses and organizations to protect their entire network of computers.
  • Next-Generation Firewalls (NGFWs): As the name suggests, these are more advanced firewalls that combine traditional firewall techniques with additional features like intrusion prevention systems (IPS), application awareness, and deep packet inspection. They offer a more comprehensive level of security against modern cyber threats.
  • Web Application Firewalls (WAFs): These are specifically designed to protect web applications from attacks that target vulnerabilities in the application’s code.

The Unwavering Importance of a Firewall

In today’s interconnected world, the importance of having a firewall cannot be overstated. Here’s why it’s a non-negotiable component of your cybersecurity arsenal:

  • Defense Against Unauthorized Access: Firewalls are your first line of defense against hackers and other unauthorized users attempting to gain access to your computer or network.
  • Malware Protection: They can help prevent malicious software, such as viruses and ransomware, from infiltrating your system by blocking traffic from known malicious sources.
  • Control Over Network Traffic: Firewalls give you granular control over the types of applications and services that are allowed to send and receive data from your network.
  • Enhanced Privacy: By blocking unwanted intrusions, firewalls help to protect your personal and sensitive information from being stolen.

What is OPNsense?

OPNsense is a free, open-source, and highly versatile firewall and routing platform. It is based on the hardened FreeBSD operating system, renowned for its stability and security. Forked from the popular pfSense project in 2014, OPNsense was created with a strong focus on a clean, modern user interface, security, and a more frequent and transparent update cycle. At its core, OPNsense provides a stateful firewall, which monitors the state of active network connections and makes decisions based on the context of the traffic. However, its capabilities extend far beyond basic packet filtering.

Key Reasons to Choose OPNsense

The decision to deploy OPNsense often comes down to a combination of its powerful features, open-source philosophy, and user-centric design. Here are some of the primary reasons why many users and organizations opt for OPNsense:

1. Comprehensive Feature Set at No Cost

OPNsense rivals many expensive commercial firewall solutions in terms of its extensive feature set, all available for free. This includes:

  • Advanced Firewalling: Stateful packet inspection, traffic shaping, and support for complex network address translation (NAT).
  • Virtual Private Network (VPN): Robust support for modern VPN protocols, including WireGuard, OpenVPN, and IPsec, enabling secure remote access and site-to-site connectivity.
  • Intrusion Detection and Prevention (IDS/IPS): Integration with industry-standard tools like Suricata to actively monitor for and block malicious traffic.
  • Web Filtering and Proxy: Capabilities to filter web content, block ads, and enhance security with a caching proxy.
  • High Availability and Load Balancing: Features to ensure network uptime and distribute traffic across multiple internet connections.
  • Captive Portal: Easy creation of guest networks with customized login pages.

2. Modern and Intuitive User Interface

One of the most lauded aspects of OPNsense is its clean, modern, and user-friendly web interface. Built with a focus on usability, it simplifies complex network configurations, making it more accessible to both seasoned network administrators and those new to firewall management. The interface is responsive and includes a powerful search function, allowing users to quickly find the settings they need.

3. Regular and Transparent Updates

OPNsense follows a predictable and frequent release schedule, with major updates twice a year and minor updates every two weeks. This ensures that security patches and new features are delivered in a timely manner, which is crucial in the ever-evolving landscape of cybersecurity. The development process is transparent, with a clear roadmap and open communication with the community.

4. Open-Source Transparency and Flexibility

Being open-source, OPNsense’s source code is publicly available for anyone to inspect. This transparency fosters trust and allows for community-driven security audits. It also means no vendor lock-in; you have the freedom to run OPNsense on your own hardware, from a dedicated appliance to a virtual machine, giving you complete control over your network security infrastructure.

5. Extensive Plugin and Integration Support

OPNsense’s functionality can be easily extended through a wide range of plugins. This modular approach allows users to tailor the firewall to their specific needs without bloating the core system. Popular plugins include Zenarmor for next-generation firewall capabilities, and various tools for enhanced reporting and monitoring.

Who Should Use OPNsense?

OPNsense is a versatile solution suitable for a wide range of users and organizations:

  • Home Users and Tech Enthusiasts: Ideal for creating a powerful and customizable home lab, securing a home network, and gaining deeper insights into network traffic.
  • Small to Medium-Sized Businesses (SMBs): A cost-effective way to implement enterprise-grade security features without expensive hardware and licensing fees.
  • Large Enterprises: Can be deployed in various scenarios, from protecting specific network segments to serving as a primary firewall for organizations that value open-source solutions and have the in-house expertise to manage them.

In conclusion, OPNsense stands out as a robust, feature-rich, and user-friendly firewall solution that empowers users with control over their network security. Its open-source nature, combined with a commitment to security and usability, makes it a compelling choice for anyone looking for a powerful and flexible alternative to proprietary firewalls.

To get in touch with me or for general discussion please visit ZeroDayMindset Discussion

Project, Home-Lab-1
writing project cybersecurity
This post is licensed under CC BY 4.0 by the author.