Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

OPNsense Beginner to Professional

Table of Contents

Preface

Section 1: Initial Configuration

Chapter 1: An OPNsense Overview

About the OPNsense project

Project history

A new project with a lot of improvements on old code

Rock-solid FreeBSD – HardenedBSD

FreeBSD

Why OPNsense?

My personal experience

Features and common deployments

Core features

Common deployments

Where to get help?

Some facts

Summary

Chapter 2: Installing OPNsense

Technical requirements

Versions and requirements

Versioning

Hardware

Downloading and installing OPNsense

Configuring VirtualBox to install OPNsense

Mounting the OPNsense ISO file

Installing OPNsense

Unmounting the ISO installation file

Setting up a LAN network

Configuring network interfaces

Updating firmware

Checking for system updates in WebGUI

Checking system updates using the CLI

Installing plugins

Advanced – Accessing the CLI through SSH

FreeBSD packages

PKG basic operations

Summary

Chapter 3: Configuring an OPNsense Network

Technical requirements

Hardware considerations

FreeBSD NIC names

The ifconfig command

Basic network configuration

WebGUI – network interface configuration

Assigning network interfaces

Overview of the network interface

Types of interfaces

Bridge

GIF

GRE

LAGG

Loopback

VLAN

VXLAN

Proposed exercise – creating another type of network interface

Exploring virtual IPs

IP alias

CARP

Proxy ARP

Proposed exercise – creating a virtual IP address

Network diagnostics and troubleshooting

True story – how to use ARP Table diagnostics

Common issue – local network hosts can't open websites

Summary

Chapter 4: System Configuration

Technical requirements

Managing users and groups

Creating users and groups

External authentication

Certificates – a brief introduction

General settings

The administration page

The General page

About OPNsense logging

Advanced settings

Cryptography settings

Configuration backup

Summary

Section 2: Securing the Network

Chapter 5: Firewall

Technical requirements

Understanding firewalling concepts

A stateful firewall

The Packet Filter

Firewall aliases

Importing and exporting aliases

The firewall rules

The rule processing order

Rule actions

Firewall settings

Diagnostics and troubleshooting

Troubleshooting

Summary

Chapter 6: Network Address Translation (NAT)

Technical requirements

NAT concepts

Port forwarding

Caveats

Creating a port forwarding rule

Outbound NAT

NAT outbound modes

Adding an outbound NAT rule

One-to-one NAT

Adding a one-to-one NAT rule

Summary

Chapter 7: Traffic Shaping

Technical requirements

Introduction to traffic shaping

dummynet and ipfw – a brief introduction

Possible scenarios

Controlling hosts' and users' bandwidth usage

Protocol prioritization

Creating rules

Monitoring

Summary

Chapter 8: Virtual Private Networking

Technical requirements

OPNsense core VPN types

IPSec

OpenVPN

IPsec versus OpenVPN

Site-to-site deployments using IPsec

Phase 1 configuration

Phase 2 configuration

IPSec BINAT

IPSec diagnostics

VPN deployments using OpenVPN

Site-to-site deployment

Remote user deployment

OpenVPN diagnostics

OpenVPN is connected but the traffic is not reaching the tunnel's destinations

OpenVPN client is not connecting to the server/a site-to-site tunnel doesn't become up

A single user cannot connect

Summary

Chapter 9: Multi-WAN – Failover and Load Balancing

Technical requirements

Failover and load balancing

Failover

Creating gateway groups

Policy-based routing

Creating a firewall rule to enable the failover configuration

Load balance

Troubleshooting

Summary

Chapter 10: Reporting

Technical requirements

System health graphs

RRDtool and health graphs

Understanding Netflow and how to use it

Configuring Netflow in OPNsense

Exploring real-time traffic

Troubleshooting common problems in the network using Netflow and graphs

Summary

Section 3: Going beyond the Firewall

Chapter 11: Deploying DHCP in OPNsense

Technical requirements

DHCP concepts

DHCP server

DHCP relay

Diagnostics

Summary

Chapter 12: DNS Services

Technical requirements

Core DNS services

Default DNS resolvers on OPNsense

DNS plugins

DDNS

Troubleshooting

Making a DNS lookup using the CLI

Summary

Chapter 13: Web Proxy

Technical requirements

Web proxy fundamentals

The explicit method

The transparent method

Why use a web proxy?

OPNsense web proxy core features

Basic configuration

Custom error pages

Configuring a web proxy with the explicit method

Testing the web proxy

Transparent web proxy configuration

Additional web proxy configurations

Web filtering

Web filtering practice

Web filtering – final thoughts

Reading logs and troubleshooting

Log files

Web proxy service issues

Summary

Chapter 14: Captive Portal

Technical requirements

Captive Portal concepts

OPNsense Captive Portal implementation

Setting up a guest network

Testing the configuration

Using voucher authentication

Web proxy integration

Common issues

HTTPS page redirection while using the Captive Portal

Summary

Chapter 15: Network Intrusion (Detection and Prevention) Systems

Technical requirements

IDS and IPS definition

Suricata and Netmap

Rulesets

Configuration

Testing

SSL fingerprint

Troubleshooting

Summary

Chapter 16: Next-Generation Firewall with Zenarmor

Technical requirements

Layer7 application control with Zenarmor

Choosing a Zenarmor edition

Hardware requirements

Paid subscriptions

Installing and setting up the Zenarmor plugin

Summary

Chapter 17: Firewall High Availability

Technical requirements

High availability concepts

Active-active and active-passive modes

CARP – how it works

The preempt behavior

Configuring high availability

Proposed scenario

Testing the HA configuration

Caveats

Summary

Chapter 18: Website Protection with OPNsense

Technical requirements

Publishing websites to the world

About the NGINX plugin

NGINX

Installing and configuring the NGINX plugin

Adding WAF rules

Troubleshooting

Testing for configuration issues

Logs reading

Summary

Chapter 19: Command-Line Interface

Technical requirements

Directory structure

Managing the backend daemons

Useful system commands

Advanced customization

Customizing the XML configuration file

Filtering log files

Filtering logs

Summary

Chapter 20: API – Application Programming Interface

Technical requirements

Concepts

Setting up API keys

API calls

GET method example

POST method example

Summary

Other Books You May Enjoy

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

3.149.249.127