Configurações Essenciais - Curso Firewall OPNsense

Introduction

This tutorial will guide you through the essential configurations of OPNsense, a powerful open-source firewall and routing platform. By following these steps, you'll learn how to set up and secure your network effectively, making your environment more robust against potential threats.

Step 1: Accessing the OPNsense Interface

• Open your web browser.
• Enter the IP address of your OPNsense firewall (default is usually 192.168.1.1).
• Log in using the default credentials (username: root, password: opnsense).
• Change the default password immediately for security.

Step 2: Initial Configuration

• Navigate to the System menu and select General Setup.
• Configure the following settings:
  • Hostname: Set a unique hostname for your firewall.
  • Domain: Enter your domain name (if applicable).
  • DNS Servers: Add reliable DNS servers (e.g., Google: 8.8.8.8, 8.8.4.4).
• Save and apply the changes.

Step 3: WAN and LAN Setup

• Go to Interfaces and select the WAN interface.
• Set the following:
  • IPv4 Configuration Type: Choose between DHCP or Static based on your network.
  • If Static, enter the IP Address, Subnet Mask, and Gateway.
• Next, configure the LAN interface:
  • Select the LAN interface and set the IPv4 Configuration Type to Static.
  • Assign an IP Address (e.g., 192.168.1.1) and Subnet Mask (usually 24).
• Save changes for both interfaces.

Step 4: Firewall Rules

• Navigate to Firewall and click on Rules.
• Start with the WAN rules:
  • Click Add to create a rule allowing traffic (e.g., allow ICMP for ping).
• Move to the LAN rules:
  • Add rules to allow specific traffic or services (e.g., allowing HTTP/HTTPS).
• Apply changes to activate the rules.

Step 5: Setting Up NAT

• Go to Firewall and select NAT.
• Under Port Forward:
  • Add a new rule to redirect specific ports (e.g., port 80 for web traffic).
  • Specify the Destination (WAN address) and Redirect Target IP (LAN IP).
• Save the configuration and apply changes.

Step 6: Enabling Logging and Monitoring

• Head to System and select Log Files.
• Enable logging for various services to monitor traffic and potential issues.
• Regularly check these logs for any unusual activity.

Step 7: Backup Configuration

• Navigate to System and select Configuration.
• Choose Backups and click on Download to save your current configuration.
• Store the backup in a secure location for future recovery.

Conclusion

Congratulations! You have completed the essential configurations for OPNsense. You now have a basic yet effective firewall setup to protect your network. As a next step, consider exploring advanced features such as VPN setup, Intrusion Detection Systems (IDS), and more detailed firewall rules to further enhance your network security.