Create a pfSense Firewall for Our Proxmox Lab
I don’t have anything significant to add to 0xBEN’s excellent write-up.
Although setting up firewall rules seems like a daunting ordeal, and the number of tasks seem large, the process and logic should feel familiar to those who have previously set up a HomeLab using VirtualLab or VMware.
Tasks include:
- System Setup
- Give your pfSense VM a Static DHCP Reservation
- Double Check the Options
- Install and pfSense Initial Setup
- Configure VLANs
- Configuring Interface IP Address Ranges
- Configuring the System Settings
- Logging in and Setting Up
- Hostname and Domain
- DNS Settings
- NTP Server
- Configure the WAN Interface
- Configure the LAN Interface
- Permanent Access via WAN IP
- Disable the Firewall Again
- Add a WAN Rule
- Finalize System Setup
- Set up Firewall Rules
- Create Firewall Aliases
- Create an Alias for RFC1918
- Create an Alias for Kali
- WAN Firewall Rules
- LAN Firewall Rules
- SEC_EGRESS Rules
- SEC_ISOLATED Rules
- Configure the DNS Resolver Service
- Adding Additional VLANs to the Cyber Range
DEVIATIONS FROM 0xBEN
Reserving an IP address via home router:
Allow SEC_ISOLATED LAN to Kali VM
-
in first example, can see added Kali as a destination
-
but it was cut off in a second example
