You're reading from OPNsense Beginner to Professional Protect networks and build next-generation firewalls easily with OPNsense

Product type Paperback

Published in Jun 2022

Publisher Packt

ISBN-13 9781801816878

Length 464 pages

Edition 1st Edition

Tools

FreeBSD

Concepts

Network Security

Author (1):

Julio Cesar Bueno de Camargo

View More author details

Table of Contents (25) Chapters

Preface

1. Section 1: Initial Configuration

2. Chapter 1: An OPNsense Overview FREE CHAPTER

3. Chapter 2: Installing OPNsense

4. Chapter 3: Configuring an OPNsense Network

5. Chapter 4: System Configuration

6. Section 2: Securing the Network

7. Chapter 5: Firewall

8. Chapter 6: Network Address Translation (NAT)

9. Chapter 7: Traffic Shaping

10. Chapter 8: Virtual Private Networking

11. Chapter 9: Multi-WAN – Failover and Load Balancing

12. Chapter 10: Reporting

13. Section 3: Going beyond the Firewall

14. Chapter 11: Deploying DHCP in OPNsense

15. Chapter 12: DNS Services

16. Chapter 13: Web Proxy

17. Chapter 14: Captive Portal

18. Chapter 15: Network Intrusion (Detection and Prevention) Systems

19. Chapter 16: Next-Generation Firewall with Zenarmor

20. Chapter 17: Firewall High Availability

21. Chapter 18: Website Protection with OPNsense

22. Chapter 19: Command-Line Interface

23. Chapter 20: API – Application Programming Interface

24. Other Books You May Enjoy

VPN deployments using OpenVPN

As discussed previously, OpenVPN is a versatile VPN protocol and works well both in site-to-site and remote user deployments. Let's assume a similar scenario to the one we used in the IPsec site-to-site topic as an example to start this section.

Site-to-site deployment

In the following topology, you will notice that the tunnel network has a 10.10.10.0/30 address with just two usable addresses, one to each firewall:

Figure 8.9 – OpenVPN site-to-site topology example

We will configure this tunnel using a shared key to stay on the same track as our previous IPsec example. OpenVPN supports authentication using certificates for site-to-site deployments, although this chapter will look at it later, in the remote user deployment topic.

OpenVPN uses a client-server approach, so to define which side of the tunnel should be set as a server or client, you should take these things into consideration:

MultiWAN OPNsense...

The rest of the chapter is locked

You're reading from OPNsense Beginner to Professional Protect networks and build next-generation firewalls easily with OPNsense

Table of Contents (25) Chapters

VPN deployments using OpenVPN

Site-to-site deployment

Authors (1)

Personalised recommendations for you

You're reading from OPNsense Beginner to Professional Protect networks and build next-generation firewalls easily with OPNsense

Table of Contents (25) Chapters

VPN deployments using OpenVPN

Site-to-site deployment

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you