can I connect the client that I created using the vm to the pfsense interface in virtualbox?
-
@ezvink Add a new rule on WAN to allow traffic from the WAN subnet to the WAN address on the webgui port.
Anything on the bridged subnet should then be able to access the webgui which is fine in a test setup like this. -
@stephenw10
What kind of settings should I have, sir?, I see the module you provided from the netgate site is not the same as the picture I provided
-
@stephenw10 said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:
Add a new rule on WAN to allow traffic from the WAN subnet to the WAN address on the webgui port.
So use:
Source: WAN net
Destination: WAN address
Destination Port: https (assuming your webgui is on the default port)Steve
-
@stephenw10
what next sir? is this correct?
-
Yes. That should allow other devices in your local network to login to the pfSense via it's WAN IP. Including the host if needed.
-
@stephenw10
so in lubuntu VM must use adapter 1 bridge sir? is that so sir? then the client can access the pfsense -
@stephenw10
I always have problems pinging from pfsense to the client it connects but when I try to ping from the client to pfsense it still doesn't connect sir.
even though I've used the rules you gave. -
No the Lubuntu VM should be connected to the Internal Network adapter and that should already have access to the pfSense GUI as long as the NIC you're using for the pfSense LAN is also an Internal Network adapter.
You removed the 3rd NIC from the pfSense VM right?
-
@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:
I took a networking class
@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:
this is a project for my final project
@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:
The project that I will make is about IDS Suricata and Snort.
I need 1 client as server 1 client for attacker then pfsense as firewall.@ezvink said in can I connect the client that I created using the vm to the pfsense interface in virtualbox?:
I'm confused how to connect it
Then you need to develop your networking skill if you are ever going to be employed for your network skills.
How all engineering task are done, is you develop ability with the basic building blocks then combine multiple building blocks to achieve more complex tasks.
You were set this project not because anyone cares about the end result, what matters is the skill you develop in doing a Network engineering task. For you to actually have the competence to do your project you need skills in
- Hypervisor virtual machine configuration
- How to configure a virtual network within the Hypervisor
- Firewall installation and network configuration
- How to configure the basic firewall features within your chosen firewall application
- Installation of advanced firewall capabilities to support IDS (eg Suricata or Snort)
- Configuration of the IDS package
- Designing & building a firewall test station including a simulated attacking computer, a firewall under test, and a defended work station.
- Testing the effectiveness of the of your Firewall with IDS
- Understanding and reporting on the limitations of your choosen threat protection approach (eg encrypted messaging).
Your start this engineering task by getting the basic stuff working first. Your questions indicate you have not got a firm understanding of step 2. yet, so do just that and get just that working. After which you should be able to create a VM and have it network reliably with what ever other VM or NIC you choose.
After which you can learn about step 3. Which is best done by reading the manual and experimenting. Asking others to build your project for you deprives you of the learning opportunity and will prevent you from becoming a competent network engineer. If you want a successful career there is no other way.
-
i didn't remove it the pack persists, so the lubuntu VM keeps using the internal network?
-
I'm sorry sir, I have only recently studied this VM before I used more physical tools such as Mikrotik and others.
For the configuration of Snort and Suricata, I understand quite well, sir, now I'm also just learning about Pfsense because when I'm short I ask for help from this forum.
Yes, I really don't understand much about firewalls, moreover, it's different like my configuration on Winbox, that's why I'd better ask this forum because the time for this project to be collected is not long -
I've done it sir, but still it doesn't work sir
-
Both of those show as adapter 3 but I expect on one NIC on the Lubuntu VM and two on the pfSense VM. Are the other disabled?
That will work as long as the subnets are correct and the 'Adapter 3' NIC in pfSense is assigned as LAN.
Are you using DHCP in Lubuntu or a static config?
-
@stephenw10
so adapter 1 in the lubuntu VM is entered in the internal network, then adapter 2 in pfsense is entered in the internal network, like that, sir?I am using static ip pak in lubuntu VM, as well as in pfsense VM
-
Yes, that's correct. As long as those are NICs you have assigned in the OS. Usually those are the default order.
If you use DHCP then it will be obvious if it's connected and you remove the possibility of making a mistake in the static config.
Steve
-
@stephenw10
I've followed what you suggested, but the web gui doesn't even work, sir?
-
@stephenw10
and if i change adapter2 to host-only the web runs sir
-
Looks like you are trying to connect from the host but using the internal subnet IP address. Which I expect to fail!
With adapter 2 set as internal network the Lubuntu VM should be to access pfSense at 192.168.1.1.
From the host you should be using the WAN IP, 192.168.18.48. That will work as long as you have added the firewall rule on WAN.
Steve
-
@ezvink @stephenw10
So where should I do the test, sir? i have to check the web gui on the lubuntu vm with network settings like this? sorry sir i don't really understand -
You can connect from either but you have to use the correct IP address.
The Lubuntu VM is connected to LAN so it can access any IP address in pfSense.
The VBox host cannot access the internal network so if you are trying to access it from there you need to use the pfSense WAN IP.
Steve