How To Setup PFsense Version 2.4.5 On The Amazon Web Services (AWS) Cloud Computing Platform.
PFSENSE is a powerful, open source, highly stable firewall product developed by Netgate currently being used in many organizations such as business enterprises, governments, educational institutions and more! PFsense comes with out of the box features such as load balancing and multi wan failover, traffic shaping and GeoIP blocking, multi-stack IPv4 and IPv6 support, DHCP and DNS server functionality, DNSBL blacklisting, site to site VPN tunnels via IPsec and OpenVPN, web content filtering, and more. Continue reading this tutorial to learn how to setup PFsense 2.4.5 In the cloud on Amazon Web Services.
In Order To Complete This Tutorial Successfully The Following Items Are Required. Please Ensure To Have These Items Available Before Taking Implimentation Action On This Tutorial :
1) An Amazon AWS free tier account.
2) A desktop or laptop with Windows 10, Mac OS or Linux
3) A Web browser i.e google chrome, Firefox or Safari
4) A debit or credit card – VISA or Mastercard
1) Go to signin.aws.amazon.com and create a free tier AWS account. if you already have an AWS account, sign in using your IAM credentials
2) Open the AWS EC2 dashboard, and open the AWS Market Place
3) Search for PFSENSE and install it using a free tier eligible aws machine image.
4) Open a new web browser tab and open the PFSENSE web configurator
5) Complete the PFSENSE post installation setup wizard then check for and install PFSENSE updates.
Step One: Login To Your AWS Account.
1) Click HERE to go to the AWS sign up / sign in page where you can either sign up for a free tier account if you do not have an AWS account. Please note that you will need a working VISA or MASTERCARD enabled bank card.
If you already have an AWS account login using your IAM credentials. Please avoid using your root AWS account as this may expose you to security risks.
2) If you do not have an IAM account, login to AWS using your root user credentials. Click on SERVICES and search for IAM. Click on the IAM search result to open the IAM MANAGEMENT CONSOLE and click on the USERS option.
Click on CREATE USER, type in your desired USERNAME and select the AWS ACCESS TYPE options.
Click on the blue NEXT: PERMISSIONS button, click on the EC2ADMINISTRATORS check box and click on the NEXT: TAGS button. IAM user tags allow you to specify user details such as a user’s email address, or can be descriptive, such as a user’s job title. However IAM tags are optional and you may skip this STEP.
Click on the blue NEXT: REVIEW button and click on the CREATE USER button.
3) logout of your AWS root user account and login to the IAM user account that you have just created using your IAM users sign in link , click on SERVICES and click on EC2
From the EC2 MANAGEMENT CONSOLE click on the orange LAUNCH INSTANCE button.Click on the AWS MARKETPLACE tab and search for PFSENSE.
Click on the blue SELECT button on the NETGATE PFSENSE FIREWALL/VPN/ROUTER search result.
On STEP 2: CHOOSE AN INSTANCE TYPE choose thet3.micro option with that green FREE TIER ELIGIBLE indication and click on the blue REVIEW AND LAUNCH button.
4) On STEP 7: REVIEW AND LAUNCH, the PFSENSE instance details will be displayed. You can change/edit details such as AMI DETAILS, INSTANCE TYPE, SECURITY GROUPS, STORAGE and more. If there are no changes to be made click on the LAUNCH button.
5) A dialog box prompting you to select or create an AWS keypair will be displayed. A key pair consists of a public key that AWS stores, and a private key file that you store. Together, they allow you to connect to your instance securely. Click on the CREATE A NEW KEYPAIR option, type in a name for the new key pair and click on the DOWNLOAD KEY PAIR button.
Click on the LAUNCH INSTANCES and once the instance has been created click on the VIEW INSTANCES button.
6) Copy the public DNS address or public IP address of the newly created PFSENSE instance, open a new browser tab, paste it into the address bar and press ENTER.
A warning page will be displayed informing you that the connection is not private. This happens because PFSENSE uses a self signed SSL certificate out of the box. Click on the ADVANCED option and click on PROCEED.
On the PFSENSE login page, type in the username “admin” and the password “pfsense” and click on SIGN IN.
7) On the PFSENSE setup wizard,click on NEXT until you get to the GENERAL INFORMATION section. Type in a hostname, domain name, primary and secondary DNS server on the appropriate spaces provided and click on NEXT.
8) On the TIME SERVER INFORMATION section type in the domain name of your prefered NTP server e.g time.windows.com and click on NEXT.
On the SET ADMINWEBGUI PASSWORD section, type in a strong password that you will use to sign in to the PFSENSE web console, click on NEXT and click on the RELOAD button to apply changes.
9) Sign out of the PFSENSE webgui and sign back in using your newly created webgui password. Click on SYSTEM > UPDATE and if there are any updates available you will see a green CONFIRM button prompting you to verify and proceed with the update.
At this point you have successfully provision and deployed PFSENSE on amazon AWS. From here you can do things such as creating VPN connections and running a PPPOE server.