professional-service-best-practices/terraform-pfsense-deployment
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
terraform-pfsense-deployment/README.md
BackInBash 6fa1642946 Update README.md
2025-04-10 09:17:24 +02:00

1.1 KiB
Raw Permalink Blame History

STACKIT pfSense Deployment

Terraform script to deploy an pfSense firewall into STACKIT Cloud.

Deployment overview:

The Terraform deployment consists of:

  • WAN Network
  • LAN Network
  • pfSense firewall VM + disk volume
  • FloatingIP for firewall VM
  • deactivating port security on firewall ports

Setup

Requirements:

  • Terraform installed
  • Access to a STACKIT project
  • STACKIT Service-Account-Token

Installation

  1. Clone Repo
  2. Setup enviroment (.env) variables
  3. Run Terraform terraform apply

Default Configuration

Interfaces

  1. vtnet0 WAN
  2. vtnet1 LAN

NAT

Masqurade (Outbound NAT) Traffic from LAN to WAN

DNS

Disable build in unbound DNS resolver and forward all DNS queries to public DNS Servers OpenDNS & Quad9

Dashboard

Customized Widgets and CSS settings

Password

Set default password for admin to STACKIT123!

Interface Access

Disabled Referer-Check Enable allow all wan adresses to connect to the WebUI

Now you can enter the WebUI via the FloatingIP on port 443 the default login is admin:STACKIT123!