No description
				
			
			
		| .gitignore | ||
| 00-provider.tf | ||
| 01-config.tf | ||
| 02-pfsense-image.tf | ||
| 03-pfsense-network.tf | ||
| 04-pfsense-appliance.tf | ||
| deployment.d2 | ||
| deployment.svg | ||
| example.env | ||
| LICENSE | ||
| pfsense.qcow2 | ||
| README.md | ||
STACKIT pfSense Deployment
Terraform script to deploy an pfSense firewall into STACKIT Cloud.
The Terraform deployment consists of:
- WAN Network
- WAN Router with external RouterIP
- LAN Network
- LAN Router with static default gateway router to the pfSense firewall
- pfSense firewall VM + disk volume
- FloatingIP for firewall VM
- deactivating port security on firewall ports
Setup
Requirements:
- Terraform installed
- Access to a STACKIT project
- STACKIT Service-Account-Token
Installation
- Clone Repo
- Setup enviroment (.env) variables
- Run Terraform terraform apply
Default Configuration
Interfaces
- vtnet0WAN
- vtnet1LAN
NAT
Masqurade (Outbound NAT) Traffic from LAN to WAN
DNS
Disable build in unbound DNS resolver and forward all DNS queries to public DNS Servers OpenDNS & Quad9
Dashboard
Customized Widgets and CSS settings
Password
Set default password for admin to STACKIT123!
Interface Access
Disabled Referer-Check Enable allow all wan adresses to connect to the WebUI
Now you can enter the WebUI via the FloatingIP on port 443 the default login is admin:STACKIT123!
