netgate - logo

Jagoran Ƙofar Tsaro
Microsoft Azure

PfSense® Plus Firewall/VPN/Router na Microsoft Azure babban bangon wuta ne, VPN, da kayan tsaro. Ya dace don amfani azaman ƙarshen ƙarshen VPN duka don ramukan VPN zuwa rukunin yanar gizo da azaman uwar garken VPN mai nisa don na'urorin hannu. Ana samun aikin bangon wuta na asali kamar yadda akwai ƙarin fasalulluka da yawa kamar ƙirar bandwidth, gano kutse, wakili, da ƙari ta fakiti. pfSense Plus na Azure yana samuwa a cikin Kasuwar Azure.

Abubuwan da ke ciki boye
1 FARAWA
2 Takardu / Albarkatu
2.1 Magana
3 Labarai masu alaka

FARAWA

1.1 Ƙaddamar da Misali tare da NIC guda ɗaya
Misali na Netgate® pfSense® Plus na Azure wanda aka ƙirƙira tare da NIC guda ɗaya ana iya amfani da shi azaman ƙarshen ƙarshen VPN don ba da damar shiga hanyar sadarwar Azure Virtual Network (VNet). NIC pfSense guda ɗaya
Ƙarin injin kama-da-wane (VM) yana ƙirƙirar ƙirar WAN ne kawai, amma har yanzu yana ba da IP na jama'a da masu zaman kansu a cikin Azure.
A cikin Hanyar Gudanar da Azure, ƙaddamar da sabon misali na Netgate pfSense® Plus Firewall/VPN/Router kayan aiki.

  1. Daga Dashboard Portal Azure, danna kan Kasuwa.netgate pfSense Plus Firewall VPN Router don Microsoft Azure - ingle NIC
  2. Bincika and select the Netgate Appliance for Azure.
  3. Saita sunan misali da sunan mai amfani, kalmar sirri, rukunin albarkatun, da yanki.
    Za a ƙirƙiri sunan mai amfani da aka shigar azaman ingantaccen asusun pfSense Plus akan taya kuma zai iya shiga cikin web GUI. Bugu da ƙari, mai amfani da admin kuma zai saita kalmar sirrinsa zuwa ƙimar da aka shigar.
    Gargadi: Sunan mai amfani da aka saba amfani da shi don gudanar da pfSense Plus shine admin, amma admin wani suna ne da aka tanada wanda ba a yarda da maye gurbin Azure ya saita shi ba. Hakanan don tsaro na girgije, ana ɗaukar mafi kyawun aiki don iyakance samun dama ga tushen mai amfani, don haka tushen yana kulle ta tsohuwa.netgate pfSense Plus Firewall VPN Router don Microsoft Azure - Tsaro
  4. rage girman misali.netgate pfSense Plus Firewall VPN Router don Microsoft Azure - girman stance
  5. Zaɓi nau'in diski, da saitunan cibiyar sadarwa (cibiyar sadarwa ta zahiri, subnet, adireshin IP na jama'a, ƙungiyar tsaro ta hanyar sadarwa).
    Don sarrafa kayan aikin Netgate pfSense ® Plus, ya kamata ku tabbatar cewa ƙungiyar tsaro ta ƙunshi dokoki don ba da damar tashar jiragen ruwa 22 (SSH) da 443 (HTTPS) don samun damar layin umarni kuma Web GUI. Idan kuna shirin ba da izinin wasu zirga-zirga, ƙara ƙarin wuraren ƙarewa.
    Don IPsec, ba da izini UDP tashar jiragen ruwa 500 (IKE) kuma UDP tashar jiragen ruwa 4500 (NAT-T).
    Domin Bude VPN, yarda UDP tashar jiragen ruwa 1194.
    Danna rukunin tsaro na hanyar sadarwa kuma yi ƙari kamar yadda ake buƙata.
  6. Tabbatar da zaɓinku akan shafin Takaitawa kuma danna Ok.
  7. Lura farashin akan shafin siyan kuma danna Sayi.
  8. Da zarar VM ya ƙaddamar kuma tashar tashar Azure ta nuna cewa ta fito, zaku iya samun dama ga web dubawa. Yi amfani da kalmar wucewar da kuka saita yayin tsarin samarwa da mai amfani da admin. Ya kamata yanzu ku sami damar shiga na'urar.

1.2 Ƙaddamar da Misali tare da Multiple Network Interfaces.

Misali na Netgate® pfSense® Plus don Azure wanda ke da NICs da yawa waɗanda za a yi amfani da su azaman bangon wuta ko ƙofar ba za a iya samar da su a cikin tashar Azure ba. webshafuka. Domin samar da misali tare da mu'amalar hanyar sadarwa da yawa, dole ne ka yi amfani da PowerShell, da Azure CLI, ko samfurin ARM don aiwatar da ayyukan da ake buƙata.
An rubuta waɗannan hanyoyin a cikin takaddun azure na Microsoft. Wasu hanyoyin haɗin gwiwa waɗanda ke kwatanta wannan tsari:

  • Aiwatar da PowerShell a ƙarƙashin ƙirar turawa na yau da kullun
  • Aika tare da PowerShell a ƙarƙashin samfurin tura Manajan Albarkatu
  • Aika tare da Azure CLI a ƙarƙashin samfurin tura Manajan Albarkatu
  • Yi amfani da samfuri a ƙarƙashin ƙirar tura Manajan Albarkatu

netgate pfSense Plus Firewall VPN Router don Microsoft Azure - Saita

1.3 Tallafi don Tsawaita Binciken Boot na Azure.

Tsawancin Binciken Boot na Azure na iya yin aiki da kyau tare da software na Netgate® pfSense ® Plus don kayan aikin Azure.
An ba da rahoton matsaloli tare da wannan aikin yayin gwajin takaddun shaida na na'urar. Gwajin da aka yi a baya ya nuna cewa ya bayyana yana aiki a ƙarƙashin wasu yanayi. Kuna da 'yanci don yin ƙoƙarin kunna bincikar taya, amma ba a samun goyan bayan hukuma.
Don haka, don Allah kar a fara kiran goyan baya ko tikiti idan kun ga cewa tsawo na Boot Diagnostics baya aiki da kyau tare da Netgate pfSense® ku.
Ƙari don Azure VM. Wannan sanannen iyakance ne kuma babu wani magani daga
Tawagar tallafin abokin ciniki na Azure ko Netgate's.

2.1 Samuwar Kasuwar Yanki

Teburan da ke ƙasa suna wakiltar samuwa ta yanzu ta kasuwar yanki. Idan ba a jera kasuwannin yanki da ake so ba, koma zuwa kasancewar Yankunan Microsoft ko ƙaddamar da tikitin tallafi kai tsaye zuwa Microsoft Azure.

Tebur 1: Microsoft Azure Akwai Yankunan

Kasuwa pfSense Plus
Armeniya Akwai
Ostiraliya *
Austria Akwai
Belarus Akwai
Belgium Akwai
Brazil Akwai
Kanada Akwai
Croatia Akwai
Cyprus Akwai
Czechia Akwai
Denmark Akwai
Estoniya Akwai
Finland Akwai
Faransa Akwai
Jamus Akwai
Girka Akwai
Hungary Akwai
Indiya Akwai
Ireland Akwai
Italiya Akwai
Koriya Akwai
Latvia Akwai
Liechtenstein Akwai
Lithuania Akwai
Luxembourg Akwai
Malta Akwai
Monaco Akwai
Netherlands Akwai
New Zealand Akwai
Norway Akwai

Tebur 1 – ci gaba daga shafi na baya.

Kasuwa pfSense Plus
Poland Akwai
Portugal Akwai
Puerto Rico Akwai
Romania Akwai
Rasha Akwai
Saudi Arabia Akwai
Serbia Akwai
Slovakia Akwai
Slovenia Akwai
Afirka ta Kudu Akwai
Spain Akwai
Sweden Akwai
Switzerland Akwai
Taiwan Akwai
Turkiyya Akwai
Hadaddiyar Daular Larabawa Akwai
Ƙasar Ingila Akwai
Amurka Akwai

* Ostiraliya Kasa ce Mai Gudanar da Microsoft don siyarwa ta duk yanayin siyan abokin ciniki banda yanayin siyan abokin ciniki na Yarjejeniyar Kasuwanci.

2.2Tambayoyin da ake yawan yi

2.2.11. Shin zan saita kalmar sirri ko amfani da maɓallin SSH yayin tanadin mai amfani da Azure?

Ana ba da shawarar saita kalmar wucewa. Wannan zai ba da damar yin amfani da WebGUI, yayin da maɓallin SSH zai ba ku damar samun dama ga umarnin SSH kawai. Yawancin abubuwan haɗin kai a cikin Netgate® pfSense ® Plus software ana sarrafa su ta hanyar WebGUI. Idan kun yi amfani da maɓallin SSH ba da gangan ba, zaku iya zaɓar zaɓi don sake saita kalmar wucewa ta admin a menu na rubutu wanda ya bayyana lokacin da kuka ssh zuwa misalin ku. Sai kuma WebGUI kalmar sirri za a sake saita zuwa "pfsense". Nan da nan ku sabunta kalmar wucewa ta admin zuwa mafi amintaccen ƙima da zarar kun sami nasarar shiga cikin WebGUI.

2.2.22. Ana tallafawa sabunta software kai tsaye?

Bai kamata nau'ikan da ke cikin kewayon 2.2.x su yi ƙoƙarin aiwatar da haɓakar firmware ba. A nan gaba (pfSense 2.3 ko kuma daga baya), wannan na iya yiwuwa, amma a halin yanzu ba a gwada shi kuma ba shi da tallafi. Tunda babu na'ura mai kwakwalwa ta gaskiya, ingantaccen tsari na dawo da lalacewa yayin haɓakawa zai yi wahala a fayyace. Tsarin da ake ba da shawarar a halin yanzu don haɓakawa shine a madadin pfSense ® Plus config daga misalin da ake da shi kuma a mayar da shi akan sabon misali idan akwai haɓakawa.

2.3 Abubuwan Taimako

2.3.1 Tallafin Kasuwanci

Domin kiyaye farashin ƙasa, ba a haɗe software ɗin tare da biyan kuɗin tallafi. Ga masu amfani waɗanda ke buƙatar tallafin kasuwanci, Netgate® Global Support za a iya siyan ahttps://www.netgate.com/support.
2.3.2 Tallafin Al'umma
Ana samun tallafin al'umma ta hanyar Dandalin Newgate.

2.4Ƙarin Albarkatun

2.4.1 Koyarwar Netgate

Horon Netgate yana ba da darussan horo don haɓaka ilimin ku na samfuran pfSense ® Plus da samfuran. Ko kuna buƙatar kulawa ko haɓaka ƙwarewar tsaro na ma'aikatan ku ko bayar da tallafi na musamman da haɓaka gamsuwar abokin ciniki; Horon Netgate ya ba ku kariya.
https://www.netgate.com/training

2.4.2 Laburaren Albarkatu

Don ƙarin koyo game da yadda ake amfani da na'urar Netgate ɗinku da sauran albarkatu masu taimako, tabbatar da bincika Laburaren Albarkatun mu.
https://www.netgate.com/resources

2.4.3 Sabis na Ƙwarewa

Taimako baya ɗaukar ƙarin hadaddun ayyuka kamar daidaitawar CARP don sakewa a kan magudanar wuta ko da'irori, ƙirar hanyar sadarwa, da jujjuyawa daga wasu bangon bango zuwa software na pfSense ® Plus. Ana ba da waɗannan abubuwan azaman sabis na ƙwararru kuma ana iya siyan su da tsara su daidai.
https://www.netgate.com/our-ervices/professional-services.html

2.4.4 Zaɓuɓɓukan Al'umma

Idan kun zaɓi ba za ku sami tsarin tallafi na biya ba, zaku iya samun taimako daga al'ummar pfSense masu ƙwazo da masaniya akan dandalin mu.
https://forum.netgate.com/

Takardu / Albarkatu

netgate pfSense Plus Firewall/VPN/Router don Microsoft Azure [pdf] Manual mai amfani
Microsoft Azure, Ƙofar Tsaro, Ƙofar Tsaro ta Microsoft, pfSense Plus Firewall VPN Router don Microsoft Azure, pfSense Plus Firewall VPN Router

Magana

Labarai masu alaka

Bar sharhi

Ba za a buga adireshin imel ɗin ku ba. Ana yiwa filayen da ake buƙata alama *