netgate - logo

Security Gateway Manual
Microsoft Azure

PfSense® Plus Firewall/VPN/Router ya Microsoft Azure ndi pulogalamu yachitetezo yokhazikika, VPN, ndi zida zachitetezo. Ndioyenera kugwiritsidwa ntchito ngati malekezero a VPN pamakina a VPN omwe ali ndi tsamba ndi malo komanso ngati seva yakutali ya VPN pazida zam'manja. Native firewall magwiridwe antchito akupezeka monga zina zambiri zowonjezera monga mawonekedwe a bandwidth, kuzindikira kwa intrusion, proxying, ndi zina zambiri kudzera pamaphukusi. pfSense Plus ya Azure ikupezeka ku Azure Marketplace.

Zamkatimu kubisa
1 KUYAMBAPO
2 Zolemba / Zothandizira
2.1 Maumboni
3 Zolemba Zogwirizana

KUYAMBAPO

1.1 Kukhazikitsa Chitsanzo ndi NIC imodzi
Chitsanzo cha Netgate® pfSense® Plus ya Azure yomwe idapangidwa ndi NIC imodzi itha kugwiritsidwa ntchito ngati pomaliza VPN kulola mwayi wofikira ku Azure Virtual Network (VNet). NIC imodzi pfSense
Makina ophatikizana (VM) amangopanga mawonekedwe a WAN, komabe amapereka IP yapagulu komanso yachinsinsi mkati mwa Azure.
Mu Azure Management Portal, yambitsani chida chatsopano cha Netgate pfSense® Plus Firewall/VPN/Router.

  1. Kuchokera pa Dashboard ya Azure portal, dinani pa Marketplace.netgate pfSense Plus Firewall VPN Router ya Microsoft Azure - ingle NIC
  2. Saka and select the Netgate Appliance for Azure.
  3. Khazikitsani dzina la chochitikacho komanso dzina lolowera, mawu achinsinsi, gulu lothandizira, ndi dera.
    Dzina lolowera lidzapangidwa ngati akaunti yovomerezeka ya pfSense Plus pa boot ndipo azitha kulowa mu web GUI. Kuphatikiza apo, wogwiritsa ntchito admin adzakhalanso ndi mawu achinsinsi omwe akhazikitsidwa kumtengo womwe walowa.
    Chenjezo: Dzina lolowera lomwe limagwiritsidwa ntchito poyang'anira pfSense Plus ndi admin, koma admin ndi dzina losungidwa lomwe sililoledwa kukhazikitsidwa ndi wizard yopereka Azure. Komanso chitetezo chamtambo, chimaonedwa kuti ndi njira yabwino yochepetsera mwayi wogwiritsa ntchito mizu, chifukwa chake muzu umatsekedwa mwachisawawa.netgate pfSense Plus Firewall VPN Router ya Microsoft Azure - Chitetezo
  4. sungani saizi ya chitsanzo.netgate pfSense Plus Firewall VPN Router ya Microsoft Azure - kukula kwa nstance
  5. Sankhani mtundu wa chimbale, ndi zoikamo maukonde (virtual network, subnet, IP adiresi, gulu chitetezo network).
    Kuti muyang'anire chipangizo cha Netgate pfSense ® Plus, muyenera kuonetsetsa kuti gulu lachitetezo lili ndi malamulo olola madoko 22 (SSH) ndi 443 (HTTPS) kuti apeze mzere wolamula ndi Web GUI. Ngati mukufuna kulola magalimoto ena, onjezani zomaliza.
    Kwa IPsec, lolani UDP doko 500 (IKE) ndi UDP doko 4500 (NAT-T).
    Za OpenVPN, kulola UDP doko 1194.
    Dinani pa Network chitetezo gulu ndi kuwonjezera pakufunika.
  6. Tsimikizirani zomwe mwasankha patsamba lachidule ndikudina Chabwino.
  7. Onani mtengo patsamba logula ndikudina Purchase.
  8. VM ikangoyambitsa ndipo portal ya Azure ikuwonetsa kuti yabwera, mutha kulowa web mawonekedwe. Gwiritsani ntchito mawu achinsinsi omwe mudakhazikitsa panthawi yoperekera komanso wogwiritsa ntchito admin. Muyenera tsopano kuti mugwiritse ntchito chipangizochi.

1.2 Kukhazikitsa Instance yokhala ndi Multiple Network Interfaces.

Chitsanzo cha Netgate® pfSense® Plus ya Azure yomwe ili ndi ma NIC angapo omwe amayenera kugwiritsidwa ntchito ngati chotchingira moto kapena chipata sichingaperekedwe padoko la Azure. webmasamba. Kuti mupereke chitsanzo chokhala ndi maukonde angapo, muyenera kugwiritsa ntchito PowerShell, Azure CLI, kapena template ya ARM kuti mugwire ntchito zofunika.
Njira izi zidalembedwa muzolemba za Microsoft za azure. Maulalo ena omwe akuwonetsa izi:

  • Tumizani ndi PowerShell pansi pamtundu wapamwamba wotumizira
  • Sungani ndi PowerShell pansi pa Resource Manager deployment model
  • Gwiritsani ntchito ndi Azure CLI pansi pa Resource Manager deployment model
  • Tumizani ndi ma templates pansi pa Resource Manager deployment model

netgate pfSense Plus Firewall VPN Router ya Microsoft Azure - Kukhazikitsa

1.3 Thandizo la Azure Boot Diagnostics Extension.

Zowonjezera za Azure Boot Diagnostics sizingagwire ntchito bwino ndi pulogalamu ya Netgate® pfSense ® Plus ya chipangizo cha Azure.
Mavuto adanenedwa ndi magwiridwe antchito pakuyesa chiphaso cha chipangizocho. Kuyesedwa kotsatira kunawonetsa kuti zikuwoneka kuti zikugwira ntchito nthawi zina. Ndinu omasuka kuyesa kuyatsa kuwunika kwa boot, koma sikuthandizidwa.
Chifukwa chake, chonde musayambitse mafoni othandizira kapena matikiti ngati mupeza kuti zowonjezera za Boot Diagnostics sizikuyenda bwino ndi Netgate pfSense ® yanu.
Kuphatikiza kwa Azure VM. Ichi ndi malire odziwika ndipo palibe mankhwala omwe akupezeka kuchokera
Gulu lothandizira makasitomala la Azure kapena la Netgate.

2.1Kupezeka kwa Msika Wachigawo

Matebulo omwe ali pansipa akuyimira kupezeka kwa msika wachigawo. Ngati msika wakudera womwe mukufuna sunatchulidwe, onetsani kupezeka kwa Zigawo za Microsoft kapena perekani tikiti yothandizira mwachindunji ku Microsoft Azure.

Table 1: Madera Opezeka a Microsoft Azure

Msika pfSense Plus
Armenia Likupezeka
Australia *
Austria Likupezeka
Belarus Likupezeka
Belgium Likupezeka
Brazil Likupezeka
Canada Likupezeka
Croatia Likupezeka
Cyprus Likupezeka
Czechia Likupezeka
Denmark Likupezeka
Estonia Likupezeka
Finland Likupezeka
France Likupezeka
Germany Likupezeka
Greece Likupezeka
Hungary Likupezeka
India Likupezeka
Ireland Likupezeka
Italy Likupezeka
Korea Likupezeka
Latvia Likupezeka
Liechtenstein Likupezeka
Lithuania Likupezeka
Luxembourg Likupezeka
Malta Likupezeka
Monako Likupezeka
Netherlands Likupezeka
New Zealand Likupezeka
Norway Likupezeka

Table 1 - idapitilira patsamba lapitalo.

Msika pfSense Plus
Poland Likupezeka
Portugal Likupezeka
Puerto Rico Likupezeka
Romania Likupezeka
Russia Likupezeka
Saudi Arabia Likupezeka
Serbia Likupezeka
Slovakia Likupezeka
Slovenia Likupezeka
South Africa Likupezeka
Spain Likupezeka
Sweden Likupezeka
Switzerland Likupezeka
Taiwan Likupezeka
nkhukundembo Likupezeka
United Arab Emirates Likupezeka
United Kingdom Likupezeka
United States Likupezeka

* Australia ndi Dziko Loyang'aniridwa ndi Microsoft kuti lizigulitsa kudzera muzochitika zonse zogulira makasitomala kusiyapo nkhani yogula kasitomala ya Enterprise Agreement.

2.2 Mafunso Ofunsidwa Kawirikawiri

2.2.11. Kodi ndikhazikitse mawu achinsinsi kapena kugwiritsa ntchito kiyi ya SSH pakugwiritsa ntchito kwa Azure?

Ndi bwino kukhazikitsa achinsinsi. Izi zidzapereka mwayi wopita ku WebGUI, pomwe kiyi ya SSH imangokulolani kuti mupite ku SSH command prompt. Zosintha zambiri mu pulogalamu ya Netgate® pfSense ® Plus zimayendetsedwa kudzera pa WebGUI. Ngati mwangozi mugwiritsa ntchito kiyi ya SSH m'malo mwake, mutha kusankha njira yokhazikitsiranso password ya admin pamawu omwe amawonekera mukamasewera ssh. Kenako the WebMawu achinsinsi a GUI asinthidwa kukhala "pfsense". Muyenera kusintha nthawi yomweyo achinsinsi a admin kuti akhale otetezeka kwambiri mukangolowa bwino WebGUI.

2.2.22. Kodi zosintha zaposachedwa za pulogalamuyi zimathandizidwa?

Zomasulira zamtundu wa 2.2.x zisayese kukweza pulogalamu ya firmware. M'tsogolomu (pfSense 2.3 kapena mtsogolo), izi zitha kukhala zotheka, koma sizinayesedwe komanso sizothandiza. Popeza kuti ndondomeko yeniyeni ya console palibe, ndondomeko yotsimikizirika yobwezeretsa zolephera panthawi yokonzanso ingakhale yovuta kufotokoza. Njira yomwe ikulimbikitsidwa pakali pano yokweza ndikusunga pfSense ® Plus config kuchokera pa zomwe zilipo ndikubwezeretsanso nthawi ina pomwe kukweza kulipo.

2.3 Zida Zothandizira

2.3.1 Thandizo la Zamalonda

Kuti mitengo ikhale yotsika, pulogalamuyo siyimangiriridwa ndi kulembetsa kothandizira. Kwa ogwiritsa ntchito omwe amafunikira chithandizo chamalonda, Netgate® Global Support ingagulidwe pa https://www.netgate.com/support.
2.3.2Kuthandizira Madera
Thandizo la anthu ammudzi likupezeka kudzera mu Newgate Forum.

2.4 Zowonjezera Zowonjezera

2.4.1 Maphunziro a Netgate

Maphunziro a Netgate amapereka maphunziro owonjezera chidziwitso chanu cha zinthu ndi ntchito za pfSense ® Plus. Kaya mukufunika kusunga kapena kukonza luso lachitetezo cha antchito anu kapena kupereka chithandizo chapadera kwambiri ndikuwongolera kukhutira kwamakasitomala anu; Maphunziro a Netgate akukuthandizani.
https://www.netgate.com/training

2.4.2Resource Library

Kuti mudziwe zambiri zamomwe mungagwiritsire ntchito chipangizo chanu cha Netgate komanso zinthu zina zothandiza, onetsetsani kuti mwasakatula Laibulale yathu Yothandizira.
https://www.netgate.com/resources

2.4.3 Ntchito Zaakatswiri

Thandizo silimakhudza ntchito zovuta kwambiri monga kukonza kwa CARP pakuchepetsanso ma firewall angapo kapena ma circuits, mapangidwe a netiweki, ndikusintha kuchokera pama firewall ena kupita ku pulogalamu ya pfSense ® Plus. Zinthu izi zimaperekedwa ngati ntchito zamaluso ndipo zitha kugulidwa ndikukonzedwa moyenera.
https://www.netgate.com/our-ervices/professional-services.html

2.4.4Zosankha za Anthu

Ngati mwasankha kusalipidwa dongosolo lothandizira, mutha kupeza thandizo kuchokera kugulu la pfSense lodziwa zambiri pamabwalo athu.
https://forum.netgate.com/

Zolemba / Zothandizira

netgate pfSense Plus Firewall/VPN/Router ya Microsoft Azure [pdf] Buku Logwiritsa Ntchito
Microsoft Azure, Security Gateway, Microsoft Azure Security Gateway, pfSense Plus Firewall VPN Router ya Microsoft Azure, pfSense Plus Firewall VPN Router

Maumboni

Zolemba Zogwirizana

Siyani ndemanga

Imelo yanu sisindikizidwa. Minda yofunikira yalembedwa *