netgate - logo

Incwadi yeSango yoKhuseleko
Microsoft Azure

I-pfSense® Plus Firewall/VPN/Router yeMicrosoft Azure sisixhobo sokhuseleko esisexesheni, iVPN, kunye nesixhobo sokhuseleko. Ifanelekile ukusetyenziswa njengesiphelo se-VPN zombini kwi-site-to-site ye-VPN itonela kunye nokufikelela kude kwe-VPN iseva yezixhobo eziphathwayo. Ukusebenza kwe-firewall yendalo kuyafumaneka njengoko zininzi izinto ezongezelelekileyo ezinje ngokuma kwe-bandwidth, ukuchongwa kokungena, ukwenza iproxy, kunye nokunye ngeepakethe. pfSense Plus yeAzure iyafumaneka kwiMarike yeAzure.

Imixholo fihla
1 NDIYAQALISA
2 Amaxwebhu / Izibonelelo
2.1 Iimbekiselo
3 Izithuba eziyeleleneyo

NDIYAQALISA

1.1 Ukuphehlelelwa kweSibonelelo ngeNIC enye
Umzekelo weNetgate® pfSense® Plus ye-Azure eyenziwe nge-NIC enye inokusetyenziswa njengesiphelo seVPN ukuvumela ukufikelela kwiNethiwekhi ye-Azure Virtual (VNet). I-NIC enye pfSense
Umatshini we-Plus virtual (VM) wenza kuphela ujongano lwe-WAN, kodwa ubonelela nge-IP yoluntu kunye neyabucala ngaphakathi kwe-Azure.
Kwi-Portal yoLawulo lwe-Azure, qalisa umzekelo omtsha we-Netgate pfSense® Plus Firewall/VPN/Router appliance.

  1. Ukusuka kwi-Azure portal Dashboard, cofa kwindawo yeMarike.netgate pfSense Plus Firewall VPN Router yeMicrosoft Azure-ingle NIC
  2. Khangela i kwaye ukhethe isiXhobo seNetgate seAzure.
  3. Cwangcisa igama lomzekelo kunye negama lomsebenzisi, igama lokugqitha, iqela lezixhobo, kunye nommandla.
    Igama lomsebenzisi elingenisiweyo liza kwenziwa njenge akhawunti esebenzayo yepfSense Plus kwisiqalo kwaye iya kukwazi ukungena kwi web GUI. Ukongeza, umsebenzisi we-admin uya kuba negama eliyimfihlo elibekwe kwixabiso elingenisiweyo.
    Isilumkiso: Igama lomsebenzisi elidla ngokusetyenziswa ukulawula i-pfSense Plus ngumlawuli, kodwa umlawuli ligama eligciniweyo elingavumelekanga ukusetwa yi-Azure provisioning wizard. Kwakhona kukhuseleko lwamafu, ithathwa njengeyona ndlela ilungileyo ukunciphisa ukufikelela kumsebenzisi weengcambu, ngoko ke ingcambu itshixiwe ngokungagqibekanga.netgate pfSense Plus Firewall VPN Router yeMicrosoft Azure-Ukhuseleko
  4. hola ubungakanani bomzekelo.netgate pfSense Plus Firewall VPN Router yeMicrosoft Azure-nstance size
  5. Khetha uhlobo lwediski, kunye nezicwangciso zenethiwekhi (inethiwekhi ebonakalayo, i-subnet, idilesi ye-IP yoluntu, iqela lokhuseleko lomnatha).
    Ukulawula isixhobo se-Netgate pfSense ® Plus, kufuneka uqinisekise ukuba iqela lokhuseleko liqulethe imigaqo yokuvumela izibuko 22 (SSH) kunye ne-443 (HTTPS) ukufikelela kumgca womyalelo kunye Web I-GUI. Ukuba uceba ukuvumela enye itrafikhi, yongeza isiphelo esongezelelweyo.
    Kwi-IPsec, vumela UDP izibuko 500 (IKE) kwaye UDP izibuko 4500 (NAT-T).
    Kuba OpenVPN, vumela UDP izibuko 1194.
    Cofa kwiqela lokhuseleko lweNethiwekhi kwaye wenze izongezo njengoko zifuneka.
  6. Qinisekisa ukhetho lwakho kwiphepha leSishwankathelo kwaye ucofe u-Kulungile.
  7. Qaphela ixabiso kwiphepha lokuthenga kwaye ucofe uThenga.
  8. Nje ukuba i-VM isungulwe kunye ne-Azure portal ibonisa ukuba ifikile, unokufikelela kwi web ujongano. Sebenzisa igama lokugqitha olisetayo ngexesha lenkqubo yonikezelo kunye nomsebenzisi wolawulo. Ngoku kufuneka ukwazi ukufikelela kwisixhobo sombane.

1.2 Ukuphehlelelwa kweSibonelelo esineeNdibaniselwano zeNethiwekhi ezininzi.

Umzekelo we-Netgate® pfSense® Plus ye-Azure ene-NIC ezininzi eziza kusetyenziswa njengendawo yokucima umlilo okanye isango alinakubonelelwa kwi-portal ye-Azure. webiindawo. Ukuze unike umzekelo ngonxibelelwano lwenethiwekhi ezininzi, kufuneka usebenzise iPowerShell, i-Azure CLI, okanye ithempleyithi ye-ARM ukwenza imisebenzi efunekayo.
Ezi nkqubo zibhalwe kuxwebhu lweMicrosoft azure. Amanye amakhonkco abonisa le nkqubo:

  • Sebenzisa ngePowerShell phantsi kwemodeli yokusasazwa yakudala
  • Sebenzisa ngePowerShell phantsi kwemodeli yokusasazwa yoMphathi weZibonelelo
  • Hambisa nge-Azure CLI phantsi kwemodeli yokusasazwa koMphathi weZibonelelo
  • Sebenzisa ngeetemplates phantsi kwemodeli yokusasazwa koMphathi weZibonelelo

netgate pfSense Plus Firewall VPN Router yeMicrosoft Azure-Ukuseta

1.3 Inkxaso yoLwandiso lwe-Azure Boot Diagnostics.

Ulwandiso lwe-Azure Boot Diagnostics lusenokungasebenzi kakuhle kunye ne-Netgate® pfSense ® Plus software yesixhobo se-Azure.
Iingxaki ziye zaxelwa ngokusebenza ngexesha lovavanyo lwesiqinisekiso sesixhobo. Uvavanyo olwalandelayo lwabonisa ukuba kubonakala kusebenza phantsi kweemeko ezithile. Ukhululekile ukuba uzame ukwenza uvavanyo lwesiqalo, kodwa aluxhaswanga ngokusesikweni.
Ngokunjalo, nceda ungaqalisi iifowuni zenkxaso okanye amatikiti ukuba ufumanisa ukuba ulwandiso lweBoot Diagnostics alusebenzi kakuhle ngeNetgate pfSense ® yakho.
Ukongeza kwi-Azure VM. Lo ngumda owaziwayo kwaye akukho ncedo lufumanekayo
Iqela lenkxaso yabathengi beAzure okanye iNetgate's.

2.1Ubukho beMarike yeNgingqi

Ezi theyibhile zingezantsi zimele ukufumaneka kwangoku ngokwemarike yengingqi. Ukuba imakethi yengingqi efunwayo ayidweliswanga, bhekisa kubukho beMimandla kaMicrosoft okanye ungenise itikiti lenkxaso ngqo kwiMicrosoft Azure.

Itheyibhile 1: IMimandla efumanekayo yeMicrosoft Azure

Imarike pfSense Plus
Armeniya Iyafumaneka
Ostreliya *
Ostriya Iyafumaneka
Bhelarusi Iyafumaneka
Bheljiyam Iyafumaneka
Brazil Iyafumaneka
Khanada Iyafumaneka
Khroweyishiya Iyafumaneka
Sayiprasi Iyafumaneka
eCzechia Iyafumaneka
Dominikha Iyafumaneka
Estoniya Iyafumaneka
Finlend Iyafumaneka
Fransi Iyafumaneka
Jemani Iyafumaneka
Grisi Iyafumaneka
Hangari Iyafumaneka
Indiya Iyafumaneka
Ayalend Iyafumaneka
ElamaTaliyane Iyafumaneka
eKorea Iyafumaneka
Lathviya Iyafumaneka
Likhtensteyin Iyafumaneka
Lithuwaniya Iyafumaneka
Laksembheg Iyafumaneka
Maltha Iyafumaneka
Monakho Iyafumaneka
elamaDatshi Iyafumaneka
I-New Zealand Iyafumaneka
Norowe Iyafumaneka

Uluhlu loku-1 – iqhubeke kwiphepha elingaphambili.

Imarike pfSense Plus
Pholend Iyafumaneka
Photshugo Iyafumaneka
Poto Rikho Iyafumaneka
Romaniya Iyafumaneka
Rhashiya Iyafumaneka
ISaudi Arabia Iyafumaneka
Sebhiya Iyafumaneka
Slovakiya Iyafumaneka
Sloveniya Iyafumaneka
Mzantsi Afrika Iyafumaneka
Speyin Iyafumaneka
Swiden Iyafumaneka
Swizalend Iyafumaneka
eTaiwan Iyafumaneka
Thekhi Iyafumaneka
IUnited Arab Emirates Iyafumaneka
Iunited kingdom Iyafumaneka
Amazwe Amanyene Iyafumaneka

* IOstreliya liLizwe eliLawulwayo likaMicrosoft ukuze kuthengiswe ngazo zonke iimeko zokuthengwa kwabathengi ngaphandle kweSivumelwano soShishino lokuthengwa kwabathengi.

2.2Imibuzo ebuzwa rhoqo

2.2.11. Ngaba kufuneka ndisete igama eligqithisiweyo okanye ndisebenzise isitshixo se-SSH ngexesha lonikezelo lomsebenzisi we-Azure?

Kuyacetyiswa ukuba usete igama lokugqitha. Oku kuya kunika ufikelelo kwi WebGUI, ngelixa iqhosha le-SSH liya kukuvumela kuphela ukufikelela kwi-SSH yomyalelo wokukhawuleza. Uninzi lwezinto zoqwalaselo kwi-software ye-Netgate® pfSense ® Plus zilawulwa ngokwesiqhelo WebGUI. Ukuba usebenzisa iqhosha le-SSH ngempazamo endaweni yoko, ungakhetha ukhetho lokuseta kwakhona igama lokugqitha lolawulo kwimenyu yokubhaliweyo evelayo xa u ssh kumzekelo wakho. Emva koko i WebIgama lokugqitha le GUI lizakusetwa kwakhona ku "pfsense". Kuya kufuneka uhlaziye ngoko nangoko igama eligqithisiweyo lolawulo kwixabiso elikhuselekileyo xa sele ungene ngempumelelo kwi WebI-GUI.

2.2.22. Ngaba uhlaziyo oluphilayo lwesoftware luyaxhaswa?

Iinguqulelo ezikuluhlu lwe-2.2.x akufuneki zizame ukwenza uhlaziyo lwe-firmware lwenziwe. Kwixesha elizayo (pfSense 2.3 okanye kamva), oku kunokwenzeka, kodwa ayikavavanywa kwaye ayixhaswanga. Kuba i-console yenkqubo yokwenyani ayifumaneki, inkqubo eqinisekileyo yokubuyisela ukusilela ngexesha lokuphucula kuya kuba nzima ukuyichaza. Inkqubo ekhuthazwayo yangoku yohlaziyo kukugcina i-pfSense ® Plus config ukusuka kumzekelo okhoyo kwaye uyibuyisele kumzekelo omtsha xa uhlaziyo lukhona.

2.3Izixhobo zeNkxaso

2.3.1Inkxaso yoRhwebo

Ukuze ugcine amaxabiso aphantsi, isofthiwe ayifakwanga kunye nokubhaliswa kwenkxaso. Kubasebenzisi abafuna inkxaso yezorhwebo, i-Netgate® Global Support inokuthengwa apha https://www.netgate.com/support.
2.3.2Inkxaso yoLuntu
Inkxaso yoluntu iyafumaneka kwiNewgate Forum.

2.4Izixhobo ezongezelelweyo

2.4.1 UQeqesho lweNetgate

Uqeqesho lweNetgate lubonelela ngezifundo zoqeqesho zokwandisa ulwazi lwakho lwemveliso kunye neenkonzo ze-pfSense ® Plus. Nokuba ufuna ukugcina okanye uphucule izakhono zokhuseleko zabasebenzi bakho okanye unikezele ngenkxaso ekhethekileyo kakhulu kwaye uphucule ukwaneliseka kwabathengi bakho; Uqeqesho lweNetgate likufumene.
https://www.netgate.com/training

2.4.2Ithala leencwadi leZibonelelo

Ukufunda ngakumbi malunga nendlela yokusebenzisa isixhobo sakho se-Netgate kunye nezinye izibonelelo eziluncedo, qiniseka ukuba ukhangela iThala leeNcwadi leziBonelelo.
https://www.netgate.com/resources

2.4.3IiNkonzo zobuGcisa

Inkxaso ayiquki imisebenzi entsonkothileyo efana noqwalaselo lwe-CARP ukuze kuncitshiswe iifirewall ezininzi okanye iisekethe, uyilo lwenethiwekhi, kunye noguqulo olusuka kwezinye iifirewall ukuya kwisoftware ye-pfSense ® Plus. Ezi zinto zibonelelwa njengeenkonzo zobungcali kwaye zinokuthengwa kwaye zicwangciswe ngokufanelekileyo.
https://www.netgate.com/our-ervices/professional-services.html

2.4.4Ukhetho loluntu

Ukuba ukhethe ukungafumani sicwangciso senkxaso, ungafumana uncedo kuluntu olusebenzayo nolunolwazi lwepfSense kwiiforam zethu.
https://forum.netgate.com/

Amaxwebhu / Izibonelelo

netgate pfSense Plus Firewall/VPN/Router yeMicrosoft Azure [pdf] Incwadi yokusebenzisa
IMicrosoft Azure, iSango loKhuseleko, iMicrosoft Azure Security Gateway, pfSense Plus Firewall VPN Router yeMicrosoft Azure, pfSense Plus Firewall VPN Router

Iimbekiselo

Izithuba eziyeleleneyo

Shiya uluvo

Idilesi yakho ye-imeyile ayizupapashwa. Iindawo ezifunekayo ziphawulwe *