VPC Gateway Creation

A high-level overview of the VPC Network

1

Login with your credentials into the cloud login portal.

2

From the dashboard as shown in the figure below, click on Instances on the left of the dashboard to open the drop-down menu then click on Virtual Routers.

3

From the Virtual Routers click on the green ‘+’ sign button, as indicated below, to being creating a new virtual router.

4

After you get to the virtual router creation wizard, enter the name of the router and the description (optional) that you want to create in their respective field as shown below.

5

Now you need to add a Network Interface (WAN) for the virtual router by click on the blue + Network Interface button as shown below.

6

Then select public-net-1 from the network selection and select default for the security group as shown in the figure below.

7

Next you need to create another Network Interface (LAN) for the virtual router by clicking on the blue + Network Interface button as shown in the figure below.

8

Then select your internal LAN, named Demo-Network in this tutorial and assign the virtual router IPv4 in the Force IPv4 field from the network selection and select default for the security group as shown in the figure below.

9

The last step is to select a pre-installed image for the firewall appliance to be used by the virtual router from the template selection, in this tutorial we used OPNSense 20.1, then choose the number of instances you want to create as shown below.

10

Finally go back to the top and click on the green Create button, as shown in the figure below, to create the virtual router.

11

As you can see from the figure below, the virtual router specification was successfully created.

12

A VM associated with this specific virtual router (ID 33) will also be instantiated according to the specifications provided above. This can be shown by selecting the virtual router above and then navigating to the VMs tab as shown in the figure below.

13

To allow access to OPNsense GUI you need to select on the virtual router VM, then from the info tab add a key-value pair under attributes with the following format:

Syntax:

  • Key: FW_RULE_ALLOW_ALL
  • Value: IP/Subnet (The IP with the subnet that you want to allow access to the GUI).

Example: 

  • Key: FW_RULE_ALLOW_ALL
  • Value: 213.165.174.33/36

In this example, we used a subnet mask of /32 to allow only that IP to have access to the GUI. Then press the ‘+’ button to create a firewall rule that will allow the IP 213.165.174.33 access to the GUI.

After the virtual router creates the rule, the attributes that you just added will disappear. Then you can access the GUI to see the firewall rule where from there you can modify/delete it.