Launching an Instance with a single NIC¶
An instance of Netgate® pfSense® Plus for Azure that is created with a single NIC can be used as a VPN endpoint to allow access into an Azure Virtual Network (VNet). The single NIC pfSense® Plus virtual machine (VM) only creates a WAN interface, but still provides a public and private IP within Azure.
In the Azure Management Portal, launch a new instance of the Netgate pfSense® Plus Firewall/VPN/Router appliance.
From the Azure portal Dashboard, click on Marketplace
Search for and select the Netgate Appliance for Azure
Set the name of the instance as well as username, password, resource group, and region.
The username entered will be created as a valid pfSense® Plus account upon boot and will be able to log into the webGUI. Additionally, the admin user will also have it’s password set to the value that’s entered.
Warning
The username typically used to administer pfSense® Plus is
admin
, butadmin
is a reserved name that is not allowed to be set by the Azure provisioning wizard. Also for cloud security, it is considered best practice to limit access for the root user, soroot
is locked by default.Choose the instance size.
Choose the disc type, and network settings (virtual network, subnet, public IP address, network security group).
To manage the Netgate pfSense® Plus appliance, you should ensure that the security group contains rules to allow ports
22
(SSH) and443
(HTTPS) to access the command line and Web GUI. If you plan to allow other traffic, add additional endpoints.For IPsec, allow UDP port
500
(IKE) and UDP port4500
(NAT-T).For OpenVPN, allow UDP port
1194
.Click on Network security group and make additions as needed.
Confirm your selections on the Summary page and click OK.
Note the price on the purchase page and click Purchase.
Once the VM launches and the Azure portal shows that it has come up, you can access the web interface. Use the password you set during the provisioning process and the admin user. You should now be able to access the appliance.