notes/projects/kwa/firewall_migration/20250318-OPNsense_Migration.md at b79839500c80652b21f5828d938db1876bffe40f - notes - Gitea: Git with a cup of tea

CubelaPetar/notes

Files

Petar Cubela 0cb3f588fa 20250429 push notes

2025-04-29 16:29:52 +02:00

1.4 KiB

Raw Blame History

title, author, date, geometry, output

title	author	date	geometry	output
OPNsense - KWA Migration	Petar Cubela	March 20, 2025	margin=1.5cm	pdf_document

Base Info

Deadline: 03.05
Anzahl User: 15

Termin

11.04, 14.04 - 17.04 (Friday 18.04: Karfreitag); 16.04 Vor-Ort
22.04 - 25.04 (Monday 21.04: Ostermontag), 24.04 Vor-Ort

Angebot Liste

Arbeitstunden ausrechnen (40 Stunden)
Angebot fuer Lizenzen raussuchen (Business License, Business Support Subscription)
Keine Hardware noetig
Wartungspauschale (100 Euro/ Monat) - Wartung und Monitoring was genau???

Bestehende Hardware

System: Linux, Memory: 7888 MB, 8 processors
No PPPoe (done by Fritz)

Funktionen

Basis Setup (routing, Generische Einstellung, Firewall Regeln, Authentizierung via AD,..)
VLANs als Grundlage (MGMT, SRV, CLIENT, WLAN, WLAN-Guest)
VPN (OpenVPN)
Free SSL certs (via ACME)
Web Proxy (Caching Proxy, Web Filter, Transparent Proxy, SSL Inspection, https de-/encryption) (!NOTE! OPNsense CA needs to be trusted by every client. Distribute via Filewave)
OPNsense Antivirus Loesung (Clamav + C-Icap)
IDS/IPS
WAF
[=] OPNcentral

Zertifikate

SSL for https (Let's Encrypt oder gekaufte Wildcard)
Self Signed for Web Proxy (SSL Inspection)
Self Signed for OpenVPN