top of page
training course:
OPNsense, installation, establishment, safety regulations and failover

goal setting:

In this OPNsense training, the participants learn the professional use of the different possibilities of the OPNsense firewall.

All technical topics are discussed in detail: From installation and setup through to creating security rules and activating various additional modules.

At the end of this OPNsense training, the participants will be able to use the OPNsense firewall securely and reliably.

this training course is also available in German

security with OPNsense​

There are clever and efficient solutions for smaller organizations and companies that can protect them from threats coming from the IT environment ("cyber security").

The FreeBSD-based OPNsense firewall provides this efficient solution to achieve IT protection.

In this IT security course, the participants learn everything they need to comprehensively set up the OPNsense firewall and operate it professionally and reliably.

 

 

getting started with OPNsense; the basics

  • overview and classification of the OPNsense firewall with reference to the network and company environment

  • discussion of the basic network layers and security levels

  • overview of the development of OPNsense

  • setup of OPNsense as a virtual appliance (participants are welcome to bring their own devices)

  • fundamental overview: FreeBSD as the OS for OPNsense

  • the dashboard and shell menu

  • OPNsense firewall update

  • Creating the first firewall rules

setting up the OPNsense firewall

  • establishing firewall rules as interface and floating rules

  • the internal operating sequence of the OPNsense firewall rules

  • administration of objects and aliases

  • adding VLANs and providing Layer 3 interfaces

  • activating the logging functions

  • firewall rules and the need for ICMPv6

  • QoS (Quality of Service): Which relevant changes are there in the IPv6?

  • IPv6 routing protocols (static, RIPng, EIGRPv6, OSPFv3, …)

  • IPv6 & the application 

  • myths about IPv6: Safer? More quickly?

  • migration IPv4-IPv6 (dual stack, tunnel and translation concepts)

  • IPv6 adress concept studies

  • subnetting in IPv6: It is easier than in IPv4

  • connections via VPN

  • additionally: Which RFCs around IPv6 are interesting, which IPv6 agreements are relevant?

  • simultaneous and always accompanying: specific situations of the IPv6 challenge in your environment, e.g. IPv6 on your company PC and router

OPNsense advanced, to extend your understanding

 

  • static routing with OPNsense in the LAN and WAN

  • the OPNsense firewall and routing with FRR and e.g. BGP (on the internet)

  • Network Adress Translation (NAT): outgoing NAT in the WAN, source NAT, destination NAT

  • IPv6 with OPNsense: router advertisment options, DHCPv6, IPv6 routing

  • the OPNsense firewall as an IPv6 gateway

  • necessity to enable ICMPv6 on the OPNsense

  • HA cluster with the OPNsense: setup, CARP, pfsync, config XML sync

  • command line related commands, pf and pfctl

  • optional functions and modules with the OPNsense:

  • proxy as a web protection and for application servers

  • activation of IDS/IPS

  • "next generation firewall", application and user detection plus the "Zenarmor" plugin

  • additional modules

OPNsense firewalls in professional use

  • performance analysis within the OPNsense firewall

  • comparison of the OPNsense firewall with other (commercial) firewalls

  • central management of multiple OPNsense firewalls

  • licensed OPNsense version

  • logging and central user administration

Every participant of this OPNsense training course gets a renowned OPNsense reference book for free.

The iternas GmbH has extensive experience in setting up and operating IT security components and firewalls. Furthermore all trainers are IT networkers, who know every theoretical and practical background of the OPNsense training content.

Due to countless installations and integrations of OPNsense firewalls, our trainers are highly qualified and impart the technical topics in a pleasant, refreshing and competent manner.

the focal points in the OPNsense LAB are:

At the same time, we carry out various exercises in the LAB.

The participants have the opportunity to discuss special requirements or unclear points in the LAB.

  • checking the rules in the log file

  • impact of the firewall session cache status

  • "sniffing of" CARP and IPv6 router advertisements

  • testing various OPNsense functions

  • wireshark / tcpdump of the emerging issues

 

Participants ideally bring their own laptops and have access to the OPNsense lab surroundings. 

If desired, participants can use their own virtual OPNsense settings.

At the end of this training, each participant can make a significant contribution to the IT security of their company and can be justifiably proud of their accomplishment.

OPNsense is a software without any software license fees and can also be freely used and changed by everyone. We notice all the time how this software helps organizations and companies to be safe. Therefore we we support the operators of OPNsense with an annual donation. That way we can continue to use OPNsense with conviction.

target group:

 

The participants already have a basic understanding of IT networks.

Experienced participants benefit from the profound impartation of knowledge, whereas participants with less experience receive demonstrative explanations of the technical connections.

At the end of the training course, all participants will receive a certificate of attendance.

the contributors:

Depending on the date and location, the course will be held by different contributors.

Mr. Leon Thiel is the hacker among trainers and therefore the perfect trainer!

His impressive skills in dealing with IT network and security issues, his profound knowledge of open source solutions and his functional experience from various projects make him a perfect contributor.

At iternas GmbH, Mr. Thiel is responsible for the manufacturer partnerships with OPNsense, among many other things.

Mr. Morris Görke has been an IT network and security consultant for over 25 years. From countless projects in the enterprise environment, Mr. Görke knows today's security challenges and their solutions inside out.

In addition to a far-reaching understanding of OPNsense, Mr. Görke can reconsider and compare this solution with other security products on the market.

 

His experience in the field, his specialized knowledge and his captivating nature guarantee that the participants can understand the technical inter-relationships during the OPNsense training as well as make use of their learned skills.

In addition to the trainings of the iternas academy, Mr. Görke is also active for other well-known training providers and projects throughout Germany.

We also carry out in-house training courses!

 

Do you need company-specific OPNsense training, an IT security workshop or do you have any other questions?​

Then write to us directly using our contact form!

bottom of page