Friday, July 27, 2012

How to Change your Public IPs (clone pfsense)?


1.Login into vsphere

if you having trouble accessing vsphere please read http://www.hpchost.com/knowledgebase.php?action=displayarticle&id=202

2.Clone your pfsense



3.Enter the Name of your new pfsense


4.select the ESX host then click next

5.select your resource then click next

6.select your Datastore then click next
7.then click Finish

8.!DO NOT POWER ON the new PFSENSE!

9.Edit the Virtual machine setting



10.Select the Network Adapter 1

Uncheck Connect at power on to not cause an IP conflict with your current VM.



11.Do the same for the Network Adapeter 2

12.Power on the VMRight click with the mouse and select open console.
Once your pfsense is booted you should see

13. select the option 8 (shell)

14. Type "ifconfig (interface name) (NEW Public IP) (NEW subnet)". Example ifconfig le0 1.2.3.4 255.255.255.248"

15. Type "route add default (NEW gateway IP)"

when you are typing you might see poping "le0 device timeout" do not worry and continue typing

17. Type "pfctl -d" to disable the packet filter.

18. Type "exit"

19. you should see your new public IP address


20. close the console and Edit the Virtual machine setting

select the Network Adapeter 1

Check Connected, check Conect at power on, change the Network label with the new one provided by HPChost, then click OK.


22. !DO NOT CONNECT THE Network Adapeter 2!

23. Access the firewall througth the web gui



24.go to Interfaces -> WAN

25.Change the Public Ip address

! You need to change 3 fields !
Change the Field IP address with the new IP address provided by HPCHost
Change the subnet mask with the new subnet mask
if the subnet mask is 255.255.255.252 select the number 30
if the subnet mask is 255.255.255.248 select the number 29
if the subnet mask is 255.255.255.240 select the number 28
if the subnet mask is 255.255.255.224 select the number 27
Change the Field Gateway with the new gateway provided by HPCHost

Use the new IP addresse to access the Firewall web GUI.
If the web gui is not coming up please Open the console and select the option 8) Shell for CLI access and Type "pfctl -d" to disable the packet filter.
Also you migh need to edit and save the firewall rules.
Go to Firewall -> Rules -> edit (but do not change anything)the rule TCP * * * 443 *  and then save.


26.go to Interfaces -> LAN


27.Change the Private Ip address


! You need to change 1 fields !
Use an IP address which is not use on you LAN for example 192.168.1.254

28. Go to Diagnostics -> reboot system

29. Go back to vsphere

Edit the vitual machine setting and connect the Network adapeter 2

30. login into the firewall webgui

31. go to Firewall -> Virtual IP

32. Update virtual IPs

Edit your virtual IPs with the new IPs provided

33. go to Firewall -> NAT

34. Update Port Forwarding rules

Edit your Port Forwarding rules and replace the old ips with the new ones

35. go to Firewall -> NAT -> 1:1

36.Update 1:1 rules

edit your 1:1 rules and replace the old ips with the new ones

37. go to Firewall -> Rules

38. Update Rules

Edit your rules and replace the old ips with the new ones

39. Update registrar

if you have a domain, mail server, dns etc.. login to you registrar and change the old ips address with the new one.

40. Update reverse DNS

if you need new Reverse dns entries associated to the new IPs please contact support and we will create them for you.

41. Update VM gateway

login to each single VM and change the gateway with the private ip address of the new pfsense firewall.

No comments:

Post a Comment