Skip to content

Shared Networks with OPNSense Firewall

Abstract

In a shared networks environment, multiple virtual machine (VM) environments are configured to communicate with one another across a shared common network. Unlike isolated environments, each environment in this configuration is given unique passwords, hostnames, and DNS records. This type of shared network setup simulates a real-world network where devices can interact, allowing users to experience and experiment with network dynamics in an Instructor-controlled environment. For more on shared networks environments, please visit the article titled Shared Networks Overview.

Multi-Team OPNSense Firewalling

The Shared Networks Environment with OPNSense Firewall provides a multi-host, multi-network setup designed for teams to engage in both offensive (Red Team) and defensive (Blue Team) network security exercises. This allows students to explore real-world networking and firewall concepts in a classroom setting.

The environment supports team-based exercises where each student group is assigned a dedicated firewall and two isolated networks. There are two primary networks used throughout the environment: WAN, a shared subnet where all team firewalls reside that routes internet traffic, and AccessNetwork, which is used to access the virtual machines (VMs) via SSH or RDP from the Cyber Range Exercise.

Teams in this environment will be assigned random, phonetic DNS subdomains following "name###.example.com" convention. For example, Team 1's name may be "alpha099.example.com".

Tip

Instructors have control over Inter-Team Connectivity, which can be turned on or off during exercises. To learn more about Inter-Team Connectivity, please visit the article titled Shared Networks With Inter-Team Connectivity.

Laboratory Exercise: Securing Networks with OPNSense Firewall

Note

The Laboratory Exercise: Securing Networks with OPNSense Firewall is available with the Shared Networks Environment: OPNSense Firewall with Multiple Networks. To access this exercise, please visit Shared Networks Env: OPNSense Firewall with Multiple Networks and login with your Cyber Range account.

The Cyber Range Laboratory Exercise: Securing Networks with OPNSense Firewall guides students through setting up and securing a multinetwork environment using LAMP servers with a controlled, firewall-protected setup. Students configure an OPNSense firewall to create zones to isolate networks and secure communications. This exercise teaches principles like server hardening, firewall rule configuration, and access control, enabling students to practice setting up protections against unauthorized access and vulnerabilities in an instructor-controlled environment.

Have a Question? Contact Support

We're here to help you. If you still have questions after reviewing the information above, please feel free to submit a ticket with our Support Team and we'll get back to you as soon as possible.