161

Pfsense, windows and wsl (docker) on VirtualBox

Hosting a website in docker which is connected to a vmware running pfsense. The IP of pfsense will be used to serve the docker site.

Pfsense, windows and docker (wsl) on Oracle VirtualBox

Use case : Hosting a website in docker which is connected to a vmware running pfsense. The IP of pfsense will be used to serve the docker site.

Creating a launch file

  1. Click New image

  2. Choose a name, let folder be the default location, Type BSD and Version FreeBSD 64b image

  3. Memory Size can be anything above 1024mb image

  4. Default settings for all pop ups image

Configuring network

  1. Create a network if it doesnt exist and use the settings in the image and make sure to disable dhcp server. image

Configuring already created pfsense file

  1. Click settings image

  2. Go to System and set Processor to 2 image

  3. Go to Storage and click on empty and choose your pfsense ISO file location image

  4. Go to Network

  • Adapter 1 : Enabled
    • mode bridged and choose your ethernet adapter or wifi according to your setup image
  • Adapter 2 : Enabled
    • Host-Only Adapter ( this is the adapter we configured earlier in tools of Oracle virtualbox) image

Click Start to start the VM and wait till you are presented with the setup screen

Use the defaults so just keep clicking enter

When you get on this page don't forget to click spacebar first to use this disk and then click enter image

It will run a checksum and then it will extract the files. Just wait till it asks for a reboot and then click enter. image

Just shutdown the vm by closing the shell and then go to settings of vm and storage. In storage remove the iso file by right clicking on it and then clicking remove image

After that is done, just start the vm and wait for your pfsense to configure itself and then you will be provided with information of pfsense. image

** If you are following my guide and somehow didn't get the ip in range 192.168.20.0/24, try to reobtain a new ip by running these commands : ** video

web setup

  1. You will be provided with two ips normally on your pfsense shell. Image
  2. Use the lan ip and put it in your web browser. webpage
  • User is admin and password is pfsense
  1. Run the web setup :

image

You can change the histname to your preference : image

And next

image

image Be sure to disable these two as they will block wan access otherwise which we need for our configuration to work properly.

image I am using 192.168.20.1 / 24 as i declared these values in my virtualbox network config. If you are following my guide keep it this way so you don't get any issues.

Choose a Password on next page and complete the setup.

Docker

  1. You will need to create a simple web app in docker where our site will be hosted.
version: '2'
services:
    app:
        image: strm/helloworld-http
        ports:
            - "8000:80"
  1. After creating the file, you will need to do docker compose up ( make sure your docker is running or you will get an error).
  2. Once started you will get a message like this image.
  3. Now go to your web browser type localhost:8000 and you will see a hello from your container.
Docker config is done and all we need to do is make a NAT rule in our pfsense firewall for it to forward wan address to the website.

Back to pfsense web panel

  1. Click Firewall and then NAT image
  2. Click on Add image
  3. Just change the following and make sure interface is WAN
  • Protocol = TCP
  • Destination = WAN address
  • Destination port range = HTTP
  • Redirect target IP = Address or Alias = IP of your Windows PC ( Duplicate the page to keep the entries, on the other page click Diagnostics and ARP table and find the LAN IP of your pc. In my case its 192.168.0.2. Copy the ip and go back to other page.) image
  • Redirect target port = 8000

AND click save. image

Apply the changes and go to FIrewall -> Rules to see if the WAN rule is created successfully. image

Results

If everything done as explained you will most likely be able to see the "Hello from d5dc5cdsvf4( random letters of your container)" on your WAN IP. image

**In some cases, you might need to enable the port on your windows pc as windows usually block all incoming requests. ** netsh advfirewall firewall add rule name="Allow Port 8000 TCP" dir=in action=allow protocol=TCP localport=8000

Resolve domain name to IP address and show the website

Setting DNS forwarder

We need to enable DNS forwarder so requests to domains are passed through pfsense and not our router directly. In simple terms, when we declare a domain name in pfsense, we need to use pfsense as forwarder so it can receive the requests and respond to queries first.

  1. Disable DNS Resolver Services -> DNS Resolver and untick it and save the settings,
  2. Enable DNS Forwarder Services -> DNS Forwarder and enable it.
  3. In DNS Forwarder, go to the bottom and click Add below Host Overrides image
  4. Add the following entries ( choose any domain name you want but make sure the IP is the lan IP of windows pc ), and save. image
  5. Apply the changes if not applied. image

Now enter the domain:8000 in another window in your browser and it should show you the docker site. image

If it doesn't work, it is your router dns conflicting with pfs dns.

  1. To fix this, click 🪟+R and type Ncpa.cpl and OK image

  2. Click VirtualBox Host-Only Ethernet Adapter and open properties image

  3. Click on Internet Protocol Version 4 image

  4. Use this DNS if you are following my guide otherwise the address of your pfsense image

WAN access with domain name

As a final step to see if our setup is really complete, I am going to use my linux pc and my android mobile to see if i am able to resolve the domain using the pfsense as dns server.

Linux PC

Using nslookup and saying to use pfsense as my dns server, I am able to resolve the domain locally image

Android

I am using PingTools to lookup the domain by telling to use Pfsense as the DNS server.

My pfsense wan ip image

And it resolved the domain and gave me the ip of the server. image