Access your DigitalOcean account and click on “Create Droplet” button
Set the hostname of new Droplet
Select Size of new Droplet.
For most common usage, the $5 Droplet is a good choice (512MB RAM, 20GB Disk)
Select Region – Its a high important step if you need use OPNSense as Firewall/router/vpn on your project. So, select the SAME region of your anothers Droplets. Droplets in different regions have no connection over “Private Network (Shared Private Network)”
Select Image – Select FREEBSD 10.1 image. We will run it to install/build our OPNSense.
Check “Private Networking” and select/add a SSH KEY – FREEBSD image doesnt support password authentication.
Click on “Create Droplet” button and wait few seconds/minutes.
Now, after your Droplet creation finish, you will get IP Address as we have on image bellow (get your own ip)
So, now access your Droplet and follow next steps
Login to new droplet:
Login as root using sudo
sudo su –
# Edit FreeBSD.conf file
delete lines started with:
Change url part “pkg.FreeBSD.org” to “pkg.opnsense.org”
The final file will be like bellow:
Save and exit.
pkg install os-update
System will ask to proceed with action 2 times. reply “y” (Yes)
Proceed with this action? [y/N]: y
Install opnsense package
pkg install opnsense
System will ask to proceed with action. reply “y” (Yes)
Proceed with this action? [y/N]: y
Run opnsense-update command
For some reason, system does not reboot right. So, go to your droplet settings on Digital Ocean Manager interface, then go to Power menu and shutdown droplet.
It will not shutdown droplet right. But, wait 5 minutes and it will forced shutdown.
Just to know, bellow we see a Digital Ocean support team response about reboot.
Thank you for contacting us. We recommend that you power the droplet off from the command line via SSH. FreeBSD does not respond well to a power down from the control panel. To help let the system shut itself down we send a “polite” request when you click the power off. If after 5 minutes the droplet doesn’t respond and power down, we force it off. This is not the most graceful of power off and not recommended.
I show the power off took about 5 minutes and don’t see any errors. I believe the issue here was just our system giving it the 5 minutes to power itself down. We always recommend powering the droplet off from the command line (when you are able to) instead of the control panel.
Let us know if you have any other questions!
Platform Support Specialists
Check out our community for great tutorials, articles and FAQs!
Now, back to your DigitalOcean Webmanager, select your FreeBSD Droplet and
Click on access console
– Wait to login screen (dont setup nothing)
> 1 – Set your interfaces WAN and LAN
vtnet0 – WAN
vtnet1 – LAN
> 2 – Set interface(s) IP address
WAN – Public IP and Netmask.
Again, form some reason, gateway maybe can not work.
So you need add Gateway yourself.
On DigitalOcean Web Manager interface, when you select Droplet “Settings”, you will see Network, Netmask, Gateway from Public interface, so get GATEWAY information and run command bellow:
route add default GATEWAY_PUBLIC_INTERFACE
in my case:
route add default 126.96.36.199
To access OPNSense web interface, you need disable firewall (One time once)
Run this command on terminal – (Droplet web console)
Access your Droplet IP on Browser
if you enable remote ssh access, you will need remove key_finger from known_hosts
in ubuntu and variants, you will need run this:
ssh-keygen -f “/home/your_user/.ssh/known_hosts” -R 188.8.131.52
in others linux as me:
edit /home/your_user/.ssh/known_hosts then, delete line with ip of your server.
Now, you are ready to work with opnsense.