Create OpenWRT Virtual Machine in Azure Cloud

Create OpenWRT Virtual Machine in Azure Cloud

There are many reasons you might want to put OpenWRT into Azure Cloud. For me, I was looking for a free and light weight solution which can do routing, NAT, port forwarding, firewall with Web GUI management for my Azure cloud. I tried VNS3 NATe solution which works fine. Only restriction bothers me for production usage is throughput limited at 50Mbps. 

Deploy a Free NAT Gateway, Firewall and Router in Azure - VNS3 NATe

I had some posts regarding OpenWRT running in my VMWare environment. Is it possible to run it in Azure cloud? I managed to try using an OVA package found from Openwrt.org website and it works. 

Just in case you have same need and here are the steps I am following to spin up an OpenWRT VM in Azure Cloud. 

Topology

Download and Unzip OpenWRT OVA package

OVA file download links: 
19.07.5 - https://www.dropbox.com/s/4b0dy8d8iqf8a91/OpenWRT_x86_64_19.07.05.ova?dl=0

We can use winzip or 7zip this kind of software to unzip OVA file to a folder. There is vmkd file which we will need to process to next step. 

Convert VMDK file to VHD format

There are a couple of ways to do that. The easiest way for me is to download StarWindConverter from https://www.starwindsoftware.com/starwind-v2v-converter

After installed the software, following those steps to convert it to VHD format which can be used by Azure cloud.

1 Choose local file to start

2 select the vmdk file we extracted from ova file.

3 choose where to save your converted file.

4 choose the vhd / vhdx as destination image format.

5 Choose VHD pre-allocated image

Then you can start converting. You will get a 256MB size VHD file. 

Just in case you do not want to install StarWind V2V software, I have a converted VHD file for downloading: https://od.51sec.org/T51SecEU/Sharing/VM/OpenWRT/

Upload VHD File to Azure Storage

If you have not create a storage account, you will need to create one. You will also need to create a container to store this VHD file.

Create OpenWRT Image from VHD File in Blob Storage

Create OpenWRT VM Based on New Created OpenWRT Image

Log in to OpenWRT to Confirm Connection

Default username is root and password is null, no password.

Stop VM to Add a new interface

Since default image is only have one interface which is connecting to Internet and it is the interface we are connecting to, we are going to add second interface for LAN network, which is behind this OpenWRT appliance.

We will need to stop this virtual appliance before we can add a new interface to this VM. 

Stop-AzVM -ResourceGroupName "RG-OpenWRT" -Name "OpenWRT-1" -Force

Log in to OpenWRT to Modify Interfaces

We are going to change first interface to zone WAN. For second interface, we will put it into LAN zone. 

Add New Route Table and Route

Last configuration is to add a new route table for Azure LAN subnet. A new route will be created to make sure all traffic in LAN subnet will be sent to our OpenWRT LAN interface, which is 10.0.1.4.

Spin Up Win10 Machine to Test Speed

Finally we completed all configuration and we can use a Win10 VM for testing. We will test network throughput and Internet access. 

C:\Users\netsec>tracert 8.8.8.8

Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:

  1     1 ms    <1 ms    <1 ms  10.0.1.4
  2     *        *        *     Request timed out.
  3     *        *        *     Request timed out.
  4     *        *        *     Request timed out.
  5     *        *        *     Request timed out.
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12     2 ms     2 ms     3 ms  dns.google [8.8.8.8]

Trace complete.

References

• OpenWrt on VMware HowTo
• OpenWRT x86-64 running on AWS

via Blogger http://blog.51sec.org/2021/12/create-openwrt-virtual-machine-in-azure.html
December 16, 2021 at 09:06PM Cloud