====== NTT-FW (pfSense Firewall) ======

The NTT-FW is a pfSense firewall running on VMware ESXi that serves as the primary edge firewall and VPN gateway for the NTT Sacramento data center.

===== System Information =====

^ Attribute ^ Value ^
| **Hostname** | nttfw.telev8.live |
| **Platform** | pfSense 2.8.0-RELEASE |
| **OS** | FreeBSD 15.0-CURRENT |
| **Role** | Firewall / VPN Server |
| **Internal IP** | 10.100.1.254/24 |
| **Public IP** | 68.66.14.154/29 |

===== Network Interfaces =====

^ Interface ^ Description ^ MAC Address ^ IP Address ^ Status ^
| vmx0 | (unused) | 00:0c:29:39:58:d1 | - | active |
| vmx1 | LAN | 00:0c:29:39:58:db | 10.100.1.254/24 | UP |
| vmx2 | WAN | 00:0c:29:39:58:e5 | 68.66.14.154/29 | UP |
| ovpns1 | OpenVPN Server | - | 10.222.2.1/24 | UP |

===== Routing =====

^ Destination ^ Gateway ^ Interface ^ Notes ^
| 0.0.0.0/0 | 68.66.14.153 | vmx2 | Default (Packet Fabric) |
| 10.100.1.0/24 | - | vmx1 | Local (LAN) |
| 10.100.2.0/24 | 10.100.1.1 | vmx1 | via NTT-BGP1 |
| 172.17.240.0/24 | 10.100.1.1 | vmx1 | via NTT-BGP1 |
| 10.222.2.0/24 | - | ovpns1 | OpenVPN tunnel |

===== Key Functions =====

  * **Default Gateway** - All internal hosts use 10.100.1.254 as their default gateway
  * **Internet Access** - NAT translation for outbound internet via Packet Fabric (68.66.14.153)
  * **VPN Server** - OpenVPN server for remote access (10.222.2.0/24 tunnel network)
  * **Inter-VLAN Routing** - Forwards traffic to [[vyos|NTT-BGP1]] for internal VLAN routing

===== Access =====

  * **SSH:** 68.66.14.154 (public) or 10.100.1.254 (internal)
  * **Web UI:** https://nttfw.telev8.live or https://10.100.1.254
  * **User:** admin (see credential store for password)

===== Related Pages =====

  * [[vyos|NTT-BGP1 (VyOS Router)]]
  * [[network_overview|Network Overview]]
  * [[vlan_architecture|VLAN Architecture]]
  * [[ssh_access|SSH Access]]