OPNsense Forum
English Forums => General Discussion => Topic started by: paolo.dirienzo on May 12, 2016, 08:10:38 pm
-
hallo,
I was managing zyxel firewalls and I have been captured from the opensource flavor... but I have big difficulties to configure my opnsense fw.
where can i find a dummy how guide??
thank you!!
-
Hi Paolo,
The manual is here: https://docs.opnsense.org/manual.html
What are your difficulties? This forum is very helpful and quick.
Bart...
-
Dear Bart, i will go lloking at the documentation.
I am filing frustrates as I am not able to give my wan the 8 ip assigned fomr the sp, i am not able to chaince the basic 192.168.1.1 to another network...with the zyxel i used to know it was simple, with opnsesnse everytime i try something i ha to reset conf at default.... arrrghhhh!
thank you really much, hope to find hints in the doc you suggested.
thank you!
-
The second issue sounds like you have an DHCP lease with your old ip while your firewall has already changed the ip.
Do not forget to adjust the DHCP server settings prefer to do that before you change the ip of your firewall.
-
hallo, thanks everyone.
I have been going trough the manual but honetly I not find e dummy guide.
I am a very low level guy and do not understand most fo the things I am reading.
and yes, I was thinking about the lease and I rebooted my compauter to have a new lease.
I have 8 public IPs
1 gateway and 7 ip
if I set the ip in my WAN cjhanging it to stati from dhcp adn I se my gateway, nothing seems to communicate any longer, not even DNS....
I have a Fastweb connection that had a private set of IPs, one is assigned automatically via DHCP,, can I vae a private dhcp address and assign a public IP to some service?
can I make a list of internal hosts...
of services? (example port 7000 CCTV dvr mobile)
thank you averyone for your kind attention!!!
-
Hi Paolo,
First check the basics from the OPNsense web interface:
- On the Dashboard, is your WAN IP part of the static subnet assigned by Fastnet?
- Go into Interfaces, Diagnostics, Ping and try 8.8.8.8 and google.com. Do both ping?
Bart...
-
hello Bart.
if I leave the WAN dhcp, then my ip address is 192.168.0.* and packets are going troug, i mean that with a computer connected to the lan I can navigate. i ca see that all service are working.
if i try to change the wan ip adrdress with one tha was given me, the no more comunication at all.
in fact I can not find my ususal settings (ip, gateway, dns etc..)
i am really frustrated.
even trying to change the lan address locks me out an no more srfing on lan.
thanks for your attention
-
Hi Paolo,
There is a device between the WAN connection and your ISP that is doing NAT. Most likely your ISP router. You have four options:
1. Put this device in bridge mode. You will need to configure OPNsense to connect the same way as it was set up on the device. E.g. PPPoE using your ISP credentials.
2. If it doesn't support bridge mode, replace it with one that does. I use the TP-LINK TD-8817 which offers good throughput and is very stable, in spite of being low-cost.
3. Deploy OPNsense in bridge mode. This is a bit more tricky and means you need to use firewall rules on both devices. https://docs.opnsense.org/manual/how-tos/transparent_bridge.html?highlight=bridging
4. Use OPNsense as a router along these lines: ISP -- 192.168.0.0/24 -- OPNsense -- 192.168.1.0/24. You will need to allow RFC 1918 addresses on the OPNsense WAN interface and you will need to set up a static route for your LAN on the ISP router, or you need to set OPNsense with NAT but that is messy. A lot of applications don't work with double NAT (Skype for instance).
Bart...