OPNsense Forum
English Forums => Tutorials and FAQs => Topic started by: Gragas on February 06, 2022, 12:58:12 am
-
Hi everyone,
I'm giving a try to opnsense to discover new firewalls, and i'm stuck :
I install it as following :
-->Modem[192.168.1.1/24]-->opnsense[Lan in 192.168.0.1/24]-->one client
DHCP is doing well
I didn't test yet DNS because i want successfully do ping, but i can't
From opnsense console, ping 8.8.8.8 is ok, but ping -S 192.168.0.1[Lan IP] 8.8.8.8 is not working with 100% loss
From the client console, default gateway is well configured toward 192.168.0.1 and a traceroute shows that request is sent well to opnsense, but not further.
I unlocked private networks on both LAN/WLAN interfaces
I hope every informations i provided would be usefull.
Thank you in advance for your help
-
Hi,
Without knowing the full details of your config its difficult to give proper guidance,
But at a basic level what you ideally need to achieve is communication between your ISP router and your Opnsense WAN interface. So your ISP router 192.168.1.1 can talk to Opnsense WAN interface 192.168.1.2 these talk in same network.
Then you want your clients to be in a separate network not the same network as your WAN to keep them separate and secure, achieved with physical networks or logical virtual networks called vlans.
So create a LAN interface on Opnsense with say a network of 192.168.2.1 and a dhcp range 192.168.2.51-100 or however many clients you need.
The clients gateway will be the LAN interface of Opnsense on 192.168.2.1 and the traffic is then routed through the opnsense WAN interface 192.168.1.2 which then talks to your router 192.168.1.1
There are two ways to set that up using bridged network or put the WAN interface of opnsense into the DMZ of the router.
Instructions are here
https://docs.opnsense.org/manual/install.html
Hope you get it working