i did setup a new Device with "OPNsense 21.7.3_3".
After completing the setup i did connect the device to another port on my TP-LINK Switch.
After doing this, the device is not reachable anymore from network.
(i used the same ethernet cable).
After contacting the TP-Link support, they told me, the OpnSense has enabled "802.1X-Authentication" per default - and the opnsense will allow connections to this specific switch port (port:6) only - now and in the future.
The TP-Link support told me - when i would change this behave, then i need to buy a Switch, which will have the following characteristics:
* Level 2+ or Level 3 Switch, which supports 802.1x
* Switch Dynamic VLAN Assignment
Does anyone have got some experience, advices on that ?
(may be there is configuration i missed to setup and i don't need to buy another switch)
Thanks all for any answer. I do appreciate.
Mike
This makes very little sense. OpnSense might use 802.1X on your WAN connection if your provider requires it and if you set that up during the setup process, but otherwise that stuff is completely absent or disabled.
What switch do you have? What devices are connected where?
Perhaps it might be best to draw a diagram and use the "Insert Code" button on the forum and paste it there.
Something like asciiflow.com can be used (it has an export button which allows you to copy the text).
So far this is all that can be gleaned from your explanation:
┌───────────────────────────────────────┐
│ │
│ TP-Link Switch │
│ │
│ │
│ │
│ Port 6 │
└───┬───────────────────────────────────┘
│
│
│ Ethernet cable
│
│
┌────────────┴──┐
│ │
│ OpnSense │
│ │
│ │
└───────────────┘
Some PC, Server, or Virtual Firewall appliance?
More information is required:
- What hardware are you using (type/part/brand)
- What network interfaces do exist in hardware
- What network interfaces are defined in the interface assignment in OpnSense
- How are those interfaces configured (manually, static, DHCP, PPPoE etc)
- What is connected where
- Which specific switch are you using
- What ports are available
- What is plugged in to those ports
Thx a lot oneplane for your support.
I think, too - make not really sense, what TP suggested ..I tried to draw something simple
(i hope it's not too simple :-) )
┌───────────────────────────────────────┐
│ │ ┌──────────┐
│ TP-Link Switch TL-SG1024DE Port12│────│ Windows │
│ │ └──────────┘
│ Port 5│──── ┌────────────────┐
│ │ │ │ ┌───────┐
│ Port 6 Port 9 Port 8│ │VoIP/Wifi Router│───│ WiFi │
└───┬──────────────────────┬─────────┬──┘ │ │ │ │
│ │ │ └────────────────┘ └───────┘
│ │ ┌─────────┐
│ Ethernet cable │ │WiFi Ext.│
│ │ └─────────┘
│ │
┌───────────────────────────┐ ┌────────────────────────┐
│ igb0 LAN (static) │ │ igb0 LAN (static) │
│ igb1 WAN │ │ igb1 WAN (dhcp) │
│ (igb1:not configured yet) │ │ │
│ │ │ OpnSense PROD(running) │
│ OpnSense NEW │ └────────────────────────┘
│ │
└───────────────────────────┘
Port 10,11,13,14,15,19,21-24 ==> Linux based Machines
Port 2,4,7,16-18,20 (disabled)
All Ports: Speed/Duplex:auto, Flowcontrol:off
- What hardware are you using (type/part/brand):
Port 9: apu Board,Model number GX-412TC (PROD running)
Network: igb0,igb1 - auto 1Gbit NIC
configured NICS: igb0,ibg1
Port 6: Intel Core i5 8250U (new PROD - not running yet)
2400Mhz DDR4 RAM Slot Max 32GB Firewall Router
Processor 6 Lans AES-NI VPN Pc
Network: igb0-igb5 - auto 1Gbit NIC
configured NICS: igb0