OPNsense Forum
Archive => 23.1 Legacy Series => Topic started by: knebb on February 07, 2023, 08:25:15 am
-
Hi,
I am considering to migrate to OPNSense (currently two PFSense 2.6.0 CE). There might be only minor differences but I want to make sure.
Reading the Wiki (https://docs.opnsense.org/index.html) I still have some questions:
Currently I use the bind dns plugin and are maintaining my own local zones through two sites (master-slave DNS). I noticed there is a bind plugin for OPNSense but does it offer full bind functionality (own zones, per zone configured as forwarder or master/ slave, notifies)? If not, do you have an idea how I can maintain my local network by hostnames?
A VPN connection as client AND as server for multiple road warrirors at the same time? Is this possible (yes, different ports, obviously)? Is there such a nice think like the "VPN Exporter" which exports the clients configuration files so they can be used directly on Linux/Win/Mac clients?
Hardware related- will OPNSense run on same hardware as pfsense does? Especially hardware crypto?
Will I be able to easily add static DHCP leases?
Thanks a lot!
/KNEBB
-
Currently I use the bind dns plugin and are maintaining my own local zones through two sites (master-slave DNS). I noticed there is a bind plugin for OPNSense but does it offer full bind functionality (own zones, per zone configured as forwarder or master/ slave, notifies)? If not, do you have an idea how I can maintain my local network by hostnames?
Primary and secondary zone support exists. Forward zones are currently in the works and expected in one of the next updates.
A VPN connection as client AND as server for multiple road warrirors at the same time? Is this possible (yes, different ports, obviously)? Is there such a nice think like the "VPN Exporter" which exports the clients configuration files so they can be used directly on Linux/Win/Mac clients?
Yes and yes as far as I know. There were some posts of people experiencing difficulties with the exported client configuration.
Hardware related- will OPNSense run on same hardware as pfsense does? Especially hardware crypto?
If it is Intel/AMD based, most probably yes. ARM not yet for production. IIRC some appliances sold by Netgate are ARM based.
Will I be able to easily add static DHCP leases?
Define "easily" ;) Show list of dynamic leases in the UI, find the client, click on a small "+" on the right hand side to be taken to the static lease form for that client.
If you have an Intel/AMD based desktop/laptop at hand that can run VirtualBox I suggest you just give OPNsense a spin to get a feeling for the UI and its features:
https://github.com/punktDe/vagrant-opnsense
HTH,
Patrick
-
Hi,
Primary and secondary zone support exists. Forward zones are currently in the works and expected in one of the next updates.
Sounds good. I might give it a try.
Yes and yes as far as I know. There were some posts of people experiencing difficulties with the exported client configuration.
Looks like I have to test this before... a lot of work but ok. Needs to be done. I was hoping to know it for sure without testing.
Define "easily" ;) Show list of dynamic leases in the UI, find the client, click on a small "+" on the right hand side to be taken to the static lease form for that client.
That is easy, indeed. I did not ask for more. Thanks!
I will have to set up a virtual machine first to see if it works fine. But requirements seems to be met already.
Thanks for your information!
/KNEBB
-
Just use my Vagrant project linked above for the virtual machine - easy peasy.