hm at the moment i am running opnsense as router and omada (switches and aeps). Vlans set up on opnsense, integrated in omada without any hassle.
Now i am wondering if i should manage accessibility between vlans, clients and so on in opnsense (firewall) or on omada via ACL.
on the one hand, all managed by opnsense, i got all rules on one place and omada is just for the smooth integration of all the hardware
on the other hand opnsense just has just to route the wan related stuff. i have to get a closer look on the UI of omada, but on the first glance, omada seems to be more intuitive.
i really would appreciate your opinions and aspects ... hopefully this isnt a complete dumb question.
thank you :-)
I'm on my way to get a setup fairly similar to yours.
I'm currently all Omada and
- my ER605v1 is EOL.
- I'm tired of dealing with limitations of Omada's ACLs, in particular the absence of logging, lack of granularity on inter-VLAN traffic control (currently for an entire VLAN as source and destination, no port or host).
You can work around the GW LAN->LAN ACLs limitations with switch ACLs but the latter are stateless and somewhat painful (I'd reserve their usage to intra-LAN use cases, if any).
I've been playing with OPNsense in transparent filtering bridge mode for a little bit and I'm sold.
I'm currently planning my transition.
I expect to only use Omada for VLAN port assignment once I'm done.