Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: timlab55 on December 02, 2025, 03:32:12 PM

Title: Where should I put the maintence interface?
Post by: timlab55 on December 02, 2025, 03:32:12 PM
I'm sure a lot of people who are new to OpnSense would like to know this as well.  For example, and again I say "for example", my home network is on 192.168.75.0/24, and my OpnSense is on 192.168.2.0/24.  So where would the maintenance interface go (which ip address)?
Title: Re: Where should I put the maintence interface?
Post by: Patrick M. Hausen on December 02, 2025, 04:45:51 PM
If your home LAN is 192.168.75.0/24 then the LAN interface of OPNsense must also have an IP address in that network. Picking an address from 192.168.2.0/24 for OPNsense won't work.
Title: Re: Where should I put the maintence interface?
Post by: Greg_E on December 02, 2025, 05:16:10 PM
And after that, how many ports do you have on your firewall hardware?

In theory you would need the following:

LAN
WAN
Management

ports if you want to do things the easy way. You can manage the firewall from the LAN (the default configuration). Many of us just make a maintenance network if we have an extra port and use it kind of as backup if the LAN port gives us a problem. And I've had to use mine when I did something that knocked out all my other ports, makes a good use of those onboard Realtek ports that a lot of us have, works good enough to get in and fix your mistake.
Title: Re: Where should I put the maintence interface?
Post by: timlab55 on December 02, 2025, 10:56:50 PM
This is along the same problem.  I've been following the video from "Home Network Guy - How To Set Up A transparent Filtering Bridge on OPNsense" because I'm very slowly learning about networking.  I mean, to me it's step by step (which is what I need).  Two problems.  #1:  One day, I can get it to work (the section I'm learning about), and the next day, I go back and make a correction or something, and it doesn't work.  Come back a week later and it does work.  Doesn't make sense to me.  And yes, he does talk about making the maintenance interface.  He the reason for my question is because of what he is saying, I have no clue about.  In his video he states "You will need to ensure the static IP address is not located in the DHCP range you have set on your primary router and does not conflict with any other static IP addresses on your management network."  So again, with the opening question and this, what should my ip address be for the MGMT interface?
Title: Re: Where should I put the maintence interface?
Post by: Patrick M. Hausen on December 02, 2025, 11:11:37 PM
Why are you trying to set up a transparent filtering bridge? The most complex error prone hard to debug configuration of a firewall existing? Set up OPNsense as a router and firewall which is the well documented default.
Title: Re: Where should I put the maintence interface?
Post by: meyergru on December 02, 2025, 11:17:37 PM
And frankly speaking, the videos I saw from that guy are mostly outdated, unspecific and in some cases, beside "usual" approaches. As Patrick noted, transparent filtering bridges might look like a good idea to beginners (obviously, also to Home Network Guy), while in reality, they make most things harder.
Text only | Text with Images