Hi everyone.
Im tryinging to install a opensense firewall for about 1 and a half year now without succes. I have wasted countless hours trying and watching all yt content without succes. Both HomeNetworkGuy's 2025 and old guides, sheridan computers videos you name it. I dont even know why and what im doing wrong. Last year at new years eve i finally had a IP Lease but i noticed it after restarting the firewall appliance. The setup goes like this: modem>(protectli)Opnsense firewall>(Zyxel) managed switch> Openwrt AP. I dont know if im doing it wrong on the Opnsense firewall, the zyxel managed switch or on the Openwrt AP im configuring.
Can someone help me out with this task since i tried by myself for about a year now and cant pull it off. Im using the GUI (NO COMAND LINE) to do it.
How is your Internet uplink supposed to work? DHCP? PPPoE? That information can come from your ISP only. Or from examining a working device if you have access to its admin UI.
You must know this upfront or no YT video is going to help you. There are settings very specific to your ISP and the "Internet" product you rented alone.
I have PPPoE if im not wrong. On the site it said:
Annex: A
Mode: PPPoE.
Side question.
Is it a must to be connected to the internet to configure Opnsense and get a IP LEASE ?
What do you mean by "connected to the Internet"? To make OPNsense your Internet router and firewall of course you need to connect OPNsense's WAN port to the modem. Then you connect your switch to OPNsense's LAN port and your PC to the switch.
Your PC should get an IP address from OPNsense's default LAN range 192.168.1.x. You should be able to connect to the OPNsense UI at address 192.168.1.1 with your browser and login.
Then you follow the well documented procedure to set up a PPPoE link, using the username and password and potentially other information (VLAN?) you got from your ISP.
The documentation is here:
https://docs.opnsense.org/manual/how-tos/pppoe_isp_setup.html
HTH,
Patrick
Hi Patrick
First of all thank you so much for the response. I hope you understand that its all a bit new to me.
What i meant is that i walked all/as much of the steps of configuring the firewall without having the modem installed yet or having it connected to the internet (keeping it offline) since cutting off internet at home for to long of a period might cause a uprising, heavy resistance and protest from kids and wife.
I followed this guide step by step: https://www.youtube.com/watch?v=fPP4UE6IuRc&pp=ygUXaG9tZW5ldHdvcmtndXkgb3Buc2Vuc2U%3D
And for the zyxel managed switch this guide: https://www.youtube.com/watch?v=2VHgZg5jFiM&pp=ygUsenl4ZWwgbWFuYWdlZCBzd2l0Y2ggZ3MgMTIwMC04IGNvbmZpZ3VyYXRpb24%3D
I followed it step by step except for the only part i did not do from the start is the PPPoE and ISP credentials part. My thought was that i could do this part last so that i would not lose wifi connection from the ISP router i am connected to now. But this shouldn't be necessary for a valid IP Lease from the Openwrt AP right?
Also what i still don't get is if the switch and AP should be in the same IP range as the modem and Opnsense firwall. Meaning if the modems IP address is lets say 192.168.1.1 the firewall is 192.168.1.2 should the the switch and AP also be at 192.168.1.3 and 192.168.1.4 or a different 192.168.1. IP?
I did it this way just to not complicate things more than they already are but since the switch recognizes the VLAN TAGs not the IP addresses right?