OPNsense Forum
Archive => 17.1 Legacy Series => Topic started by: agustinrojen on January 26, 2018, 06:07:15 pm
-
As seen in the image attached below. That will be my setup.
Default Internet IP Gateway: 192.168.254.254
My OPN Interfaces.
LAN (re0) -> v4: 192.168.1.1/24 (default. never changed after installation.
WAN(ue0) -> v4/DHCP4: 192.168.254.101/24
As you can see. Instead of using wireless driver NIC for my WAN. I used my first wired NIC as indicated below for my WAN interface, from Modem to OPNSense. That is why I got 192.168.254.101/24
So. I opened shell in my OPNsense and ping websites(google, facebook, etc.) to test my connection. Hopefully, I got a reply and it can ping those websites.
and my question is..
How do I set up OPNSense to give clients IP address, Gateways, and DNS? for internet connection.
As indicated below. I will be using my second wired NIC from OPNsense to my Switch and my Switch to the Clients.
Can someone help me with my problem? Btw. I'm a newbie when it comes network security. So, it'll be much appreciated if you gentlemen/women could help me. Thank you! I'll be waiting for your thoughtful replies. :)
From Philippines.
-
Configure a DHCP server. Use the search in the web interface and look through the help.
We're here if you still have questions after that ;-)
Bart...
-
Im sorry sir. I think I've explained my setup wrong and in the other way. Please read this again. It's just a vice versa.
Default Internet IP Gateway: 192.168.254.254
My OPN Interfaces.
LAN (re0) -> v4:/DHCP4: 192.168.254.101/24
WAN(ue0) -> v4/DHCP4:
As you can see. Instead of using wireless driver NIC for my WAN. I used my second wired NIC as indicated below for my WAN interface.
I got 192.168.254.101/24 on my LAN interface because it was set into DHCP.
I just recently configured my DHCP server for LAN interface. But before I can configure dhcp server. I must make my LAN interface into a static form right?
So I change my LAN interface into static.
LAN (re0) -> v4:: 192.168.254.1/24
WAN(ue0) -> v4/DHCP4:
Then. I opened shell in my OPNsense and ping websites(google, facebook, etc.) to test my connection. Hopefully, I got a reply and it can ping those websites.
Then. I've already change my LAN IP into static. I just finished configuring my DHCP server for my LAN interface. But. How can I give my WAN an IP address(internet connection from my DHCP server). How can I give IP address or internet connection to my clients if my WAN interface doesn't have one. My WAN interface is set to DHCP4. I thought it will have an IP coming from my LAN DHCP. Am I wrong? Please help me.
So it'll be. MODEM -> OPNSense (LAN Static) DHCP Server -> OPNSense(WAN DHCP4) -> SWITCH -> CLIENTS
Thank you again!
From Philippines.
-
So it'll be. MODEM -> OPNSense (LAN Static) DHCP Server -> OPNSense(WAN DHCP4) -> SWITCH -> CLIENTS
Are you really connecting it incorrectly? WAN is the side at the modem and LAN where your client(s) is/are.
The DHCP Server should run on your LAN interface to give the clients some configuration.
The DHCP Client should run on WAN if you don't get a static IP.
LAN has a STATIC IP.
WAN has a DYNAMIC IP (via DHCP)
-
What do I need to do sir? I cant understand it :(
Heres my diagram to follow.
-
Your connection should be:
MODEM -> OPNSense (WAN DHCP or Static) DHCP Server -> OPNSense(LAN Static) -> SWITCH -> CLIENTS
-
But. How can i access my Web GUI if.my.first wired nic will be WAN?
-
Because I wil be using a wired NIC for my WAN. How can i access web GUI then?
-
You don't need to post the same question twice. ;)
I assume you're talking about the OPNsense web UI? If you are then you access that from a computer on your LAN and connect to the LAN interface shown in my description.
-
I got it from. MODEM(Internet) to OPNSense(WAN DHCP)
It is WAN 192.168.254.102 via DHCP and I got replies from websites when i pinged them.
But. I really dont have idea on what you said. OPNSense(LAN Static) to switch. What IP do i need to put on my static LAN? Gateway and DNS'S?
-
up.
-
I strongly advise you to do the following:
1. Reset OPNsense to its factory defaults.
2. Connect your devices this way: internet ->modem (WAN); modem (LAN) -> OPNsense (WAN); OPNsense (LAN) -> switch -> clients.
It will definitely work, and is secure by default. In fact, it is so secure that maybe (just maybe) it will get into DNSSEC issues with DNS servers of your ISP. If this happens it looks like you did something wrong, but you didn't. Get back here to advise you accordingly if the case.
Last but not least, I strongly encourage you to ask your ISP to put the modem in bridge mode and to tell you how the public IP address is allocated for that case.
If bridge mode for modem is not possible, try setting in the modem the WAN IP of OPNsense as DMZ.
Goodluck, and cheers!
-
Excuse me. The internet and Modem in my situation is one.
Its a LTE modem that has a wifi and lan built to it and supplied internet by sim card. Default gateway is 192.168.254.254
It has 4 ports LAN ports.
LAN1 -- LAN2 -- LAN3 --LAN/WAN
Where should I connect it? From modem to opnsense.
-
Uhm mr. Hutiucip. I followed all ur instructions. and i succesfully entered my opnsense web GUI using the lan default 192.168.1.1 using my switch and client unit even though my WAN is 192.168.254.100 via dhcp.
But the problem now is. I can access.my opnsense web gui using my.clients. but my clients doesnt have internet.connection. what does that mean? Am i going to.configure something on opnsense. To have internrt connectoon in my clients?
-
Configure the WAN of your OPNsense as follows:
Type: Static
IP: 192.168.254.253
Subnet Bit Count: 24 or Subnet Mask: 255.255.255.0
Gateway: 192.168.254.254
LAN:
Type: Static
192.168.10.1
Subnet Bit Count: 24 or Subnet Mask: 255.255.255.0
Gateway: no Gateway
Then Configure a DHCP Server on LAN:
Range: 192.168.10.10 192.168.10.200
IP of the Gateway: 192.168.10.1 (IP of OPNsense)
-
@Fabian, why a static LAN IP + reconfiguring the DHCP, since by default OPNsense would auto configure static LAN + DHCP on 192.168.1.0/24 that would not overlap 192.168.254.0 on the WAN?
I ask this only because he states (repeatedly) that's a novice in OPNsense/ networking, and leaving everything on default should do the trick perfectly for him, no fuss... :)
-
It has 4 ports LAN ports.
LAN1 -- LAN2 -- LAN3 --LAN/WAN
Where should I connect it? From modem to opnsense.
Theoretically, any of the 4, but I would go with LAN1, it will definitely work.
PS The last port is named LAN/WAN because your router is a mixed router, it can have WAN on a SIM (like it already does now) but also can be configured as a wired only GW, WAN being also a UTP cable, which case your last LAN port becomes the wired WAN port.
Still, try and see if you can configure your modem as a bridge. It would be perfect.
If not, at least in the modem configuration, try to DMZ OPNsense (192.168.254.110 - or whatever IP address will be in OPNsense for WAN)
-
@Fabian, why a static LAN IP + reconfiguring the DHCP, since by default OPNsense would auto configure static LAN + DHCP on 192.168.1.0/24 that would not overlap 192.168.254.0 on the WAN?
A lot of SOHO routers use this network and if you plan to do a Site to Site tunnel, it will not work because the network would be overlapping.
If no VPN is planned, this network should work without issues as well.
-
A lot of SOHO routers use this network and if you plan to do a Site to Site tunnel, it will not work because the network would be overlapping.
If no VPN is planned, this network should work without issues as well.
True!
I higly doubt that there will be any S2S VPN envolved... But if @agustinrojen foresee it, (s)he would act accordingly.
-
LOL !
Why are you speaking about S2S vpn ?? seriously, I m agree with hutiucip to let the Maximum parameters by default for him because he doesn't have the basic network knowledge :(
Speaking and ask to perform advanced configure tasks to a user is the best way to lost customers/users :(
We should just help basic users and neophyte users about the solution witch are discuss around it.
Step by step :)
So next step is probably : How to replace our initial modem/router equipment by a single OPNsense utm :)
Enjoy it :)