OPNsense Forum

English Forums => General Discussion => Topic started by: delta161 on June 02, 2018, 09:28:31 pm

Title: Opnsense In Unifi Network
Post by: delta161 on June 02, 2018, 09:28:31 pm

Hey Guy's

Currently I have a full unifi network:

                             (==MODEM==)
                                        ⬇︎
                      (===UNIFI USG PRO===)
                                         ⬇︎
                 (===UNIFI 24P PoE Switch===)
                                         ⬇︎
                  (===UNIFI 8P PoE Switch===)

Over this network there are 10 vlan's running and a CloudControl Key attache to the 24P switch.

My opnsense machine is install on esxi witch has 2 physical NIC's.
I would like to put the OPNsense firewall between the 24P Switch and USG PRO, and use the physical interfaces as IN and out interfaces while keeping the TRUNK set by USG tor transport all the VLAN's.

My question is how to configure the interfaces to allow this?
Feel free to suggest an alternative placement of the opnsense box.

Title: Re: Opnsense In Unifi Network
Post by: bartjsmit on June 03, 2018, 09:44:54 am

Set each vSwitch to trunk mode to allow VLAN tagging at the guest. Otherwise you'll end up with a VM with 20 vNIC's :o

https://kb.vmware.com/s/article/1004252 has more

Bart...

Title: Re: Opnsense In Unifi Network
Post by: delta161 on June 03, 2018, 09:52:43 am

Bart,
Thanx the article is really helpful for the configuration on esxi level, but how would it look on opnsense level ?
Would it just require 2 interface with a bridge ?

Title: Re: Opnsense In Unifi Network
Post by: bartjsmit on June 03, 2018, 01:22:28 pm

Yes, if that is how you want to use it: https://wiki.opnsense.org/manual/how-tos/transparent_bridge.html

What are you looking to do on OPNsense? E.g. bridge mode excludes shaping.

Bart...