OPNsense Forum

English Forums => General Discussion => Topic started by: vikozo on October 03, 2018, 02:08:29 pm

Title: Newbie question
Post by: vikozo on October 03, 2018, 02:08:29 pm

Hello
would this configuration like this be working, normaly i would try it with error ;-) but my Server with Mail/WEB is running and the time away from the net should be short ;-)
At this time i have the DMZ Port active nothing else, i do have the newest Software version.


      WAN / Internet
            :
            : DSL
            :Fix IP *.50
      .-----+-----.
      |  Gateway  |  (Fritzbox 7490)
      '-----+-----'
            | 10.0.01
        WAN | IP
            | 10.0.02     
      .-----+------.      WLAN       .------------.
      |  OPNsense  +-----------------+  AP *.11   |--- User get DHCP
      '-----+------'  10.140.3.0/24  '-----+------'    DHCP *.100 - *.150
            |                              ¦
            |                              +---------- TV with WLAN (DHCP), should connect to the PLEX VM
        DMZ | 10.20.0.0/24
            | DMZ will need a small Range of DHCP
      .-----+------.
      |   Switch   +--- my Laptop to configure 10.20.0.7
      '-----+------'
            |           
      .-----+-------.
      | VM Hardware |
      '-----+-------'
            |
            +------... (Virtuell Server (ISPConfig))
            |            with BIND/DNS, Mail, Web)
            |            10.20.0.147/24
            |
            +------... (virtueller Server (nextcloud)
            |           Over VPN Connection     
            |           10.20.0.150/24
            |
            +------... ( VM Plex Server)
            |            10.20.0.155/24
            |
            |

OPNSense should have, I think
HA Proxy
VPN gateway named vpn1.domain.net

The Fritzbox has a exposed Host configured which give access to ISPConfig Virtuell Server.
Do i have to change this exposed Host to the OPNsense Port (Which one?)

And the configuration should go as fast as possible, because of the Server which should not be to long offline.
so maybe i will ask a lot of question until i'am confortable to do it ;-)

In the Routing part is there a need to configure something too?

have a nice day
vinc

Title: Re: Newbie question
Post by: jjanzz on October 18, 2018, 11:57:36 am

The best thing you could probably do, is take the Fritzbox out of the equation. As you have DSL, OPNsense is perfectly able to 'dial in' via PPPoE or whatever it is your upstream provider uses. Doing so prevents nastyness that comes from having a double NAT.

Are the VMs using different ports? If so, you could just use port forwarding.

Title: Re: Newbie question
Post by: vikozo on February 25, 2019, 07:34:27 am

Thanks for your feedback, the fritzbox would be still used for the Telephonie part