Messages

I'm not an expert so no idea if my solution is related to your problem.

One of my onboard NIC's went bad and I had this exact problem. I installed a PCIe two-NIC card and that solved my problem.

If you have a spare NIC, might want to try it.

Perfect! That's what I'd like to do. Can you give me some guidance on creating the firewall rules to set it up this way?

Thank you!

Happy New Year!

I have my IOT LAN up and running. I'm gradually moving IOT devices (Wyze cameras, Nest thermostat, etc) off my normal LAN to the IOT LAN.

Currently I'm able to connect to devices on the IOT LAN from the normal LAN and vice versa. I know I can disable to firewall rules that allow this.

I was wondering about creating a firewall rule that allows establishing a TCP connection from the normal LAN to the IOT, but would not allow an IOT LAN device to establish a TCP connection to the normal LAN.

Do you think this would compromise the security of my network? I was thinking it could be handy to be able to connect to the IOT devices from the PC on my normal LAN.

Thanks,
John

I really like your network design. The diagram you built is well done. I will build a similar diagram as I do my design.

I like your use of VLANs. I thought a while ago that VLANs would be the perfect solution, but the price of the gear made me think it wasn't viable.

There are a variety of concerns with IOT devices. Many of them are built poorly so they can be backed. They often rely on P2P networks to get through firewalls. Many are made by Chinese companies with strong ties to the Chinese Government.

I have tried to stay away from TP Link because it's a Chinese company. Giving the Chinese Government nearly direct access to a router on my network seems like a bad idea. Do you consider any other companies that offer a similar wireless access point that supports VLAN?

Thanks,
John

Ah. Thank you. Thanks for pointing me to the supported hardware list.

Hi,

I'm a long-time OPNsense user and am contemplating the best way to set up a separate IOT LAN.

My OPNsense PC has a dual-NIC motherboard. I'd like to add a PCIe NIC and have all my IOT devices sit on this NIC/LAN.

I think I'll set up a separate class C address space for this LAN. I think I should be able to create rules to allow devices on the normal LAN to be able to reach the IOT LAN, but not the other way around. Does that sound doable?

I'd appreciate hearing any thoughts or advice you might have.

Thanks,
John

Hi,

My OPNsense firewall is based on an ASUS ROG Strix H370-I.

This board includes an Intel Wireless-AC 9560 [Jefferson Peak].

I'd like to use this wireless interface to set up an IoT wireless LAN to move all my IoT devices off my primary LAN.

Is it possible to make this wireless interface work with OPNsense? I had hoped by picking a popular, main-stream motherboard that hardware support would be fairly decent.

pciconf -lv
    vendor     = 'Intel Corporation'
    device     = 'Wireless-AC 9560 [Jefferson Peak]'

Thanks,
John

Hi,

Thanks so much for OPNsense. It's wonderful to have such a powerful solution.

How do I analyze the traffic on my network?

I have IOT devices and I wonder what they are doing. Are they connecting outside my network? What ports are they using?

How do the pro's use OPNsense to figure this out?

I have OPNsense running on a very beefy dedicated PC with plenty of storage. Do I do a packet capture and then analyze the data? Is there a way to capture netflow data and then review it with some sort of purpose-built GUI?

Thanks,
John

Hi,

My OPNsense box has been running great for many months. I decided to upgrade from 18.7 to 19.1 today and now my system won't boot.

I downloaded the latest 19.1 image, burned it to a USB drive, and when booting from it, I get the same error.

My hardware is ~6 months old. I built the system specifically to run OPNsense. Do you have any idea what might be wrong?

Thanks,
John
https://imgur.com/a/u7CpdC4

Hi,

I'm running OPNsense 18.7.9-amd64 and having a really fun time analyzing traffic on my network.

I've noticed that my phone and tablet are no longer able to stream TV from my TiVo using the TiVo Android app. I can browse channels and see the recorded shows, but when I try and stream a show, it fails.

Do you have any idea what setting in OPNsense might be causing this? Streaming works fine on my Netgear firewall. I suspect there is a setting in OPNsense that I've not set correctly.

Thanks!
John

Is Intel Rapid Storage Technology (RST) software raid or hardware raid? I think it is a hybrid. On my Linux systems the OS is aware that the raid array is an array and not a single physical disk.

Thank you very much for reading my question and giving me advice. I will check the hardware list and I'll post back here to let you know how it works out. THANK YOU!

John

Hi,

I'm building an ITX PC to run OPNsense. I would like to install dual M.2 SSD's and RAID 1 (mirror) them so that if one fails my OPNsense firewall will continue to work.

Is installing on a RAIDed SSD supported?

Here is the HW I'm planning to use. I welcome any advice on it.

John

Item   Cost   Description
CPU   114.99   Intel Core i3-8100 Coffee Lake Quad-Core 3.6 GHz LGA 1151 (300 Series) 65W BX80684I38100
Motherboard   141.38   ASUS ROG Strix H370-I
RAM   69.99   GeIL SUPER LUCE RGB SYNC 8GB (2 x 4GB) 
M.2   111.98   Intel 760p Series M.2 2280 128GB
Case   47.53   APEX MI Series MI-008