OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of bangcrash »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - bangcrash

Pages: [1]
1
23.1 Legacy Series / Re: Physical Interfaces & VLANs
« on: June 05, 2023, 05:23:41 pm »
Thanks very much for the info.

I went into the LAN interface and disabled the IPV4 addressing (I don't use IPV6) as you suggested and everything seems to be fine.  As a result of this change I did find a weird DNS problem where querying router.localdomain returned a AAAA record that contained the IP addresses of the OPNsense box on all interfaces.  To fix this I went to Services > Unbound DNS > General and enabled "Do not register system A/AAAA records".  I then created an override in Services > Unbound DNS > Overrides to return the IP address on my primary VLAN for queries for router.localdomain.

As a final precaution I created a replica of the antilockout rule on the firewall for my primary VLAN just in case.

Thanks again

2
23.1 Legacy Series / Physical Interfaces & VLANs
« on: June 02, 2023, 12:06:22 pm »
When I was setting up my OPNsense install I was learning as I went and I think I have ended up making some errors in the configuration of the VLANs against the physical interfaces and I would like to understand how to fix it without tearing everything down and starting again.

I am using an HP T620+ thin client with a 4 port Intel NIC

During the install em0 on the Intel NIC was used for the WAN and em1 was used for the LAN.
I have then created 4 VLANs (opt1, opt2, opt3, opt4) using em1 as the parent.
The LAN network still exists and is using the IP range 192.168.1.0/24 which I believe is the default.  All of the VLANs are using 10.69.x.0/24.  The box responds on 192.168.1.1 and traffic can use the LAN network.

My questions are:
Can I remove the LAN network as it is redundant in my set up and if so how?
Would it be better to disable rather than remove the LAN network?
Will removing or disabling the LAN network have any detrimental effects on the configuration?  i.e. anti-lockout rules etc.
How should I have configured things from the start? Should I have used the LAN network instead of one of the separate VLANs that I created?

If I haven't provided enough info then please let me know.

Thanks in advance

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2