Messages

egeback,

I am trying to plan a similar setup. My ISP provides (non-static, i.e. via DHCP) multiple public IPv4 IPs (at least 3, maybe 5). My interest is if one of the opnsense instance goes down due to hardware or reboot the other takes over. If my WAN DSL modem (a single point of failure) has an issue, then I will accept that.

Can you post what steps you took to get your setup going? I have VLAN capable switches and also use ProxMox.

Stuart

Forum members,

I have been running pfSense for some time and am contemplating a move over to opnsense. In so doing there are some several things that interest me and I am in a phase of doing research at this time.

I have a DSL modem that is in bridge mode and it will provide me with 3 or 5 publicly routable dynamic IPv4 address (modem reboots, I likely get new IP addresses). I have several Cisco switches with 2 vLANs I use (one vLAN has just my DSL modem on it, the other vLAN is my LAN, though I'd like to add a couple more vLANs for guest WiFi and maybe cameras on a 4th vLAN). pfSense routes betwixt the WAN and LAN vLANs currently.

One interest is to have the HA instantiated in a manner whereby one opnsense node is running on a dedicated hardware device and the other is virtualized. Total fault tolerance is NOT my goal. I work from home and would like to know that if I need to upgrade and reboot my main opnsense node or the dedicated hardware fails the virtualized instance will take over. I presume another vLAN would need to be added for the heartbeat for the 2 opnsense nodes (I have no problem with that).

I currently do not use IPv6 but it seems a good time to consider setting that up too as my ISP does give me a large number of publicly routable IPv6 addresses I understand.

With respect to dedicated hardware many people told me that older Sophos XG and SG firewalls run both pfSense and opnsense well. I am also investigating older Watchguard firewalls (XTM 5 series). Any ideas on that would also be well appreciated.

I am also curious if there are any scripts that can convert portions of a pfSense backup into a format that it can be uploaded to opnsense to minimize full on reconfiguration.

Thanks in advance!

Stuart

OPNsense users, developers, et alia:

I am running pfSense and am wondering are there any scripts or mechanisms to assist in a conversion from pfSense to OPNsense?

Thanks!

Stuart