Messages

1

General Discussion / Re: Unmanaged switch between Converter and Firewall

« on: September 07, 2023, 07:37:21 pm »

For traceability. I decided to go with a Unifi Lite 8 PoE. Everything works great. The cabling is like below:

Media Convert (fiber) ----> (port 1) > Unifi Lite 8 PoE < (port 2) ----> (port 1) > OPNsense < (port 2) ----> (port 1) > Another Unifi Lite 8 PoE

Then:

Unifi Lite 8 PoE (port 8 ) --(Block all VLAN only default network)--> (port 8 ) Another Unifi Lite 8 PoE

I tagged port 1 and 2 with VLAN 999. No tagging in OPNsense. Only DHCP on the WAN. I also tagged port 8 on the first UniFi Lite 8 and port 8 on the second Unifi Lite 8 PoE just to be able to manage the first switch outside of my network.

Everything works great so far. I can saturate the whole 1 Gbit/s I pay for (950 Mbit/s) without problems.

Thanks!

2

General Discussion / Re: Unmanaged switch between Converter and Firewall

« on: August 30, 2023, 03:25:25 pm »

Thank your for your response. I decided to try with a managed switch first. I went with Unifi Flex Mini because my switch and access points are also UniFi. I guess I'll need to tag the WAN with a VLAN to my Firewall. Not really a problem for me. Since my ISP provides IPTV via VLAN I decided to go with a managed switch instead. I'll report back with the result.

Very frustrating problem...

3

General Discussion / Unmanaged switch between Converter and Firewall

« on: August 30, 2023, 12:26:48 am »

Hi!

I have a very interesting problem. My firewall is running on 2.5GBE. My fiber converter from my ISP only supports up to 1GBE. I have tried everything to get the firewall port to connect to the converter on 1000baseT. Although, the converter is always rejecting the request and nothing is happening. The port is not lighting up or anything. I know and have verified several times that there is nothing wrong with the ports on my firewall. They all work great and light up if I plug them directly into my managed LAN switch for example.

So, my solution was to add a USB to Ethernet converter to my firewall and use that as my WAN port. It works, but now I have a problem in OPNsense that the USB to Ethernet converter toggles between up and down and therefore I also lose internet connectivity at home every time it does. I can force myself to lose internet by running speedtest.net and using 1Gbit/s up and down. The USB to Ethernet converter cannot handle the speed and therefore I lose internet. This seems to be a known problem (https://github.com/opnsense/src/issues/180, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252165).

I have tried talking to my ISP and asking them to give me a new fiber converter, but they do not want to do that. Therefore I am now in a situation where I do not really know what I should do. It seems like I have two options:

1. Add an unmanaged switch after the fiber converter, but before the firewall.

I will not plug ANYTHING else into this switch. I will solely use this as a way for my firewall to get internet.

2. Get a new firewall with SFP port to plug to fiber directly into my firewall.

I don't really want to buy new hardware, because the hardware I am using is quite new. Would it be possible to go with my first idea to add an unmanaged switch after the fiber converter and before my firewall? I don't want to Double-NAT and this seems like the easiest solution, although maybe I am overlooking something?

Greatly appreciate any help!