Messages

OPNsense 23.1.11

Hello All,

In an office enviroment, we have a VoIP call server and Desktop PC's using Splashtop for remote access. There is a load of other devices, but I'm not looking to traffic shape any of them.

I have it currently set up with the VoIP Server having a queue weight of 100, Desktop PC's 75 and all other traffic 25. This all seems to work fine for keeping VoIP top priority and remote access just under that.

Where it's causing me a problem is if the desktop PC's are used for anything else - they are obviously being given a queue weight of 75 for something like YouTube.

My question is - can you use Aliases in traffic shaping rules? I have created Aliases for all the Splashtop Relay servers, but I don't seem to be able to reference them in either the source or destination of my rule.

Thank you in advance!

Having a separate IoT network sounds perfect! Is there an idiots guide on how to create this?  :)

Hi All,

I manage a LAN ran from a 4-port OPNsense router and a few switches.

Port 0 = WAN (Openreach Modem)
Port 1 = LAN (Layer 2 Switch)
Port 2/3 = Unused

I have a situation where we're going to install an external EV charging point for a couple of the company vehicles. This device requires a network connection.

I'm reluctant to run a cable outside and have it plugged into the layer 2 switch because of the obvious security risks.

My question is - can I use one of the spare ports on the router and include some port-security to shut the interface down if the link is broken, for example? If so, would someone mind pointing me in the right direction on how to implement that?

Fixed myself! Thought I'd post in case anyone is to stumble upon this in the future....

In OPNsense, I simply had to create an OUTBOUND NAT rule, with the IP Office as the source and everything else as any.

Hi All,

At work I've just swapped out our old ASUS router (Running Merlin firmware) for an OPNsense build (23.1.1)

I copied over all port forward from what we had before and enabled port reflection to get most things working as they were before. The one thing I have an issue with is our IP Office remote workers. With all the old port forwards in place, they are able to connect, make a call but either participant on a call can't hear anything.

I believe the phones create their own H.323 connections.

I'd assume this is something to do with the firewall blocking RTP ports?

The old router had WAN-NAT Passthrough. Is this maybe why it worked before? Anyone know how I can replicate this with OPNsense?

Image from ASUS (Merlin) NAT Passthrough....


OPNsense Port Forwards
https://ibb.co/jG0mMMY