Messages

I know I have to use a VPN when accessing it away from home. I am not going to expose it in this way. But right now, OPNsense is behind my router, and I just want to learn how to properly configure firewall rules in the setup I have now. Which of the rules I set up are wrong, what other rules should I set up, and are there any other configurations I need to do, so that the firewall works in the way I want?

I have attached all rules related to the interfaces. ManagingHosts alias is about a few computers on the WAN side. OPT1 and OPT2 interfaces are VLAN1 and VLAN2-DMZ respectively but they are not configured as VLANs regardless of the labels; this would be my next task if I am able to resolve this problem. I would like to access the OPNsense GUI, which is the LAN interface 10.10.1.1, from the WAN side/network 192.168.50.0, as once I expose OPNsense to the world, I want to be able to access it if I am away from home/my network. So right now, the 192.168.50.0 network is like WAN and I can't access the GUI from there, neither trying to connect to 10.10.1.1 nor to 192.168.50.100 which is the WAN interface address. To access it, I login to a computer which is connected to the LAN interface. I am trying to learn how to properly create rules, I am also not sure if I should do anything with other settings like NAT, etc. I really appreciate your time and help!

I use these machines to test, and yes, I can ping the gateways from the WAN side, but I can't ping the machines behind the gateways, and I can't access these machines neither using RDP nor SSH from the WAN side whatever I've tried. I can't access the OPNsense GUI from the WAN, either

Sorry, I should have mentioned it, I have computers connected. As I explained, my OPNsense has 4 ports – WAN, LAN and OPT1 and OPT2. The WAN and LAN addresses are 192.168.50.141 and 10.10.1.1, and the other two are 10.10.10.1 and 10.10.20.1. I have Windows machines connected to LAN and OPT2, and a Linux to OPT1. As I said, whatever I do to allow access from the "Internet"- 192.168.50.1 network, to LAN and OPT1 and 2, it just does not work. I guess I am doing something wrong or maybe I am not doing what I should do. I can't find anywhere an example how to allow that access to ping, RDP, ssh for example, to see what I am missing. I was only able to ping the 4 interfaces – 192.168.50.141, 10.10.1.1, 10.10.10.1, and 10.10.20.1 but not the machines connected to them.

Hi, sorry for my delayed response, I was away. I would like to do it this way as I would like to fully understand how OPNsense works, how to create rules, how to properly design, to setup different subnets, VLANs, and then to expose it to the Internet. Thank you very much for your help.

Hello,
I am new to OPNsense and need your help. My OPNsense firewall is behind my router and its IP address is 192.168.50.141. LAN interface IP is 10.10.1.1, also I have two more interfaces -OPT1 and OPT2. I can access GUI from LAN network but I would like to setup access from the "WAN network" which is actually my private network. I am aware of all security problems and so on, it is just about my private network. I spent days doing research on the Internet I think I tried everything discussed in this forum so far, including using the NAT port forward as per this discussion - https://forum.opnsense.org/index.php?topic=3876.15. I can't make it to work. I guess I am doing something wrong or maybe I don't do something that I need to do. What should I do? Thank you very much for your help. I am running the latest version - 23.1.11