Messages

1

General Discussion / Re: OPNSense Homelab Setup Question

« on: October 29, 2023, 07:58:54 pm »

Thank you. I will continue on this tomorrow and will respond back regarding my progress. I think I now know which steps to take from where I am at the moment 

Best regards

2

General Discussion / Re: OPNSense Homelab Setup Question

« on: October 29, 2023, 07:48:54 pm »

So this would mean I would have to connect a client either directly to the OPNSense Box or connect a client to the switch that is connected to the OPNSense Box in order to access the WebUI, right?

Is there a way to somehow enable access to the WebUI of OPNSense from clients that are connected directly to the FritzBox?

This should not be a security concern since the OPNSense Box is not exposed directly to the Internet since its behind the FritzBox, correct?

Best regards

3

General Discussion / Re: OPNSense Homelab Setup Question

« on: October 29, 2023, 07:32:18 pm »

Thank you guys so much for your super fast replies.

So when I first assigned WAN to my upstream port the FritzBox DHCP successfully assigned an IP address to my OPNSense box. Sadly I was not able to ping the OPNSense box nor access the WebUI via its DHCP assigned IP from any of the clients that are directly connected to the fritzbox.

After I assigned LAN to the upstream port I was able to reach the WebUI from any of my directly connected FritzBox clients.

Is there a reason for this behavior ?

Best regards

4

General Discussion / OPNSense Homelab Setup Question

« on: October 29, 2023, 07:05:04 pm »

Hello OPNSense Community,

first of all, I am a complete newbee regarding networking in general so please excuse me if anything of the following does not make any sense to you.

I currently have a Fritzbox Cable 6660 as my default router provided by my ISP and I am currently tinkering with some HomeLab setup stuff.

At the moment all my clients are connected via LAN or Wifi with the FritzBox to connect to the internet.

I now got a Fujitsu S920 which I upgraded with a HP NC360T Intel PRO/1000PT Dual Port Server Adapter. I just successfully installed OPNSense on it.

I also have a spare TL-SG105 | 5-Port 10/100/1000Mbit/s Desktop Switch which I want to use in the setup I am trying to achieve.

The goal is to setup everything as shown in the attached image to achieve that all traffic that comes from Clients 4-6 which are connected with the OPNSense via the TL-SG105 switch gets OpenVPN encrypted by the OPNSense firewall via policy based routing. I also would like to configure a killswitch in the OPNSense Firewall for that Interface so that no traffic from those boxes leaves the HomeLab unencrypted.



 1. Question: Is something like that possible ?
 2. Question: If so, would it be possible to connect a Wireless AP to the switch to also make it possible to route all traffic of clients connected via Wifi through a VPN?
 3. Question: Right now I have set the onboard Ethernet port of the FujitsuS920 to WAN and configured em0 of the HP NC360T to LAN and em1 to OPT1. The OPNSense firewall successfully received an IP via DHCP from my Fritzbox Router and I was able to access the webui. Am I correct that in this network setup I can completely ignore the configured WAN port on my OPNSense firewall as it is just relevant if the OPNSense Box is directly connected to the Internet ?


Thank you all so much in advance for your time and effort.
Best regards