Show Posts
1
Tutorials and FAQs / HOWTO: Test/Setup Protectli/Opnsense on existing 192.168.1.1 router
« on: March 25, 2024, 08:20:38 pm »
I have an existing router that is at 192.168.1.1. I wanted to set up the Protectli/Opnsense box on my existing network just to set most everything up before yanking out my existing router and then struggling to configure the new one in a panic. I couldn't find this documented anywhere, so consider this my personal experience. Being done on a Debian box with Spectrum Cable as the ISP.
1: Forget the serial connection. Connect the Protectli/Opnsense box to a monitor/keyboard/mouse. Also connect a patch cord from a laptop eth port into the LAN port of the Protectli/Opnsense box. Turn on the Protectli.
2: Log into the console as root/opnsense.
3: select (1) Assign interfaces if your LAN is not already set to igc1 and WAN as igc0.
4: select (2) Set interface IP address, and establish igc1 LAN as static 192.168.168.1 with /24. Continue to use https as web gateway, create new certs, don't use dhcp, don't reset webgui.
5: On laptop. Confirm that wifi is off. Eth cable is connected to Protectli box.
6: Enter these commands:
`sudo su`
`ip a` # to determine your eth device name mine is enp7s0f1
`ip addr flush dev enp7s0f1` # use your own ethernet device name instead of mine
`ip addr add 192.168.168.10/24 dev enp7s0f1` # this sets laptop IP to 192.168.168.10 temporarily
ip route add default via 192.168.168.1`
`ping 192.168.168.1` # you should be getting response from Protectli now. Ctrl C to kill the ping.
Now, you can open a browser and point it at https://192.168.168.1. You may need to override browser security attempts.
If no access, go over to the Opnsense console and select (
Shell.
Enter this comand to temporarily turn off firewall:
`pfctl -d`
Try web gui again.
You should now have access to the web gui. Go break something now....
1: Forget the serial connection. Connect the Protectli/Opnsense box to a monitor/keyboard/mouse. Also connect a patch cord from a laptop eth port into the LAN port of the Protectli/Opnsense box. Turn on the Protectli.
2: Log into the console as root/opnsense.
3: select (1) Assign interfaces if your LAN is not already set to igc1 and WAN as igc0.
4: select (2) Set interface IP address, and establish igc1 LAN as static 192.168.168.1 with /24. Continue to use https as web gateway, create new certs, don't use dhcp, don't reset webgui.
5: On laptop. Confirm that wifi is off. Eth cable is connected to Protectli box.
6: Enter these commands:
`sudo su`
`ip a` # to determine your eth device name mine is enp7s0f1
`ip addr flush dev enp7s0f1` # use your own ethernet device name instead of mine
`ip addr add 192.168.168.10/24 dev enp7s0f1` # this sets laptop IP to 192.168.168.10 temporarily
ip route add default via 192.168.168.1`
`ping 192.168.168.1` # you should be getting response from Protectli now. Ctrl C to kill the ping.
Now, you can open a browser and point it at https://192.168.168.1. You may need to override browser security attempts.
If no access, go over to the Opnsense console and select (
Shell.Enter this comand to temporarily turn off firewall:
`pfctl -d`
Try web gui again.
You should now have access to the web gui. Go break something now....