Messages

1

General Discussion / Re: Opnsense with RT6600ax ap mode

« on: October 24, 2024, 10:05:39 pm »

Not sure where the hangup is here - you configure the SSID on the AP, because the AP is providing WiFi service. OPNsense has nothing to do with it. I don't know the Synology stuff, but from a YouTube video that a quick Google search found, it appears that you would create or modify a "Local Network" under "Network Center" and specify your SSID there.

dseven,

     Thanks for this.  I just grabbed one of the AP's and tested it and it works.  I was just over thinking it like I always do rather that just trying it lol.  I will report back if I run into any problems.

2

General Discussion / Re: Opnsense with RT6600ax ap mode

« on: October 24, 2024, 02:46:05 pm »

How many devices (APs and clients) in the network? Do you need central management?

Right now I have 2 RT6600ax routers.  1 in Router mode other in AP mode.  For Wifi devices I have around 25-35.  No I don't think I need a central management other than DHCP.

I did reach out to Synology support to see if they had any insight into doing this and I have posted that below.  I have reply to them also asking the same question of who will provide the SSID for the AP's to work waiting to hear back.



Thank you for reaching out to Synology Support. I understand you are looking to use your OPNsense firewall to manage your RT6600ax when it is in access point (AP) mode.

Here are some points to consider when using the RT6600ax in AP mode with your OPNsense firewall:

    In AP mode, the RT6600ax acts as a network switch, providing wired and wireless access but not routing data or assigning IP addresses. This means your OPNsense firewall will handle all routing and IP assignments.
    Ensure that your OPNsense firewall is configured to manage the network settings, as the RT6600ax will not perform these functions in AP mode.
    If you plan to use additional features like VPN server or file sharing, you may need to configure port forwarding on your OPNsense firewall to allow external access to these services.
    For SSL VPN, typically, you would need to open port 443 on your firewall to enable connections.

Please follow these guidelines to set up your RT6600ax with your OPNsense firewall. Thank you for your patience and cooperation.

3

General Discussion / Re: Opnsense with RT6600ax ap mode

« on: October 24, 2024, 12:16:42 am »

The SSID would be configured on the AP. OPNsense wouldn't even know it's there.

That is what I thought.  What are my best options if I am unable to use my current routers in ap mode?  Ap recommendations?

4

General Discussion / Opnsense with RT6600ax ap mode

« on: October 23, 2024, 09:41:06 pm »

Hey everyone,

     I have just setup my Opnsense FW and want to use my RT6600ax routers into AP's.  I have read a few things online that looks like if I just turn on AP mode I can use them for AP's.  But my first question is where would they get the SSID from?

Thanks for the help!

5

General Discussion / Re: opnsense transparent filtering bridge no WAN

« on: September 05, 2024, 01:05:52 am »

Don't your current device(s) have an AP mode?

Patrick,  I am currently using 2 RT6600ax, one being a router the other in AP-Mode. But I was not sure if this AP mode is only for there own mesh wifi or if I could use these in AP mode and use opnsense as my firewall. 

I know some users have used ubiquiti with the controller installed but I just recently moved away from ubiquiti but was not sure if/what options out there to use for Ap's.

6

General Discussion / Re: opnsense transparent filtering bridge no WAN

« on: September 04, 2024, 08:50:34 pm »

I don't know what you can and cannot do with this transparent bridge setup. I have never used it and probably never will. I always connect OPNsense to the Internet as a router and have strictly internal access points for WiFi. Sorry.

No worries, you have already helped a bunch!! I will keep messing around with it to see what I could do.  I would love to have opnsense as my full router but I would have to invest into different aps unless I am able to use the current devices I have in an AP mode with it.

7

General Discussion / Re: opnsense transparent filtering bridge no WAN

« on: September 04, 2024, 08:36:57 pm »

The transparent bridge won't have an IP address. It just bridges from your ISP to your router and the latter will continue to get its IP address from your ISP via DHCP just like before. No DHCP server on OPNsense anywhere!

Make sure you disable the firewall in OPNsense for initial deployment.

When that works, connect the management interface to your internal network and set it to use DHCP for configuration. It will get an IP address, gateway, DNS ... from your router and can be used to manage OPNsense from your PC and to pull updates, sync the time, etc.

Then you can investigate how to set up the transparent bridge to actually perform some filtering.
HTH, good luck,
Patrick

Patrick,

     Thank you for the help that has worked!!

I now have it setup as WAN->Opnsense->Router->Lan

Now just a quick question Patrick, with this setup can I setup adgaurd dns to filter all the traffic or do I need to dedicated a port to be able to do it so then devices on my network can get an IP from it?

8

General Discussion / Re: opnsense transparent filtering bridge no WAN

« on: September 04, 2024, 03:47:29 pm »

How does your router connect to your ISP? If it is PPPoE a transparent bridge in that position does not make sense. If it's DHCP or static, it can work, but you will have to give your OPNsense a separate management interface and connect that to your internal LAN.

Patrick, thanks for the reply!

So my router is NOT using PPPoE and it is set to Auto "DCHP".  I also configured a separate management port as well to be able to get into the firewall and that works fine.

Right now I have the LANWAN bridge set to DCHP and when i connect the router it looks to grabs an IP from opnsense firewall but I get no internet traffic.  Even with just the WAN connected to it I get no internet.

9

General Discussion / Re: opnsense transparent filtering bridge no WAN

« on: September 04, 2024, 02:45:36 pm »

I've not actually done this myself, but I believe all of those guides expect you to place the bridge on the LAN side of your existing (ISP) router - i.e. the WAN port of the opnsense box would be connected to the LAN port of the existing router, and the LAN port of the opnsense box would be connected to a LAN switch - so like Internet<->Router<->Bridge<->LAN.

dseven,  Yes you are correct but wanted to now if there is a way to get it to go from WAN->opnense->router->lan.  Trying to protect my wifi network as well that is why I am trying to get this done.

I do notice that the router does get an IP from the opnsense firewall but again no internet.

10

General Discussion / opnsense transparent filtering bridge no WAN

« on: September 04, 2024, 12:11:07 pm »

Hey everyone,

      I have been trying to setup a transparent filtering bridge but when I get it all setup the firewall seems to not be getting internet. I have added my layout below.

Internet->opnsense->router->

When I have it setup like this I have no internet within the opnsense firewall and then my router never works.  I have followed these tuts and videos below.

https://docs.opnsense.org/manual/how-tos/transparent_bridge.html
https://www.youtube.com/watch?v=dTUvlFfThPw
https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-transparent-filtering-bridge-on-opnsense

Please let me know if there are any screen shots I should post to better help.

Thanks!