Messages

The IP I'm defining is a valid one. Still not working.

I will double check and try again once I get home. However, I've tried two times previously and am pretty sure the IP address is within the same subnet: 192.168.1.20. Smartphone is on 192.168.1.22 and works fine. The dynamic range is set from 192.168.1.50 - 192.168.1.250.

Thank you for your reply.

That makes sense. Thank you! :)

Dear dseven

Thank you for this information. I've been able to set it all up. I will mark this thread as solved.

Kind regards

Say I have a Home vlan on 192.168.10.x/24 and a Guest vlan on 192.168.20.x/24.
I then create an alias encompassing the private IP addresses defined by the RFC1918 (10.x.x.x, 172.x.x.x and 192.168.x.x/16).
I then want to block all traffic coming in the guest vlan interface that is going out to the Home network. Does the 192.168.x.x/16 network in the alias also encompass the 192.168.10.x/24 network? Or should I add an extra network in the alias of private IP addresses specifically stating 192.168.10.x/24?

Thank you in advance for your reply.

Kind regards

Dear opnsensers

My setup is as follows:
- OPNsense firewall
- Unifi ultra switch
- Unifi U6+ access point

My home devices are living on the default vlan1 (192.168.1.x). Whenever I go to services -> ISC DHCPv4 -> LAN and assign the MAC address of my laptop (HP, running Windows 11) a static IP address outside of the dynamic range, I am unable to connect to wifi. I am getting an IP address on a completely different network (169.x.x.x) and the wifi status displays "secured, no internet". I can connect via cable again and turn off the static mapping, after which I get a correct IP address and can access the internet. I also did the same for my smartphone (apple iPhone), and that one works fine. Has anyone encountered this before and/or know how to solve? If you need more information, please let me know.

Kind regards

Hello

The configuration above worked, and I am getting a stable internet connection through the opnsense router! :). However (not a question, just going to rant here a bit), I'm slowly figuring out that the ubiquiti switch and access point I have will not work since the gateway is not ubiquiti as well lol. No way to access the unifi.ui site manager without paying $30/month for their hosting services. The switch is working and actively handling the traffic now, just no way to configure it with all the vlan capabilities and stuff without access to their site manager. Makes me pretty pissed. Anyway, I should have seen this coming and thought about before buying. Thank you for your support. 

Kind regards

Thank you for your reply.

If I understand correctly. The physical WAN port (igb0 in my case), needs to be assigned to the VLAN20 device.

Intermezzo: Does "device" mean the same as a "network interface card"?

I'm assuming I can also do this through the web GUI like so (see screenshot). I've currently disabled the modem_wan interface (vlan20) and assigned it to the actual physical WAN port, since opnsense threw an error stating that the device is connected to two interfaces. I'll try this and update if it works.

Kind regards

Dear OPNsensers

I am in Belgium and my internet is being provided by the Proximus ISP. I have a fiber modem installed and would like to attach my own private router instead of their smart box. My router has one physical WAN port and one physical LAN port. The ISP demands that "the WAN interface must be tagged to VLAN 20." I am now wondering how I need to configure this. Am I correct in creating a VLAN with the physical WAN port as its parent and then assigning the interface? I'm assuming I should also make some configurations in the firewall to properly route the traffic? I would appreciate if someone could provide some guidance on how to set this up correctly. Thank you in advance!

Kind regards