Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - tcb

#1
General Discussion / CPE VPN device behind OPNSense
December 13, 2024, 11:27:33 AM
Hi,

i need to add a CPE device for an SD-WAN solution behind our OPNSens. Certain networks of remote branches needs to be routed through this device. It should have just limited access to the internet and be isolated from other devices. It's connected to two individual ports on OPNSense.

My apporach would be to create 2 independent networks on this two NICs: 192.168.100.1/24 and 192.168.101.1/24. The CPE would have 192.168.100.2/24 on WAN and 192.168.101.2/24 on LAN. I would then set firewall rules to allow traffic. I need to set routes to reach remote networks through the CPE.

Does this make sense? Is there any simple way of doing it? How would be your approach? What should i take care of in terms of config and security best practice?

Thanks for all comments and recommendations!

Regards