"
Thank you! It works now.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
25.1, 25.4 Production Series / Re: OpenVPN Settings
March 22, 2025, 06:46:12 AM
The firewall Rule for the OpenVPN Server interface was set to the following:
TCP/IP Version: IPv4+IPv6
Gateway: Default
If I try to change the Gateway to the ProtonVPN/Wireguard interface, I get an error saying "You can not assign a gateway to a rule that applies to IPv4 and IPv6"
If I change TCP/IP Version to IPv4 only, then I can change the Gateway to the ProtonVPN/Wireguard interface, but when I connect a remote device via OpenVPN, I cannot access the network or access the internet.
TCP/IP Version: IPv4+IPv6
Gateway: Default
If I try to change the Gateway to the ProtonVPN/Wireguard interface, I get an error saying "You can not assign a gateway to a rule that applies to IPv4 and IPv6"
If I change TCP/IP Version to IPv4 only, then I can change the Gateway to the ProtonVPN/Wireguard interface, but when I connect a remote device via OpenVPN, I cannot access the network or access the internet.
#3
25.1, 25.4 Production Series / OpenVPN Settings
March 21, 2025, 12:51:54 AM
I have OPNsense v 25.1.3 running with Wireguard/ProtonVPN and DNS Crypt. When I am on my internal LAN, I receive an IP from ProtonVPN and do not have any DNS leaks.
I have OpenVPN setup to access my LAN from outside my network. Whenever I connect via OpenVPN, however, I receive the external IP address of my WAN, not my ProtonVPN. Is this something I can change? DNS Crypt appears to be working while connecting via OpenVPN, but my IP is that if my Internet provider.
Thoughts?
I have OpenVPN setup to access my LAN from outside my network. Whenever I connect via OpenVPN, however, I receive the external IP address of my WAN, not my ProtonVPN. Is this something I can change? DNS Crypt appears to be working while connecting via OpenVPN, but my IP is that if my Internet provider.
Thoughts?
#4
25.1, 25.4 Production Series / Monit: How do I Setup an alert for a new Captive Portal session
March 11, 2025, 06:08:11 PM
I have a Guest Wifi up and Running with the Captive Portal splash page. I have Monit up and running. I want to get an email from OPNsense when a new Guest Wifi session happens. Is there an easy way to do this with Monit?
#5
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
March 10, 2025, 06:18:11 AM
I just switched the virtual wireless interface from 2.4GHz to 5.0 GHz and everything works!
#6
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
March 10, 2025, 01:32:13 AM
I cannot get OPNsense to provide IP address to VLAN3.
Here is the current setup.
[OPNsense 25.1-amd64] LAN em4 <---> port 1 [Netgear GS308 Switch] port 7 <---> port 4 [Netgear R7000 Access Point running DD-WRT]
On the Netgear GS308 Switch,
VLAN3 is Tagged on Port 1 and Tagged on Port 7
VLAN1 is Untagged on Port 1 and Tagged on Port 7
On the R7000 Access Point running DD-WRT,
VLAN3 is Tagged on Port 4
VLAN1 is Tagged on Port 4
OPNSense Interface Assignments
VLAN3 Interface
VLAN3 DHCP Enabled
Netgear GS308 VLAN1 Settings
Netgear GS308 VLAN3 Settings
R7000 VLAN settings
Here is the current setup.
[OPNsense 25.1-amd64] LAN em4 <---> port 1 [Netgear GS308 Switch] port 7 <---> port 4 [Netgear R7000 Access Point running DD-WRT]
On the Netgear GS308 Switch,
VLAN3 is Tagged on Port 1 and Tagged on Port 7
VLAN1 is Untagged on Port 1 and Tagged on Port 7
On the R7000 Access Point running DD-WRT,
VLAN3 is Tagged on Port 4
VLAN1 is Tagged on Port 4
OPNSense Interface Assignments
VLAN3 Interface
VLAN3 DHCP Enabled
Netgear GS308 VLAN1 Settings
Netgear GS308 VLAN3 Settings
R7000 VLAN settings
#7
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
March 06, 2025, 09:12:28 PMQuote from: Patrick M. Hausen on February 12, 2025, 07:42:30 PMThen you need to set up LAN and GuestWifi tagged on OPNsense without a bridge interface, configure VLANs 2 and 3 on the port connecting your switch to OPNsense by using the management interface of the switch, similarly configure VLANs 2 and 3 on the ports connecting the APs, and map the SSIDs to the VLANs.
I now have a managed switch. I want to try to tackle this. Can you point me to any relevant resources to accomplish what you wrote above? I have a Netgear GS308E switch.
Thanks in advance.
#8
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
February 12, 2025, 09:10:08 PM
"Then you need to set up LAN and GuestWifi tagged on OPNsense without a bridge interface, configure VLANs 2 and 3 on the port connecting your switch to OPNsense by using the management interface of the switch, similarly configure VLANs 2 and 3 on the ports connecting the APs, and map the SSIDs to the VLANs."
In the above set-up, what setting do I use in R7000 DD-WRT? Right now, it's set as Router (which I believe is bridge mode).
In the above set-up, what setting do I use in R7000 DD-WRT? Right now, it's set as Router (which I believe is bridge mode).
#9
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
February 12, 2025, 08:36:14 PM
Unfortunately, it is an unmanaged switch. I will look for a managed switch.
#10
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
February 12, 2025, 07:36:31 PM
"Assuming your OPNsense interfaces are e.g. em1 for WAN, em0 for wired LAN and em2, em3, and em4 running to your APs, you need to:"
em2, em3, and em4 are empty ports on the OPNsense. I run em0 to a TP-Link 24 port Gigabit Switch (TL-SG1024S) that then runs individual wires to each AP. I use each AP for both wired and wireless connections. Each AP is running DD-WRT with br0 connecting eth0 and eth1 and vlan1, which is not tagged.
em2, em3, and em4 are empty ports on the OPNsense. I run em0 to a TP-Link 24 port Gigabit Switch (TL-SG1024S) that then runs individual wires to each AP. I use each AP for both wired and wireless connections. Each AP is running DD-WRT with br0 connecting eth0 and eth1 and vlan1, which is not tagged.
#11
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
February 12, 2025, 07:07:59 PM
Here are my interfaces...
#12
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
February 12, 2025, 06:51:39 PM
I'm a newbie and I'm starting to get confused.
My original set-up was OPNsesne connected to 3 R7000's running in dumb AP mode. The OPNsense provided the DHCP to each on my LAN (everything has the same IP range). It's works fine. I just want to create a Guest WiFi that is separate is all I am trying to do.
My original set-up was OPNsesne connected to 3 R7000's running in dumb AP mode. The OPNsense provided the DHCP to each on my LAN (everything has the same IP range). It's works fine. I just want to create a Guest WiFi that is separate is all I am trying to do.
#13
25.1, 25.4 Production Series / Re: Assistance setting up a both Guest WiFi and Trusted WiFi
February 12, 2025, 06:35:35 PM
What if I create another tagged VLAN (#4) for Trusted WiFi. Can I specify in OPNsense that Tagged #4 use the same IP range as my LAN, just a different subnet?
#14
25.1, 25.4 Production Series / Assistance setting up a both Guest WiFi and Trusted WiFi
February 12, 2025, 06:05:08 PM
Newbie here.
I am running OPNsense Version 25.1-amd64 connected to a Cable Modem and 3 Netgear R7000 running DD-WRT v3.0-r59468 std (02/02/25). I have successfully implemented a Wireguard/ProtonVPN connection. I followed the instructions to setup a Guest Network (https://docs.opnsense.org/manual/how-tos/guestnet.html). I was able to create and implement VLAN (tagged #3) on the R7000 serving a Guest WiFi which works as expected (i.e., OPNsense DHCP assigns an IP in the Guest Network which is separate from LAN).
However, I also want to connect to WiFi like I did prior to the Guest WiFi was implemented. I only have 1 ethernet cable connected to a single physical Port running from the OPNsense to each R7000. Whenever I tag the VLAN (#3) and assign it to that physical port, I lose the ability to connect the Trusted WiFi (untagged VLAN #1) to the LAN and getting an IP within my LAN.
Can I have both a tagged VLAN (#3) and an untagged VLAN (#1) running over a single physical port?
Thoughts?
Thanks in advance.
I am running OPNsense Version 25.1-amd64 connected to a Cable Modem and 3 Netgear R7000 running DD-WRT v3.0-r59468 std (02/02/25). I have successfully implemented a Wireguard/ProtonVPN connection. I followed the instructions to setup a Guest Network (https://docs.opnsense.org/manual/how-tos/guestnet.html). I was able to create and implement VLAN (tagged #3) on the R7000 serving a Guest WiFi which works as expected (i.e., OPNsense DHCP assigns an IP in the Guest Network which is separate from LAN).
However, I also want to connect to WiFi like I did prior to the Guest WiFi was implemented. I only have 1 ethernet cable connected to a single physical Port running from the OPNsense to each R7000. Whenever I tag the VLAN (#3) and assign it to that physical port, I lose the ability to connect the Trusted WiFi (untagged VLAN #1) to the LAN and getting an IP within my LAN.
Can I have both a tagged VLAN (#3) and an untagged VLAN (#1) running over a single physical port?
Thoughts?
Thanks in advance.
Pages1
