OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of skyjam »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - skyjam

Pages: [1]
1
General Discussion / implement new network setup, DHCP WAN address with additional static subnet
« on: February 22, 2022, 11:49:56 am »
Hi there

I need to setup an additional site and I have the following requirements:
  • The IP address range will be routed through a static IP address that will be assigned to the router with MAC reservation.
  • Behind this static IP address, the subnet for the IP range is implemented by the customer (5 public IP addresses are available in this subnet).

I get a static range /29, (i.e. 55.66.77.88) whereas:
  • .88 => the first address will be the network address
  • .89 => the second address is the local gateway
  • .90-94 => the 3rd to 7th address can be used as desired
  • .95 => the last address is for broadcast

How do I need to setup opnSense to use this subnet with a private LAN subnet and NAT routing?
I guess the WAN is simply DHCP.
Do I need to add Virtual IPs fot the static subnet?

Thanks for your hints!

2
General Discussion / DHCP server vendor class settings
« on: January 04, 2021, 12:05:17 pm »
Hi there,

I'm looking for information on how to define vendor class settings to be set for DHCP server on LAN.

It looks like it is not possible using the web Interface.
Any manual modifications to dhcpd.conf seeem to be overwritten automatically...

Maybe adding the possibility in the web interface to define an include file for dhcpd.conf?
Code: [Select]
include "/mypath/myfile.conf";

3
German - Deutsch / Upgrade: wo kann ich etwas im Filesystem speichen, das nicht überschrieben wird?
« on: October 29, 2020, 11:19:35 am »
Hallo zusammen

Ich möchte irgendwo im Filesystem meiner opnSense ein PHP Skript für Cron speichern, das bei einem künftigen Upgrade nicht gelöscht/überschrieben wird.
Ist das möglich? Falls ja, wo im Filesystem/Pfad?

Vielen Dank für die Antworten!

4
General Discussion / path for custom files that is never overwritten
« on: October 06, 2020, 01:45:18 pm »
Hi there

Where in my local path can I store custom files (php) on a full OPNsense install and keep them safe even after an upgrade of the system?

Thanks for clarification.

5
Development and Code Review / Update for dynDNS plugin - Cloudflare
« on: February 26, 2020, 11:30:55 pm »
Hi there

I have worked on the Cloudflare plugin:
Now it supports setting of TTL (seems to be broken in current plugin, since Cloudflare has set this to mandatory, see issue #1668) and it supports the use of an API token.

I don't have a GitHub account. Maybe someone can check my work and merge it?

See attached file

Thanks!

6
German - Deutsch / Verkaufe 3x Watchguard XTM5
« on: January 31, 2020, 03:55:33 pm »
Hallo zusammen

Keine Ahnung, ob ich das hier posten darf. Leider gibt es keine geeignete Kategorie.

Ich habe 3x Watchguard XTM5 Firewalls mit opnSense zu verkaufen.
  • 19" Rackeinbau
  • 8GB RAM
  • Intel Xeon CPU L5420 @ 2.50GHz (4 cores)
  • 8GB SSD
  • 6x Gigabit LAN
Versand in EU oder CH.

Bitte bei Interesse PN mit Preisvorschlag.

7
General Discussion / Need some help setting up VLANs on my switches
« on: October 31, 2019, 11:01:46 pm »
Hi there

This is not directly related to opnSense.
I'm stuck on setting up VLAN's on my switches to support a separate guest VLAN for my Unifi access points.
I have my internal Network to not use a VLAN, and my guest network will use VLAN 100 on the unifi AP's. (The AP's will add the VLAN tag!)


Code: [Select]

                         (eth1, no VLAN)
     (eth0) |¯¯¯¯¯¯¯¯¯¯|-------------------|¯¯¯¯¯¯¯¯|        |¯¯¯¯¯¯¯|        |¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯|
WAN --------| OPNSENSE |                   | D-Link |--------| CISCO |--------| some devices (PC's) |
            |__________|-------------------|________|        |_______|        |_____________________|
                         (eth2, no VLAN)       |                |
                                               |                |
                                        |¯¯¯¯¯¯¯¯¯¯¯¯|    |¯¯¯¯¯¯¯¯¯¯¯¯|
                                        | unifi AP 1 |    | unifi AP 2 |
                                        |____________|    |____________|


I want to use two ports of my opnSense firewall for this: eth1 should be default internal network, eth2 should be separated guest network.
opnSense must not set VLAN tags. The switches must do that!
Both networks feed into my first switch, a D-Link DGS-3100, which is capable of VLAN and VLAN trunking. Port 5 goes into eth1, Port 6 into eth2.
This switch is uplinked with port 1 to my Cisco SG300 switch, which is also capable of VLAN and VLAN trunking.

How do i set up tagging, untagging and trunking on the ports?

Currently I have this: (check attaced screenshots)
D-Link:


Cisco:


Part of the D-Link config file:
Code: [Select]
! VLAN
 
config vlan default delete 1:6
create vlan WIFI_Guest tag 100
config vlan WIFI_Guest add untagged 1:6
config gvrp 1:6 pvid 100
enable vlan_trunk
config vlan_trunk ports 1:1 state enable
Part of the CISCO config file:
Code: [Select]
vlan database
vlan 100
exit
!
interface vlan 100
 name WIFI_Guest
!
interface gigabitethernet1
 switchport trunk allowed vlan add 100
!
interface gigabitethernet2
 switchport trunk allowed vlan add 100
!
interface gigabitethernet3
 switchport trunk allowed vlan add 100
!
interface gigabitethernet4
 switchport trunk allowed vlan add 100
!
interface gigabitethernet5
 switchport trunk allowed vlan add 100
!
interface gigabitethernet6
 switchport trunk allowed vlan add 100
!
interface gigabitethernet7
 switchport trunk allowed vlan add 100
!
interface gigabitethernet8
 switchport trunk allowed vlan add 100
!
interface gigabitethernet9
 switchport trunk allowed vlan add 100
!
interface gigabitethernet10
 switchport trunk allowed vlan add 100
!
exit

8
Hardware and Performance / PPPoE with separate router/bridge
« on: September 25, 2018, 05:14:45 pm »
Hi there

as there is a PPPoE problem in FreeBSD and it doesn't look like it will be solved in a reasonable timeframe I'm thinking of putting a router/bridge in front of my setup like this:
Code: [Select]
      WAN / Internet
            :
            : FTTH provider
            :
      .----+------------.
      |  PPPoE Router  |  (or Bridge, whatever)
      '-----+-----------'
            |
          WAN
            |
      .-----+------.
      |  OPNsense |
      '-----+------'
            |
          LAN

Internet is provided with PPPoE and VLAN ID.
I have fixed IP's I want to use with opnSense.

Is there any cheap router/Bridge/whatever available to just do this:
"transform" the ISP's signal to use with a regular WAN port of my opnSense router?
If necessary I can also put a fiber converter in front, too.
It may even use one of my public IP's.

Thank you for all hints!

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2