Topics

Is it necessary or helpful to add "Gateway" address in the dhcp box.
My setup is
AT&T modem--->Opnsense router----> 16 port switch

For example my LAN IP or VLAN IP
192.168.4.1
255.255.255.0

DNS 8.8.8.8
Gateway 192.168.4.1

I have configured 3 VLANS, ID4, ID10 & ID20.
Default LAN 192.168.1.0/24= management
ID4 192.168.4.0/24=Home LAN
ID10 192.168.10/0/24=guest
ID20 10.0.20.0/24=IOT devices

For the default and home lan I will using the default fw rules.
I like to create a rule for guest and IOT no to have any access to the lan resource but only to internet.
I have attached few screenshots, I would really appreciate if someone can tell me what changes I need to tweak to block the access.

I have been using Opnsense for over 6 months or so. Prior to using Opnsense I used Mikrotk and EdgerouterX with Unifi AC-Lite access point.
This is for my home use. I have 4 users, 2 adults and two teenagers. The usage includes average IoT devices, mostly streaming, little work from home and regular browsing.
I'm loving Opnsense and it's performance.
My setup is very simple. I have a 1gig up/down fiber connection, provider's gateway is in pass-thru mode. My router is a fan-less embedded computer X86 box with 2 NICs, Intel i5 2.3 GHz CPU and 8 gig of ram.

My goal is to setup Opnsense with some kind of DNS to block ads, phishing sites etc.
I'm seeking suggestions so I can make a killer setup, lol.

Should I go with?
       1. Pihole
       2. Sensei – Sunny valley plugin
       3. DNS Security / Unbound DNS with DNSCrypt, DoH Plugin for IPv4 + IPv6 ( write up in the forum)

I'm sure there are many more options out there but I'm that unaware of.

Is this a feature for SSH to become unresponsive after failed log in attempts.
I have an admin user account setup also. I was trying to log in using the admin account and it gave  me a message that "This account is currently not available.
Connection to 192.168.4.1 closed".
So, when I tried with the "root" user the terminal would not even response.
Is there a timeout or cooling off setup in Opnsense?

In the /var/log folder there are many files I'm sure are old and not needed.
Is this ok to delete most of the old files?

I know it will take yrs to fill up my 100G  of disk but should I delete old or unnesessary files/folder?
If it's ok which ones should I be removing, file name and path would be helpful.

I have my Opnsense device with 2 gig network ports.
One port for WAN and the other going to a managed switch.
My setup is;
LAN 192.168.4.0/24
Sensie:
App Controls = App Tracker, Ads enabled
Web Controls = Moderate Control enabled
Protected Interfaces= LAN
Unifi AC-Lite for access point.

The current issue now that we are working from home, some of the work apps are not working right, I think because of the Ads and Ad tracker feature, both for me and my daughter.

My plan is to have 2 subnets/vlans, one for home use and the other strictly for work without any restrictions.
I want to keep the current setup for home use and the non-restricted one fo office/work use.

Any suggestion would be appreciated.

Where is the menu to see list of static IP address being used on firewall?
I can see DHCP leases under Services-->DHCPv4--?Leases.
Is there an entry for the Static IPs being used?
My router uuses 192.168.4.1 & DHCP server 192.168.4.10 to 192.168.4.100.
I have assigned static IP 192.168.4.2 to 192.168.4.9.

I have installed PiVPN and want to setup port forwarding for 51820. I'm having some difficulties. For some reason, I can't access my server from outside. It's timing out.
I know the server behind my router is working because I used to have EdgeRouter X in the past and simple port 80, 443 worked for this setup.

This is my setup now,

192.168.4.0/24
Pi VPN 192.168.4.8
My Nextcloud server is on 192.168.4.3
I have a domain name setup for the Nextcloud server.

I upgraded mine Opnsense box to 20.1.
My home network setup as 192.168.3.0/24, the
router 192.168.3.1
At&t modem in passthru mode
IP range 192.168.3.10 -100
SSH enabled
Monitor and KB plugged into the Opnsense pc.

I want to switch my subnet to 192.168.4.0/24. What is the best way to accomplish this?

I fairly new to Opnsense and working everyday to customize Opnsense to my needs and preferences. I used EdgerouterX previously so my knowledge is limited due to most basics are already enabled out of the box in Edgerouter setup.
My home network consists of 6 or 7 devices hard wired to a 16 port switch and an Unifi AP-AC Lite as wifi access point. A Pi Hole as my DNS and Ad blocker.

Well, here the questions:
-- Is there a pkg/plugin to take place of the Pi Hole in Opnsense?
-- if I have to use Pi hole as my DNS where in Opnsense GUI do I set that up? I'm confused, I see an option for unbound dns, dns resolver, dns server with gateway etc.
-- sunnyvall3y sense plugin, is it an over kill for home user?

I'm new to Opnsense and that must be my short comings, my problem figuring out how to successfully accomplish this simple thing.
I have looked every where, googling, opnsense forum, but can't get this two ports forwarding to work correctly.

Is there a write up or a tutorial someone can point me to?
Do I have to add something to alias tab or firewall rules? Any help?

Here are some screenshots of my failed attempts. The screenshots are for "http" but "https" has the similar entry.

I have installed and running in a test environment the 19.7.9_amd64.
My main router is an edgerouterX and eventually will be replaced by Opnsense once I understand the basics configuration.
My setup is pretty simple in the current configuration using the edgerourerX
1. 192.168.4.1 subnet, IP range is 192.168.4.10 to 4.100, a gig 24 port swiych
3. unify AP Lite access point
3. Port 80 and 443 forwarding for my Owncloud server
4. Raspberry Pi running Pi Hole for DNS on 192.168.4.2

What i'm trying to setup in my new Opnsense;
1. DNS server pointing to 192.168.4.2
2. forward port 80 and 443
3. just good enough firewall for a not so technical person to protect my setup

The Opnsense GUI is straightforward but overwhelming for new person like me.
--- I see few places dealing with DNS and not sure where I need to setup my 192.168.4.2 for DNS server
--- Port forwarding is little challenging in this gui, for me at least, there are many fields I'm not sure how to address
--- I noticed there are 14 firewall rules and not sure if I need any more harden it?

Any help, suggestion? I googled but not hitting the right site I guess!

I have been using Mikrotik and EdgeRouse os for my home need.
It's a very basic setup, pretty much out of the box configuration, default firewall setting with fasttrack in mikrotik .
Only thing i added is the port forwarding for my nextcloud app.

Installed Opnsense last night to play around and once I'm familiarize  myself little bit more, I will eventually replace my existing router.
Does  Opnsense enable default firewall after initial configuration or I need to create my own rules?
If it does not is there a wiki page?