Messages

So I am very new to OPNsense, migrating from Smoothwall. I have a new setup with multiple vlans, FW rules, etc. For the most part things are working pretty good now. It sounds like this is a great platform, so happy to be able to utilize it now!

My next trick is to get as much ad blocking and family safe searching as possible. Currently I use Ad Guards Family DNS servers and U block Origin on the browser. This works great but I want to take things to the next level as there are LOTS of ads and such going on behind the scenes that I would like to block.

First, can Bind and Unbound DNS work together or is it best to use only one? For Bind, do I need FW rules as I currently don't have any DNS rules that I setup, only the default ones. If these can work together, based on the screenshots, is mine setup optimally? I don't think its working 100% from what I can tell. I do think some ads are being blocked so it may be close.

I would also like like to enforce the Safe Search features which I have enabled and checked but not sure they are working from my initial testing?

Bonus Points/1up's if I can get YT ads blocked from a WebOS TV setup!!!  ;D

Any help would be greatly appreciated.

marjohn56, Thanks!!!

So I have made some progress! I have 2 vlans tested and working! I am testing and working on the rest now.

I think one of the issues that was tripping me up was that on my Cisco switch even though I had the port setup as a trunk port, it looks like it was allowing me to choose tagged or untagged. I thought if it was trunk, its tagged automatically. If access its untagged.

Anyways I think I have it cleared up now, and as you said the trunks with multiple vlans are now tagged. I did have 2 of these interfaces with only a single vlan but originally configured them on the router with a vlan interface!. Now I think its best to have them as an access vlan since its hosting a single vlan. So far this is working good.

I wil continue to validate and configure the others and report back soon.  ;D

So building a new setup for my home use and went "all out" segregating about 10 vlans and such, including WiFi, Printers, etc...

For the most part I think I have it figured out but cant get dhcp working from any of the ports I tested so far.

Basically, I have most "interface" ports setup with no IP, no DHCP, and a vlan sub interface for each corresponding to that network. That vlan interface has a dhcp server for that segment and gateway of .1. I have my Cisco switch setup with the vlan for this segment (50 in this case) and tried both tagged and untagged. I think tagged is correct. For testing, I have plugged in a laptop to this one port and figured it would pull an IP on this segment but maybe I need the other interfaces setup too? Should this work or am I missing something here so far? I also tried having the laptop connected to the switch and both devices in the same vlan and connected to the corresponding port on this device but same results.

I have this sitting on my desk with only the LAN interface for testing and setting up.

Any advice?  ;D