OPNsense as router between Networks public IP

Started by slannish, May 21, 2019, 05:34:47 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 21, 2019, 05:34:47 PM
Hello there,

im trying to set up OPNsense as a router between the Network of my ISP and my own Network: not as a NAT Router/Firewall.
I have Information about the Net of my ISP:
(fictional Numbers)
External IP of my OPNsense: 77.22.166.194
Netmask: 30
Gateway: 77.22.166.3
DNS1:     77.22.2.1
DNS2:     77.22.2.4

Internal Network (with world access IP Adresses)
77.23.84.65
Netmask: 26

At the Moment the routing is done by a cisco 1800 which is pretty old and producing CRC Errors on both its copper Interfaces which are only 100MBit/s.
The Router is to slow for 100MBit/s
So now it is to be replaced by a OPNsense.

I heard the ISP talking of the Cisco Router as an "Edge Router".
I am pretty firm in running local Area Networks an Configuring Firewalls for that: but this is something different an i was hoping someone could point me in the right direction how to setup OPNsense to do the Routing an Firewalling for me.
The ISP is routing my external Network 77.23.84.y to the external Adress of my Router.
The IPs 77.23.84.y are the IPs known in the INternet by DNS.
In this Network my Servers are located with the IPs
77.23.84.66
77.23.84.67
77.23.84.68
77.23.84.69
and so on.

How do i setup OPNsense so the Servers are reached trough the INternet.
I wand to put rules on theses IPs in the OPNsense, like:
77.23.84.66 only port 22, 80, 443
77.23.84.67 only port 22, 80, 443
77.23.84.68 only port 22, 80, 443
77.23.84.69 only port 22, 80, 443

I would appreciate any input
Thank you :-)

Yours
Holger
May 21, 2019, 06:06:50 PM #1
you don't need a modem, too?
some cisco router has the modem as Module added, do you have a module on your opnSense?
have a nice day
vinc
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022
May 21, 2019, 09:33:19 PM #2
Hi vinc,

no i dont need no modem: my Site ist connected to the ISP via fiberglaswire.
There is just a switch with an fiberGBIC.

Yours
Holger
June 27, 2019, 10:55:15 PM #3
Hello there,

cant anyone point me in the right direction?
Is OPNsense not suitable for my setup?

yours

Holger
June 28, 2019, 12:16:46 PM #4
Hi Holger,

Start with this: Firewall, NAT, Outbound, Disable outbound NAT generation.

This will turn OPNsense into a simple firewall/router without NAT. You need to add rules to allow traffic inbound. There is a default allow rule for outbound traffic.

Bart...
June 28, 2019, 03:15:09 PM #5
Hi Bart,

thank you.
Thats a Start: i'll try that :-)

Yours
Holger
Print
Go Up Pages1
User actions