New setup - normal to have no WAN rules?

Started by g0nz0uk, March 26, 2021, 12:03:34 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 26, 2021, 12:03:34 PM
Hello,

I'm about to swap out my pfSense VM with a hardware based OPNsense FW, is it normal to have no rules in the WAN rule section, does it just auto NAT LAN to WAN so I should get on the Internet?

I've got the WAN port set to DHCP and will connect my Virgin Broadband router in modem mode soon.

Thanks
March 26, 2021, 12:08:04 PM #1
Yes :)

An automatic NAT rule will be generated, following the initial setup wizard.

Port Assignments:

By default, the system will be configured with 2 interfaces LAN & WAN. The first network port found will be configured as LAN and the second will be WAN.

IP ranges & DHCP:

The WAN port will have a DHCP client and expects to be assigned an IP address. (This will be handled by the Virgin Hub being in Bridge Mode)
The LAN port will have a DHCP server, a static ip of 192.168.1.1/24 and offers IP addresses in the range of 192.168.1.100-200.
March 26, 2021, 12:45:25 PM #2
Normally you should just need WAN rules if you want to make services accessible from the internet - but that's the same on pfsense
(Unoffial Community) OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support
March 26, 2021, 01:05:23 PM #3
The only rule needed is the "ALLOW any any" rule on LAN, which is in place ootb. Don't add anyting to WAN, not needed.

Narrowing down the LAN rule to the services needed (HTTP, HTTPS, IMAPs, SMTPs...) is best practice, then you can disable the "ALLOW any any" rule.
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
March 26, 2021, 01:07:38 PM #4
Thanks all!
Print
Go Up Pages1
User actions