Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
MAC limiting
« previous
next »
Print
Pages: [
1
]
Author
Topic: MAC limiting (Read 860 times)
New2Opn
Newbie
Posts: 3
Karma: 0
MAC limiting
«
on:
December 19, 2023, 05:43:53 pm »
Can MAC limiting be accomplished with OPNsense? (It's my understanding MAC limiting is different than MAC filtering).
Logged
netnut
Sr. Member
Posts: 272
Karma: 33
Re: MAC limiting
«
Reply #1 on:
December 19, 2023, 06:52:37 pm »
What are you trying to achieve? MAC learning and limiting is normally a switch port feature, even better you can use MAC filtering to limit MAC's ;-).
You can configure a bridge with OPNsense which is basically a (software) switch, but if you looking for features like MAC filtering, Port Security, DHCP Snooping and other stuff you should use a hardware switch. Common is to use a firewall (like OPNsense) with a fast (10Gb / 25Gb) LAGG to a switch where you configure all your port security features.
Logged
New2Opn
Newbie
Posts: 3
Karma: 0
Re: MAC limiting
«
Reply #2 on:
December 20, 2023, 02:42:36 pm »
Thanks for your comments.
I am not using Opnsense yet. I am just trying to figure out which features would be best for my network use, and see if they can be done with Opnsense. I'd like to have some vlans, some firewall rules, and whatever provides similar features as PFsense's PFBlocker, which I believe is Zenarmor (please correct me if I'm wrong). I'm also potentially interested in using a VPN if it won't slow everything too much. It was suggested to me that if I add vlans with a switch, I should also look into adding Mac Limiting, which seems to limit the number of address that can connect to a switch port. I am wondering if vlans can be set up like this in Opnsense.
Please let me know if there are other features you'd recommend for a home set up. Is Suricata recommended for a home setup, or will it be too advanced to monitor, and understand, for the average home Joe with only a very basic understanding of home networks?
Logged
netnut
Sr. Member
Posts: 272
Karma: 33
Re: MAC limiting
«
Reply #3 on:
December 20, 2023, 10:15:00 pm »
Quote from: New2Opn on December 20, 2023, 02:42:36 pm
Please let me know if there are other features you'd recommend for a home set up.
There's no single home network to rule them all. It all depends on requirements and purpose, would you just like provide some lan/wifi for wife and kids or do you want to learn and experiment with different network technologies.
My only advice would be to dream big and build small. Those big dreams helps to select the right equipment when you start, firewall hardware and switches can be expensive and many times used for >5 years.
After purchase the building start, this will depend on your specific OPNsense and generic network/firewall knowledge. Build in small steps, piece by piece and try to understand what you build.
MAC limiting would be one of my last concerns in a home network ;-). If you want to dive deep into port security, things like Dynamic ARP inspection, IP Source Guard (ipv4/ipv6), ND inspection are far more relevant. Hence the "Dream Big", this requires a more advanced (and more expensive) switch
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
MAC limiting