Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
VLAN User Management
« previous
next »
Print
Pages: [
1
]
Author
Topic: VLAN User Management (Read 123 times)
opnserious
Newbie
Posts: 4
Karma: 0
VLAN User Management
«
on:
October 21, 2024, 06:00:11 pm »
Dear community,
I have a OPNsense network with multiple users that all have their own IPv6 VLAN on which they host services. At this moment I need to add the firewall rules for all of their services since I am the only OPNsense administrator. Hence, I was wondering if I could create OPNsense user accounts where each user has only control over his/her VLAN and nothing else. That is, they control the port forwarding and firewall rules for their VLAN s.t they can change firewall rules according to their needs instead of depending on me doing it for them. I would compare it to a VPS where you also have control over the firewall but cannot modify the firewall of other users.
Thank you!!
Logged
Patrick M. Hausen
Hero Member
Posts: 6826
Karma: 573
Re: VLAN User Management
«
Reply #1 on:
October 21, 2024, 08:38:05 pm »
I have no idea if this is anywhere on the road map of the developer team, sorry. But you might want to change the title of your thread to e.g. "Any possibility of delegated administration?" or similar, because that is what the feature you inquire is commonly called.
When I first read your thread title I expected you to ask about automatic mapping of users to particular VLANs like with 802.1x and AD or some such.
HTH (a tiny bit), Patrick
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1604
Karma: 176
Re: VLAN User Management
«
Reply #2 on:
October 21, 2024, 09:39:12 pm »
What would probably be more scalesble and secure is to create a main OPNsense for you, and create smaller OPNsense VMs behind that which get one IPv6 /64 prefix routed to them via a transfer network from your main router.
Then you have full control over the main OPNsense and everybody could login to their own separate OPNsense.
Its kinda like a small ISP setup really.
Logged
Hardware:
DEC740
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
VLAN User Management