Networking step by step (beginner level).

Started by guest33474, June 03, 2022, 08:17:12 AM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
June 03, 2022, 08:17:12 AM
Hi. I would like to start my adventure with opnsense and know more day by day. I decided to buy dell wyse 5070 and make firewall for study purpose.
The network at the moment looks like the picture below.

The ISP's router has the ip address: 192.168.0.1 then I run the internet through a powerline cable to my room where I want opnsense to run: LAN 192.168.0.3, then a USB-ethernet as WAN 192.168.1.1 to my router (opnwrt): 192.168.1.2. from the router the internet is to go by cable to the computers.
The steps in the video above have been done:
https://www.youtube.com/watch?v=doFZiJrBnek
The steps from the link below have also been done:
https://homenetworkguy.com/how-to/use-opnsense-router-behind-another-router/
but the Internet still does not work in the router (192.168.1.2).
Where am I making a mistake? What is wrong?
Tell me what to do step by step.
Greetings
June 03, 2022, 09:52:16 AM #1
Maybe start by using one router instead of many.

Start reading here: https://en.wikipedia.org/wiki/OSI_model
June 03, 2022, 10:02:33 AM #2
What's wrong with separating the network? I've been working this way so far and it's fine, thanks to this the person I live with can't see my devices, additionally thanks to the router I can access these devices wirelessly.
Using one router in my opinion is not the answer to my opnsense configuration problem.
June 03, 2022, 03:57:05 PM #3
based on your information, you are interchangeably using firewall/router as if they were the same. They are not.

So, based on the statement above. you have not provided sufficient information for me to help you.

one hint, I see triple NAT'ing...
June 03, 2022, 04:34:10 PM #4
What information do I need to provide or what can I do to help?
June 03, 2022, 05:05:59 PM #5
WOW, where to begin...

how far can you ping? or better yet, can you ping anything from anywhere... LOL
June 05, 2022, 12:17:45 PM #6 Last Edit: June 05, 2022, 12:19:23 PM by defaultuserfoo
Quote from: guest33474 on June 03, 2022, 10:02:33 AM
What's wrong with separating the network? I've been working this way so far and it's fine, thanks to this the person I live with can't see my devices, additionally thanks to the router I can access these devices wirelessly.
Using one router in my opinion is not the answer to my opnsense configuration problem.

IIUC, you have started the adventure of learning some networking.  It would make sense to me to start with the least complicated network design, and once everything is working for a while, go for the next step.  The least complicated network design doesn't involve multiple routers/firewalls.

For learning networking, I found the documentation of the 5500 series switches from HP extremely useful.  If you can get one of these switches for a reasonable price, go ahead and get one.  Otherwise, you can probably as well start with a Procurve 2848 or the like and use their documentation.  HP has outstanding documentation for their stuff.

As to routers/firewalls, HP makes or made the MSR 1000 series, like the MSR 1002.  The documentation on those is also outstanding, and I can highly recommend it.  You can probably get a MSM 1002 for like 100 off ebay.  They are great for learning; the only disadvantage is they have a fan which can get rather annoying, though it's pretty quiet.  The switches are way louder.

I don't know what you mean by "separating the network".  Routers are not for separating networks but for connecting them :)  Of course you can have multiple routers within the same network, and when you know what you're doing, it can be useful.  In any case, each router makes a single point of failure, and routers tend to be crucial because when they don't work, the network(s) they connect tend to be disconnected, and that can very easily get expensive.
June 06, 2022, 09:55:08 AM #7 Last Edit: June 06, 2022, 10:25:32 AM by m8kbv
Ok, change of concept:



We have a router from the ISP (192.168.0.1)
I want to connect a computer with OPNSESNE to it (configured to 192.168.0.2).
I connect usb-ethernet to it (configured to 192.168.0.3).
The usb-ethernet card is connected to a switch (which I bought THIS WEEK [Qnap QSW-2104-2t]).
What should I do (how should I configure opnsense) to use the built-in rj45 connector on my computer (labeled LAN in opnsense) to access the Internet on the switch with the usb-ethernet card (labeled WAN)?
Regards.
June 06, 2022, 11:04:01 AM #8
Quote from: m8kbv on June 06, 2022, 09:55:08 AM
Ok, change of concept:
First of all, you should not add your post to a similar thread rather you should have started a new thread.

As mentioned earlier in this thread, your configuration is not good. ;) What make/model of router do you have from your ISP, who is your ISP? Can the router from your ISP do 'passthrough' (of your internet connection), if you don't know then do some research on the model.
Regards


Bill
June 06, 2022, 11:28:04 AM #9 Last Edit: June 06, 2022, 12:15:57 PM by m8kbv
This is my thread, I created my account anew.
Compal ch7465lg-lc, ISP: UPC.
The router has the following functions disabled by the operator: nat, port and modem mode forwarding, passthrough. These options are not there, I know that in other configurations of this router they should be. The contract is not on me and I can't ask the operator to activate these functions.
June 06, 2022, 02:54:09 PM #10
routing can only between different networksegments, so do not use 192.168.0.2/24 and 192.168.0.3/24 on your opnsense router. But rather use 192.168.1.1/24 (for example) for the  LAN part.

I think this is a nice starting guide: https://homenetworkguy.com/how-to/use-opnsense-router-behind-another-router/
June 06, 2022, 03:23:49 PM #11
192.168.0.3 is for wan opnsense, 192.168.1.1 is for wan.
I used this link but apparently I was doing something wrong, after work I will sit down to try the configuration again.
June 06, 2022, 04:22:49 PM #12 Last Edit: June 06, 2022, 04:35:28 PM by defaultuserfoo
Get rid of the router provided by the ISP.  Get decent network cards for your computer and forget about USB.  Get a switch that can be managed; unmanaged ones are for special cases only and are of very limited use.

You can skip 2.5Gbit and better either stick with 100MB (which is plenty for learning and inexpensive) or 1GB (which is fine for anything but special cases).  Then if you really do need more bandwidth, go straight for 10Gbit.  (What's the point of 2.5?  If you have that much data to transfer and if your hardware is fast enough for it, then 2.5 is a bottleneck and you want 10Gbit.  2.5 is merely a bad joke.)

What exactly are you trying to accomplish?
June 06, 2022, 05:34:21 PM #13
Quote from: m8kbv on June 06, 2022, 11:28:04 AM
This is my thread, I created my account anew.
Compal ch7465lg-lc, ISP: UPC.
The router has the following functions disabled by the operator: nat, port and modem mode forwarding, passthrough. These options are not there, I know that in other configurations of this router they should be. The contract is not on me and I can't ask the operator to activate these functions.
I should have said 'bridge mode' earlier, I'm on PPPoE which uses passthru.

According to the support page for your ISP, all you need to do is contact them and ask for Bridge Mode to be activated, take a look at this page: https://www.upc.ch/en/support/internet/connect-box/settings/

That page does talk about a different modem but it's worth asking their support to do it for your specific modem.

Regards


Bill
June 06, 2022, 06:30:54 PM #14
I know, but I don't have access to the person's internet credentials.
Print
Go Up Pages1 2
User actions