Virtual IP on WAN (PPPoE)

[layereight]

Hi all,
I have my internet connection on a WAN interface with PPPoE configuration. My modem is a FritzBox in Modem only mode, connected via Ethernet. Everything works fine but I would like to be able to connect to the mamangement GUI of my FritzBox router. This means I need an IP address in the router's management LAN on my WAN interface. Can I simply add a virtual IP on the WAN interface to achieve this or would this interrupt/break my PPPoE internet connection?
I assume no, because currently my WAN interface only talks PPPoE and with adding a virtual IP address I just all IP to that interface, right? I just must not break the default GW of my OPNsense.
(Sitting remote, hence I could not fix it if I break it...)
Thank you for any thoughts!

[franco]

It should work fine. There is a little concern about IPv6 VIPs but I don't think that's what you want.


Cheers,
Franco

[layereight]

Wow! thank you for the instant reply!
Is there any way to have OPNsense revert to the config before the change if not approved in a period of time?
(Just looking for a self repair...)

[franco]

No, but you can revert to the older configuration from System: Configuration: History GUI page. Adding a VIP on your WAN will not break your LAN connectivity.


Cheers,
Franco

[layereight]

Yeah, I am just connected via OpenVPN - thats why I am concerned to break the interenet connection. No way back if so :-)

[franco]

As much as I want I cannot recommend :)


Cheers,
Franco

[layereight]

Yeah, feeling the same way...
Thank you anyway!!

[layereight]

Found this: https://github.com/opnsense/plugins/pull/3321
But it does not appear in the addons list (community)
This would be a perfect solution for my use case

[franco]

The risk is of lockout is lower than a recovery gone wrong with a community plugin. Our support tier policy doesn't fit well with community work for high risk core areas (requires tier 1 but only has tier 3).


Cheers,
Franco