Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Hardware and Performance
»
OPNSENSE: FACTORY RESET
« previous
next »
Print
Pages: [
1
]
Author
Topic: OPNSENSE: FACTORY RESET (Read 1551 times)
M_ndala
Newbie
Posts: 1
Karma: 0
OPNSENSE: FACTORY RESET
«
on:
March 04, 2024, 11:52:47 am »
Hello everyone,
I am new to OPNsense hardware/firewall and I would wish to get some help
Scope of Work
• Deployment and implementation of the FW in transparent filtering bridge
• Implement IPS, application and web filtering.
• Installation of Next generation firewall Plugin Zenarmor
I followed the guidelines on creating transparent bridge and the following was configured, however, I lost GUI access to the firewall after completing the below.
• Outbound NAT rule disabled.
• Changed system Tuneables (net.link.brdge.pfil_bridge set 1 , net.link.brdge.pfil_member set 0)
• Bridge (Brdige0) created and assigned LAN and WAN interfaces to the bridge.
• Assigned management IP to the bridge.
• Disabled Block private networks & bogon.
• Disabled the DHCP server on LAN.
• Disabled Default Anti Lockout Rule
• LAN and WAN interface set type to ‘none.’
Bridge_Interface (bridge0) -> v4: 192.168.20.5/24
LAN (igb0) ->
WAN (igb1) ->
The bridge has an IP assigned as above, but for some unknow reasons I cant access the firewall via that IPv4 address.
NOTE: Currently no access to the FW via GUI, only accessible via USB console cable. Is there a way I can reset the appliance back to factory defaults and perhaps do reconfiguration.
Thank you, Mike
Logged
AKH
Newbie
Posts: 1
Karma: 0
Re: OPNSENSE: FACTORY RESET
«
Reply #1 on:
April 09, 2024, 04:27:29 pm »
Hmm,
bin auch dabei mich mit der OPNSense Firewall - insbesondere Bridge zubeschäftigen.
An der Bridge selbst darf du/man keine IP binden.
Ich habe direkt mit 4 Netzwerkkarten gearbeitet.
WAN
*
DMZ ********ADM
*
LAN
Dabei ist es egal ob du die Bridge
von
WAN - DMZ
oder
WAN - LAN
oder
DMZ - LAN
baust.
Du hast deine beiden Netzkarten verbraucht.
Wenn (WAN - LAN) oder (DMZ - LAN) Bridge - kann/soll die LAN Schnittstelle keine IP haben.
Also ADM - extra Netzkarte /Anschluss und extra IP - dann kommst du immer an die OPNSense
Bei WAN to DMZ oder WAN to LAN hast du aber eigentlich auch keine wirkliche FW Struktur, wenn
die Daten über die transparente OPNSenseBridge und Zenarmor ungeblockt durchkommen würden.
Also das ist reporting und blocken die eigentliche Aufgabe!
«
Last Edit: April 09, 2024, 04:36:02 pm by AKH
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Hardware and Performance
»
OPNSENSE: FACTORY RESET