OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • New to OPNsense Need Expertise to verify my work so far
« previous next »
  • Print
Pages: [1]

Author Topic: New to OPNsense Need Expertise to verify my work so far  (Read 389 times)

jimcease

  • Newbie
  • *
  • Posts: 14
  • Karma: 0
    • View Profile
New to OPNsense Need Expertise to verify my work so far
« on: September 11, 2024, 04:00:24 pm »
Background, just built a m720q tiny intel 8500t 16 mb ram 256gig SSD and bringing up Tplink TL-SG1016DE.  I am a newb and scheduling cut over before my family wakes up on Saturday morning.  I need to make sure Plex, IP CAM, printing, and Consoles work as expected.  Once wired network is verified working I will convert ASUS GT AX 11000 to AP Mode.  OPNsense will be connected to Xfininty Internet and get a public IP.

So far created VLANs with some rules
Lan :192.168.1.1/24      Where network equipment will reside - main PC will be moved once all working to USER Vln
Plex:192.168.10.1/24    This is where my Plex server will reside created Alias called Plex
User:192.168.20.1/24   This is where all PC equipment will be located
IOT: 192.168.30.1/24    This is where all my phones, streaming devices, printer, and gaming consoles live Alias for consoles and printer
Guest: 192.168.40.1/24  All Guest devices will connect here
IPCam: 192.168.50.1/24 IP camera lives here alias IPCam
https://photos.app.goo.gl/3syMwEqEujLw6Mbg8    LAN
https://photos.app.goo.gl/9FzFpDpLALsahjzX8    User VLAN
https://photos.app.goo.gl/peZFfcdAbdiy5sqX6     Plex VLAN
https://photos.app.goo.gl/edGse7WBfuAaL7fJ8   IOT VLAN   
https://photos.app.goo.gl/3ESN8CXKLrhVjRqA6   Guest VLAN     
https://photos.app.goo.gl/LujiihVcQqmH8cGM7    IPCam VLAN


https://photos.app.goo.gl/kK9z6zJyk1Y5nw7u5   NAT Type 2 Rule     

The next question is DNS should I start open and then try DOT?
DOT https://homenetworkguy.com/how-to/configure-dns-over-tls-unbound-opnsense/
Force local resolver https://homenetworkguy.com/how-to/redirect-all-dns-requests-to-local-dns-resolver/     

After I verify that all is working should I attempt to implement:
Antivirus https://docs.opnsense.org/manual/how-tos/proxyicapantivirusinternal.html
IP Block and GEO Block https://windgate.net/opnsense-ip-blocklists-and-geo-ip-block-to-enhance-security-against-malicious-attacks/           

First thanks for verifying my thinking as I am really new and trying to learn things quickly.  Thanks for taking the time and sharing your knowledge with me.  Lastly my apologies as I could not figure out how to get the images to post so I added links to them.  Again I greatly appreciate your help so will my family when things are working.



« Last Edit: September 11, 2024, 08:58:45 pm by jimcease »
Logged

bartjsmit

  • Hero Member
  • *****
  • Posts: 2014
  • Karma: 194
    • View Profile
Re: New to OPNsense Need Expertise to verify my work so far
« Reply #1 on: September 11, 2024, 08:21:27 pm »
What is your WAN connection? Will OPNsense get a public IP?
Logged

jimcease

  • Newbie
  • *
  • Posts: 14
  • Karma: 0
    • View Profile
Re: New to OPNsense Need Expertise to verify my work so far
« Reply #2 on: September 11, 2024, 08:59:27 pm »
I will be connecting WAN to Xfinity and obtaining a public IP.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • New to OPNsense Need Expertise to verify my work so far
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2