newbie trying to set up network

Started by lumilumi, June 04, 2026, 08:21:10 AM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
June 04, 2026, 08:21:10 AM
I believe what I am trying to do is set up a wireless network (wifi?)

using a mini pc as an opnsense box
what im struggling to understand - is if I want to create a network ssid -- and use WPA2 encryption...

- I have 4 ethernet ports
- I want to connect my mini pc to my isp modem (as the gateway to internet)

- then I want my devices to connect to the opensense box - to have traffic go through the firewall and unbound  using quad nine

https://docs.opnsense.org/manual/how-tos/interface_wireless_internal.html

do I need to install the addon Radius - in order to set up a network? (ssid: password for people to log in with)
do I need to do anything special in order for my mini pc to be used as a wifi router / connect things to it

i'm so new I haven't even sprouted my leaves yet
June 04, 2026, 08:27:06 AM #1
Quote from: lumilumi on June 04, 2026, 08:21:10 AMI believe what I am trying to do is set up a wireless network (wifi?)

using a mini pc as an opnsense box
what im struggling to understand - is if I want to create a network ssid -- and use WPA2 encryption...

- I have 4 ethernet ports
- I want to connect my mini pc to my isp modem (as the gateway to internet)

- then I want my devices to connect to the opensense box - to have traffic go through the firewall and unbound  using quad nine

https://docs.opnsense.org/manual/how-tos/interface_wireless_internal.html

do I need to install the addon Radius - in order to set up a network? (ssid: password for people to log in with)
do I need to do anything special in order for my mini pc to be used as a wifi router / connect things to it

You should not use opnsense as a wifi access point. It can work, but its terrible. Get the proper standalone wifi access point and attach it to one of the ports.
June 04, 2026, 09:13:44 AM #2
I thought that wireless access points were by default a bit unsecure - do you have a reccommendation for one less than $100?
i'm so new I haven't even sprouted my leaves yet
June 04, 2026, 09:29:42 AM #3
Quote from: lumilumi on June 04, 2026, 09:13:44 AMI thought that wireless access points were by default a bit unsecure
You thought wrong. Access points from Ubiquiti or Grandstream have WPA3 and WPA3 Enterprise support. They also support per SSID VLAN segmentation and they can work with RADIUS authentication servers. And lets not even get into performance metrics and reliability.

There are several things you should never do with your opnsense box.

Use it as a soft switch.
Use it as an wifi access point.
Use USB devices on it.

Quote from: lumilumi on June 04, 2026, 09:13:44 AM- do you have a reccommendation for one less than $100?
Grandstream GWN7604. Keep in mind that some of these devices are not shipped with power supply so you will need PoE injector or PoE switch.
June 05, 2026, 02:56:00 AM #4
You could find a used wifi router that has current OpenWRT support and just use it as a access point. 
June 05, 2026, 04:56:24 PM #5
Quote from: lumilumi on June 04, 2026, 09:13:44 AMI thought that wireless access points were by default a bit unsecure - do you have a reccommendation for one less than $100?
TP-Link Omada has some nice Wall models for sub € 100 prices over here so check if it's the same in the U.S.A. :)
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
June 05, 2026, 05:02:19 PM #6
Stay away from TP-Link garbage !!!! Check level-1 tech forums if you want to see why.
June 05, 2026, 05:55:01 PM #7
Quote from: Nullman on June 05, 2026, 05:02:19 PMStay away from TP-Link garbage !!!! Check level-1 tech forums if you want to see why.
You have now basically told me NOTHING...

- Provide a link to the specific sub-forum or topic there.
- Specify what is going on exactly and what I will read there in short.

Then I might actually take the effort to do so ;)



FYI :
I think I have read enough in the past about their Omada stuff and some regular Routers/Switches/Accesspoints to know if it's a good or bad brand, but feel free to proof me wrong! :)
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
June 05, 2026, 06:03:40 PM #8
Quote from: nero355 on June 05, 2026, 05:55:01 PMYou have now basically told me NOTHING...
I was not talking to you.

Quote from: nero355 on June 05, 2026, 05:55:01 PM- Provide a link to the specific sub-forum or topic there.
- Specify what is going on exactly and what I will read there in short.

Then I might actually take the effort to do so ;)



FYI :
I think I have read enough in the past about their Omada stuff and some regular Routers/Switches/Accesspoints to know if it's a good or bad brand, but feel free to proof me wrong! :)
No.
Today at 05:56:24 AM #9
Quote from: RobertoZ on June 05, 2026, 02:56:00 AMYou could find a used wifi router that has current OpenWRT support and just use it as a access point. 

well, the reason I am switching to opensense, is that openwrt has been filled with llm coding -- I could never get it to work properly anyway -_-

is there a guide for this I could look into? I still have my openwrt one box
i'm so new I haven't even sprouted my leaves yet
Today at 05:57:56 AM #10
Quote from: Nullman on June 04, 2026, 09:29:42 AM
Quote from: lumilumi on June 04, 2026, 09:13:44 AMI thought that wireless access points were by default a bit unsecure
You thought wrong. Access points from Ubiquiti or Grandstream have WPA3 and WPA3 Enterprise support. They also support per SSID VLAN segmentation and they can work with RADIUS authentication servers. And lets not even get into performance metrics and reliability.

There are several things you should never do with your opnsense box.

Use it as a soft switch.
Use it as an wifi access point.
Use USB devices on it.

Quote from: lumilumi on June 04, 2026, 09:13:44 AM- do you have a reccommendation for one less than $100?
Grandstream GWN7604. Keep in mind that some of these devices are not shipped with power supply so you will need PoE injector or PoE switch.

thank you very much for the recommendation!
I will shop around
i'm so new I haven't even sprouted my leaves yet
Today at 06:06:13 AM #11
in all honesty - is there anyone around who has used something like this method before that would be willing to walk me through it?

is it complicated for a networking newbie?

I have already set up opensense box on a mini pc (and gone through some of the settings / watched many tutorials / learned a lot about networks)

I have already done some work with openwrt as well and my router is already in bridge mode
I have just never worked through using a wireless access point (I feel so old fashioned, lol)
i'm so new I haven't even sprouted my leaves yet
Today at 08:00:03 AM #12
Quote from: lumilumi on Today at 06:06:13 AMI have already done some work with openwrt as well and my router is already in bridge mode
I have just never worked through using a wireless access point (I feel so old fashioned, lol)

Much of it is new to me also but in my unqualified opinion an opnsense router coupled with openwrt access point(s) is an appealing combo for a home user. You are able to re-purpose your existing gear or buy cost effective secondhand and there is ample documentation on both. I have a couple of meraki units, running openwrt in 'dumb AP mode', connected via a small managed switch. You can in theory connect the APs directly to the opnsense box, but this can lead to interface issues on the router side. Check out the openwrt guides for access point only mode. Then consult the docs here for opnsense vlans.
Today at 08:11:28 AM #13
not to say I know much - but isn't llm generated code extremely unsecure as well? Wouldn't that ruin the whole point of trying to use a firewall?
i'm so new I haven't even sprouted my leaves yet
Today at 09:10:18 AM #14
With hardware/driver support limiting what you can do with wifi on opnsense, and concerns you have about wireless access point security, physically separate devices would seem the best choice for you. That or no wireless network.
Print
Go Up Pages1 2
User actions