User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
networking:opnsense_using [2024/10/24 11:25] – created willynetworking:opnsense_using [2025/03/13 14:16] (current) – [opnSense] willy
Line 1: Line 1:
-====== opnSense ======+====== F) Using opnSense ======
  
 +[[https://opnsense.org/|opnSense]] is the //"Free & Open source - Everything essential to protect your network and more"//. In other words, opnSense is going to be:
 +  * Your router
 +  * Your firewall
 +  * Your DNS resolver and filter
 +
 +and much more!
 +
 +You will stick the opnSense between your internet links and your home network(s) and it will let you manage it all with very powerfull tools and web based GUI.
 +
 +opnSense is a fork of the also good pfSense when, a few years ago, the company behind pfSense started acting in ways that pissed off the community. Since the product is Open Source, a different company spun up and picked it up rebranding to opnSense.
 +
 +Between pfSense and opnSense there are a few technical distinctions, but mostly i prefer opnSense because it has a more modern and logical web GUI, and it's much easier to download and install. I tried to install pfSense, but first i had to create an account on their online store to //purchase// a free download link, then was unable to install the downloaded image because it required internet connection to //phone home// even before being installed. opnSense had none of that mess and proved so much easier to download and install. 
 +
 +===== Hardware Selection =====
 +
 +While you could install opnSense in a Virtual Machine (or maybe a container?) it really make little sense to me. I purchased a low cost **firewall appliance**, which is basically a small factor, passive cooled mini PC with the following hardware:
 +  * Low-power ATOM based CPU
 +  * 8GB RAM (less will do as well)
 +  * 80GB sata SSD (an NVME will do as well)
 +  * 4 Intel 2.5Gbps NICs (network interfaces)
 +
 +The most important piece here is having four network cards (ethernet connections), because the whole point of opnSense is to be plugged into all your networks and operate as switch / firewall / gateway for your LAN, WAN and VLANs.
 +
 +Since opnSense is based on FreeBSD you should make sure the hardware you want to use is supported, since the FreeBSD kernel has somewhat less support than Linux. Specially your WiFi will most probably __not__ be supported.
 +
 +
 +===== Sowftware Installation =====
 +
 +Installing opnSense is quite easy, you should download the VGA edition to boot from an USB thumbdrive, then head onto [[https://opnsense.org/users/get-started/|the installation guide]] to follow the official opnSense guide.
 +
 +As general hints, you must define beforehand which ethernet port you will plug into your home network: this will be called LAN interface, and which ones will be used to connect to your ISPs gateways. The first one will be called WAN and the second one will be called OPT1, OPT2, and so on.
 +
 +You will be able to rename all those interfaces later on, but it will be annoying specially for the LAN one, so i suggest you get it right immediately. I also suggest you set a static IP on the LAN interface, i choose the **10.20.30.254** IP for the opnSense. This will become your gateway and DNS address for your hosts.
 +
 +On the WAN interface, usually you want to set it as DHCP.

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information