Eure Meinung ist gefragt:
Folgender grober Netzwerkaufbau:
VF-Kabelmodem --> FritzBox (Internettelefonie) --> OPNsense --> LAN und DMZ
Frage:
In der #FritzBox die #OPNSense als Exposed Host eintragen oder lieber doch einzelne Portfreigaben auf die OPNSense definieren auf dieser dann die gleichen für die jeweiligen Zielhosts existieren?
Bin mir da unschlüssig, ob durch den Exposed Host auf der FritzBox nicht irgendwelche Nachteile existieren. Auf der einen Seite habe ich ja dahinter die OPNSense als #Firewall, die den weiteren Netzwerkverkehr regelt.
I'm thinking about switching from a #Ubiquiti#EdgeRouter to something with #OPNsense on it. My home Internet can do 1gbps/45mbps although this fall I'll probably end up with symmetric 1.2gbps. I'm upgrading my access points to WiFi 7 (the new Ubiquiti APs) so the WiFi will support the throughput even if our devices don't yet.
The frustrating thing with the EdgeRouter is that it's basically been abandoned the last few years by its manufacturer. They are still selling plenty of them but... 1/n
... I'm looking at OPNsense which people don't seem to be mad about.
I would like to get full throughput on a 1.2gbps symmetric connection, have it do routing, have it do VPN, have it be a firewall, and maybe use it for a few other network things.
What sort of hardware should I be looking at for #OPNsense for that kind of application?
I'm also thinking I should upgrade my parents EdgeRouter to something that can more gracefully handle multiple WAN connections ... (3/n)
Finished off the microscope software this morning, so it's onto the next project - the new network router. My old 1U MiniITX is showing its age in several ways, and this is the upgrade. A HP T730 thin client with an Intel 4-port network card. Quad core AMD RX-427BB.
No SSD installed on arrival, so I picked up an open-box WD Green 240GB. Massive overkill for OPNsense, but it was cheap.
If anyone is looking and in the UK, someone on #ebay is selling #HP#T730 thin client computers for a decent price. Need storage. I've bought a couple and I'm planning to turn one into an #opnsense router. https://www.ebay.co.uk/itm/196104490290
Spent much of the day working towards this. I'm still failing. 😦
Proxmox is up on VLAN5. I can get at the UI over the network so I know the trunk VLAN is letting that stuff through but I can't figure out how to get at OPNSense. No traffic seems to pass the bridge but the docs say that bit should just work.
I'm still mulling over my #home#networking project of connecting three buildings. Currently two of the buildings are connected with a #tplink bridge but I'm not happy with the weird subnetting.
Anyone have strong opinions on equipment if starting fresh? I'm considering #ubiquity gear as I've used it with some success in the past. Also considering #opnsense or #pfsense for the routers.
I could, in theory, bury a cable for it but that's real effort so I'm going wireless.
Returned from holiday and was puzzled that access to port 80 of any device on my IoT VLAN was blocked.
I really didn´t change a thing - as a rule I don't change stuff at least 1 week before leaving on holiday (let's call it 'experience')
Connect to the VLAN directly the devices were there and accessible,
The likely culprit was the ER-X.
Rebooted it and issue fixed.
I think I'm going to move the 'replace router' task to a higher priority on my TODO
@peturdainn I've been really happy with #Opnsense on a #pcengines box. Perhaps the hardware could have been slightly more powerful but it's fine for my use
Spannend. Meine Switche können 802.1Q VLAN und Mac VLAN. Aber leider kein "wenn Du keine Zuweisung hast nimm VLAN 2999" oder so... #opnsense#tplink switch