OPNsense Initial Configuration

Leave a reply

In my previous posts, I have set up an OPNsense firewall on my MSI Cubi N minicomputer. Now it’s time to actually start using the firewall.

Login to OPNsense

When starting up my Cubi N, it starts up OPNsense with an web interface. After wiring up, I can start with the initial configuration.

  • Open Browser
  • Connect to http://192.168.1.1
  • Login as root
  • Passwort as initialy set
  • Now, I can see the Dashboard

DHCP server

OPNsense comes with build in DHCP servers. By default it runs the ISC DHCPv4 server. According to the documentation, the new DHCP server is Kea DHCP while the ISC DHCP server is becoming legacy. Thus, I want to use the new stuff and choose Kea DHCP.

Disable ISC DHCPv4

  • Open ServicesISC DHCPv4[LAN]
  • UncheckEnable DHCP server on the LAN interface”
  • Click the Save button

Configure Kea DHCP

  • Open ServicesKea DHCP [new]Kea DHCP

Settings

  • Select the Settings tab
  • Check “Enabled
  • Set the Interfaces to LAN
  • Click the Apply button

Subnets

  • Select the Subnet tab
  • Click the + Button to create a new Subnet
    • Subnet: 192.168.1.0/24
      • This is the setting to achieve the same configuration as with ISC DHCP server
      • You might choose a different subnet, as I did…
    • Pools: 192.168.1.100 - 192.168.1.199
      • This is the setting to achieve the same configuration as with ISC DHCP server
    • Activate “Auto collect option data”
      • This is actually the default setting
      • Click the Save button to confirm and store the subnet
  • Click the Apply button

Reservations

I did no changes here for the initial configuration.

HA Peers

I did no changes here for the initial configuration.

Note

If you change the IP ranges and subnets of the DHCP server, you also need to adjust the IP of the LAN interface of the firewall itself (see below)

Interface IP

Since I changed the IP range for the DHCP server, I need to change the IP address of the LAN interface as well.

  • Open Interfaces[LAN]
  • Go to the “Static IPv4 configuration” section
  • Edit IPv4 address
    (original value: 192.168.1.1)
  • Set the subnet mask
    (dropdown next to IP address. original value: 24)
  • Click the Save button at the bottom
  • Click the Apply Changes in the header

Now, I have to change the IP address of my client computer/set the IP assignment to DHCP again. After 2-3 trials and rebooting my client PC, I can connect to the OPNsense firewall on my Cubi N again. 🥳

References

Leave a Reply

Your email address will not be published. Required fields are marked *