Routers

How to Create a Basic DMZ (Demilitarized Zone) Network in OPNsense

How to Create a Basic DMZ (Demilitarized Zone) Network in OPNsense

Are you hosting publicly accessible services on your network? Protect your internal network with a DMZ

A DMZ (demilitarized zone) is a segmented part of a network that is used to host all publicly accessible websites and services. The intention is to protect the internal network from external threats. It is an effective strategy to minimize public exposure of your critical assets as well as limit the damage caused when an intruder is able to penetrate your network. A great definition of a DMZ can be found here.
How to Configure the WireGuard VPN Server in OPNsense

How to Configure the WireGuard VPN Server in OPNsense

Seeking a faster, lighter weight, and potentially more secure VPN server to access your home network? Check out WireGuard VPN...

WireGuard is a modern designed VPN that uses the latest cryptography for stronger security, is very lightweight, and is relatively easy to set up (mostly). I say ‘mostly’ because I found setting up WireGuard in OPNsense to be more difficult than I anticipated. The basic setup of the WireGuard VPN itself was as easy as the authors claim on their website, but I came across a few gotcha’s. The gotcha’s occur with functionality that is beyond the scope of the WireGuard protocol so I cannot fault them for that.
How to Configure Dynamic DNS in OPNsense

How to Configure Dynamic DNS in OPNsense

Have a non-static public facing IP address and want to utilize dynamic DNS?

If you have software/services running on your local network that you want to remotely access, you may have encountered a situation in which your IP address changes periodically. Many ISPs do not assign static IP addresses to non-business accounts especially for IPv4 addresses because they are extremely limited and have technically been exhausted for some time now. When your modem stays connected for a long period of time with an ISP, it is possible your IP address will not change often.
How to Configure DHCP When Using VLANs in OPNsense

How to Configure DHCP When Using VLANs in OPNsense

Are you new to VLANs and want to configure DHCP in OPNsense?

When you are new to creating VLANs on your network, you may wonder about the necessary steps in order to create a properly functioning VLAN. If you set up OPNsense with one WAN and one LAN interface, it is kind enough to set up a basic configuration for the LAN interface with DHCP enabled and a single firewall rule that allows access to the Internet. You can consider this configuration to be a “flat” network, which means that every device is on the same network and can communicate.
Disable Logging into OPNsense as the Root User

Disable Logging into OPNsense as the Root User

Allowing root user logins is not normally a good idea...

After installing OPNsense, the default login is the root user. Logging in as the root user is generally not advised because the root user has full access to files and processes. Linux users, for instance, are asked to create a separate user account upon installation. The user can then use the sudo command to elevate privileges to perform administrative tasks. If the user’s account is compromised, in theory the root account is still protected (assuming there is no privilege escalation vulnerability being exploited or the password has been discovered).