Help with fresh Opnsense Install

napstersquest

napstersquest

Thread Police
Adept
I installed a fresh opnsense copy on a P330 Tiny with dual Intel NICs (pcie) attached so total 3 ethernet ports.

I have an Airtel connection with static IP (VSOL ONU in bridge mode) and local SiliconCare connection which I recently got (Syrotech ONU with pppoe).

On fresh install, I set the em0 port to LAN and igb0 to WAN, nothing set to opt1.

The igb0 is connected to the Syrotech ONU with DHCP.
I then assigned igb1 as WAN2 and did the Static IP config for Airtel on it.

The WiFi for Syrotech ONU is enabled.

I created a gateway group with same priority for WAN and WAN2. Changed the gateway in LAN Firewall rule to the new gateway group.

I get no internet on the switch connected to opnsense's LAN. I am getting assigned an IP address from opnsense's DHCP pool on all devices though.
All I needed was reboot all APs and the Opnsense machine after gateway changes. It works now.

If I connect to the WiFi of Syrotech ONU, internet works.

Is there a way to bind or set default gateway for specific devices on the network with or without use of VLAN? The switch I use is dumb and no extra ports on the router itself.
For example, my Minecraft server needs to be using the Airtel Gateway (As it has the Static IP and hence the port forward).

Please help!
 
Last edited:
napstersquest said:
Is there a way to bind or set default gateway for specific devices on the network with or without use of VLAN? The switch I use is dumb and no extra ports on the router itself.
For example, my Minecraft server needs to be using the Airtel Gateway (As it has the Static IP and hence the port forward).
Click to expand...
You will have to create routes for this to work, I don't know how to do this in OpnSense because I've always use pfSense.
but the configuration should be the same
1. ensure that both WAN interfaces are configured correctly
2. create gateway group to prioritize the static gateway over the dynamic (Syrotech)
3. create Alias for IP/MAC address for the Minecraft server
4. add firewall rule for policy based routing where you pass LAN with protocol any and the source address is the alias you create for Minecraft server, set destination to any and under advance features there should be an option to set the gateway to a group.
5. Save, Apply, Reboot
 
If you have a default outgoing allow policy that points to gateway group, add a policy before that allowing the minecraft server outbound access and select the Airtel gateway
 
Back
Top