opnsense firewall build

Joined
Oct 16, 2010
Messages
424
Location
TN
I have wanted to build a firewall appliance for awhile now. After reading various threads about consumer routers not having firmware updates available I moved forward with the project.

My hardware consists of a Dell Optiplex 790 small form factor computer from Goodwill online, less than $50.
HP pci-e dual port network card came from Ebay, $14.
I used a 240GB SSD from an old laptop I no longer use.
I updated the BIOS on the Dell before I installed Opnsense.

I chose Opnsense as the software. I debated between Opnsense and Pfsense.

The install went well. I did run into an issue where the software seemed to change my ethernet ports. After the install, when I shut down to move the box to its permanent location it came back up with wan and lan ports swapped. I did no figure out why that happened. I reconfigured my install to keep the ports in their "new" locations and I've had no more problems.

The options available are staggering at first glance. Following instructions found online I got Openvpn setup and working. I am only using a fraction of the capabilities this Opnsense has. The box has been up and running for several days and had been rock solid. I changed my TP-Link router to access mode to avoid double NAT and keep wireless connections.

I have a novice understanding of the protocols involved in this project, if anyone cares to weigh in on security measures to be aware of or configuration settings please respond. I would like to know I haven't opened myself to intrusion. I feel like I have configured everything correctly, but like I said, I'm a novice.
 
Last edited:
I have no experience with opnsense, only pfsense (using their hardware and software). Online forums for opnsense any good?
 
I haven't posted anything on their forum, however it seems active. One of the reviews I read while making my decision suggested that the opnsense forums were more welcoming and less corporate than the pfsense forums. I personally have no experience with either, other than browsing the forums.
 
We used the pfsense to replace some old Cisco routers and were happy with the firewall interface. Seemed easy enough, but as always the big issue is whether or not the support can keep up with the intrusion attempts. By the time a notice is posted, it's been exploited.

HIGH

MEDIUM
 
Somebody else gets the credit for bringing this up in years past, but Sophos provides a free version of their Security Appliance software, XG, for home users, to use on hardware like this.


I've used it, and their security appliances (but greatly prefer Cisco, while that was a fun experiment) and it is a pretty decent system. It's also likely better maintained than PFSense.
 
I am running OPNSense on a Dell Optiplex 3040. It was very easy to setup and has been very stable.

I have used Pfsense in the past and had good luck with it, I just decided to try something new.
 
Back
Top