I wanted to follow up on my OPNsense Firewall/Router that I built two years ago. Overall the hardware I selected has been solid and haven’t had any issues expect for a small bios configuration I had to make so the router would reboot properly after a power outage.
Just to recap the hardware I have
Note: As an Amazon Associate I earn from qualifying purchases. No additional cost to you.
What I learned
One unique item about OPNsense is when you do software updates, you can’t just update to the latest version, you need to update to next version. OPNsense currently releases twice a year, check out the release notes for each version here. I was a few versions behind and had to work through the multiple updates before I was to the OPNsense 25.1 release.
With the latest release they updated the user interfaces and it looks a little different (better in my opinion), here is a couple of screenshots that show the differences.
23.1 Dashboard
Configuration
In my previous post I didn’t walk through any of the configurations I made. Honestly I run a pretty vanilla install, but I will walk through the few items that are unique to my setup:
- VLAN Setup for my ISP – wont walk through the specifics here, as it will be unique for everyone
- Firewall rules to block security cameras from accessing internet
- VnStat
I do not have a managed switch, so I can’t create any VLANs for individual connections. To block my security cameras from accessing the internet, I assigned them static IP addresses and then setup firewall rules to block them from trying to connect to their manufacturer servers.
My favorite plug has been VnStat, it reminds me of the simple bandwidth tracking that used to be built into my router when using the tomato firmware.
It has several different filtering options, hourly, daily, monthly and yearly. Personally, I only check the Monthly Statistics. Beyond that, I don’t really care.
Yearly Statistics
Conclusion
I have been happy with my setup as its been rock solid and appreciate the added security and reliability it brings. This is why I love open source software.
If I was to build a new router knowing the knowledge I know now, I might look for a mini computer with a faster CPU such as the Beelink or Protectli computers:
Note: As an Amazon Associate I earn from qualifying purchases. No additional cost to you.
The current Intel J4125 handles 1 Gigabit no problem however if the fiber network in my neighbor ever upgrades to 2 Gigabit I will have to re-evaluate the performance of my current system. Here is a current fast.com speed test during peaking time in my neighborhood.
Here is a speedtest results as well.
Let me know if you have any specific questions and please share what is your current setup?