Setup & Installation

• Hardware Requirements
• Installation

Hardware Requirements

At the minimum, your host machine for OPNsense should have the following:

• 1GHz Dual Core CPU
• 2 GB RAM

The recommended hardware, per OPNsense official documentation is as follows:

• 1.5 GHz CPU
• 8 GB RAM
• 120 GB SSD

This recommended set up will allow you to utilize the full functionality of OPNsense, which includes IDS and IPS software if desired. My host machine, a Dell OptiPlex 7050 SFF has the following specs:

• Intel i5-7600 @3.50 GHz 
• 8 GB DDR4 RAM
• 512 GB SSD 

Additionally, your host machine needs at least 2 RJ45 ports, 1 for your WAN connection and 1 for your LAN connection. My OptiPlex only had 1 RJ45 port, so I purchased an Intel I350-T4 NIC and installed it onto the motherboard, which gave me 4 RJ45 gigabit ports. More information about that can be found here.

Installation

Installing OPNsense onto hardware is quite easy and straight forward. Download the ISO from their official website opnsense.org and create a bootable drive. You can use Rufus, balenaEtcher, or any other software to burn the ISO onto the drive. I used Ventoy, as it allows you to store several ISOs on a single drive, which makes it much easier instead of having to go through that process again for every operating system. 

Connect your modem to an RJ45 port of the host machine, and then connect either your router or laptop to another RJ45 port of the machine. A couple things to make sure you do...

• Ensure your modem is in bridge mode. This is CRUCIAL. I have an ISP-provided DOCSIS modem from Optimum (the bane of my existence), and it took numerous calls to Tech Support to set it into bridge mode as Optimum doesn't allow its customers to access modem settings. I'd recommend purchasing your own modem, but as a college student, I don't have the funds for that. If your modem is not in bridge mode, you may receive a local IP for your WAN connection which will cause errors during set up. 
• Ensure your access points (APs) are also in bridge mode. Prior to this, I was using an Eero Pro 6 mesh system, which used 1 device as the "gateway router" that was wired directly to the modem and the other 2 as access points. This was giving me errors during the initial set up due to the Eero routers trying to handle the NAT/DHCP while OPNsense was doing the same. 
  • To solve this, I first disconnected anything OPNsense related. I then set up my Eero network using one device as the gateway connected to the router, and the other 2 as APs. Once I could confirm everything was working properly, I configured DHCP & NAT network services to work in bridge mode. This allowed the Eero devices to serve as purely APs 
• Place everything into bridge mode and let OPNsense handle NAT/DHCP and everything else. 

With everything set up. boot your machine and select the boot drive which has your OPNsense ISO on it. 

OPNsense will run through initial configurations. To install the operating system log in with the following credentials:

Username: installer

Password: opnsense

If installed correctly, the Web GUI should be available at the designated IP that will show in the terminal console. For my machine, the Web GUI is available at the 192.168.1.1

Check out the "Configurations" Chapter to view the dashboard and available configurations!