Switched from Ubiquiti to OPNSense Router! How To Guide
ฝัง
- เผยแพร่เมื่อ 27 มิ.ย. 2024
- Switching from Ubiquiti to OPNsense to get in the realm of open source routing with faster hardware. Complete how to get started guide. pfSense/OPNsense Router Build
N5105 Fanless w/ 4 2.5gbe Intel 226 NICS (choose no ram, no storage, no system) - s.click.aliexpress.com/e/_DmA...
16GB of DDR4 RAM (Crucial Brand) - amzn.to/3DKGhil (or one 8GB is probably fine)
250GB NVME M.2 Storage (WD Blue) - amzn.to/3Snt7Mb
⚡Or Get the Router on Amazon - amzn.to/3IwJYsA
⚡Alternative N5105 Link - www.aliexpress.us/item/325680...
⚡SFP+ Ports router - s.click.aliexpress.com/e/_DDb...
Optional Parts I used
AC Infinity USB Fan - amzn.to/3YbOAtY or amzn.to/3m4IAWE
SSD Heat Sink - amzn.to/3EKvwfN
⚡Resources
OPNSense opnsense.org/
Rufus rufus.ie/en/
⚡Products We Use/Recommend
Amazon US - amzn.to/2YZNDeO
Amazon UK - amzn.to/2TnG2R4
Amazon CA - amzn.to/2JWsNq5
⚡Be Social!⚡
Main Website - www.digiblur.com
Discord Chat - discord.digiblur.com
Patreon - patreon.digiblur.com
Join / @digiblurdiy
Facebook - facebook.digiblur.com
Instagram - instagram.digiblur.com
Please note, the product links above could be affiliate links, using them could earn digiblurDIY a small commission of most purchases and helps with future video projects. Thank you!
00:00 Router Hardware Overview
06:50 Create OPNsense Bootable USB
09:27 BIOS Settings & First Boot
11:04 Installing OPNsense
12:53 Configuring Interfaces & IP
16:25 GUI Setup & Upgrading
18:24 Closing
19:10 The BEST Part! - วิทยาศาสตร์และเทคโนโลยี
Videos like this are greatly appreciated. I am completely new to OPNsense and greatly appreciated this tutorial. Look forward to more videos on this subject if that is what you decide to do. Thanks!
Thanks! Yes. That was already decided from the get go. Working on some things now.
Excellent step by step guide to setting up OPNsense!
Thanks!
Been waiting for this one Travis! Excited to see the others. Thanks
Thanks! Yes, I have some other shorter ones planned on how I setup different aspects of things. So technically I installed two of these routers ;) One is the play area and video usage.
@@digiblurDIY if you did camera firewalls and iot vlans I would be so happy! I get hung up on that stuff.
I do try to keep mine simple. More down to cameras then guest networks for closed source unknow items.
I have one of these units. I recommend taking them apart and reapplying thermals before putting them on load. Sometimes (mine did this) they will crash because of bad application of thermal pads and thermal paste.
I have heard of that. I did add the cpu temps to my dashboard and I haven't seen any issues just yet.
@@digiblurDIY I ran proxmox on mine so had a couple things run on it and I do allot of heavy network traffic, so it adds allot of load.
I have mine virtualized, work perfectly.
Way to go Travis! Local lan converted to 2.5 months ago with 30/60 TB servers with NVME unleashed!!!
Oh hey!! Nice!! The want for more speed is always real but 2.5GbE should do me for now.
Bought a NUC with i225-v network controller and Pfsense didn't even recognize it. OPNsense worked with it flawlessly out of the box. Easy set up great video.
Awesome!! Thanks for watching and glad to hear you got things going!
That’s why i started with OPNSense, as there were more pfsense tutorials but pfsense didn’t recognise the NICs (i226). Been happy with OPNsense ever since
Thanks Travis.
Moved to opnsense from pfsense 7 months ago, running flawlessly so far 😃
Btw, I’m running it recklessly as vm 🫣
Ha! I was tempted, trust me, but I decided against angering OG and the Wife from me toying with it.
@@digiblurDIY I now man, I procrastinated about it for a year, I think you did the right thing, for me it was about saving power and why not utilise a single device!
I may love to regret it hehe 😜
You get power saving, all your VMs go through the virtual switches, and you protect the server as of its sitting behind the firewall 🤓
I've got two other machines to mess with for that. A NUC with a docker compose debian setup plus my unRaid server that has containers and VMs to toy with.
@@digiblurDIYyea that’s great, keep this as your production machine and create a virtual FW and use it for high availability , that’d be amazing setup, for that you’ll need one Nic for heart beat packets I think and switch to mirror all the interfaces in case of one device failure
been running pfsense for a little over a year, with my unifi switches. love this setup! nuked and repaved a month ago to take advantage of zfs boot environments on a single nvme drive.
Eventually I will switch to ZFS probably. Easy to just nuke and restore thankfully.
Hmmm, I thought that zfs is not that useful on single device?
@@drreality1 I used to think that too, until I started using it. boot environments!
I was under that impression as well and I thought I read that somewhere on a forum post but now I am finding conflicting info. I setup my test box with it and it seems fine. Makes sense after reading a few things more. Almost a must if you don't have a battery backup.
@@digiblurDIY I have a huge battery backup for my basement "wiring closet" (for years) with my synology nas's, a couple servers, main unify switch, and now boot environments on my router. Is there such a thing as too many backups? btw, my pfsense is running on my Protectli Vault FW2B - 2 Port, Firewall Micro Appliance/Mini PC - Intel Dual Core, AES-NI, 8GB RAM, 120GB mSATA SSD. It has been fine, but I have been hearing some things about questionable reliability. If I were to start over today, I would just buy an appropriate netgate appliance.
super helpful. thanks
Glad it was helpful!
Good video ! Glad yo moved to a proper firewall :).
Indeed! It is nice to be back!
really... REALLY... great choice going with OPNsense... we have to provide support and tutorials for companies and project that act with dignity. great video!
Thanks! Glad you enjoyed it.
Thank you for the video, I though about moving too.
You can do it!
I have the same setup, I use a 5v power adapter for that 12vdc cooling fan, more quiet.
It's a 5VDC fan with a 3 speed switch. It powers off the USB port of the device itself. Pretty quiet even on high but I just run mine on low.
A tutorial on vlan would be nice! Great video
On the table already! WOOT! :)
unetbootin! been a long time since I heard that one! Another one is ventoy, pretty cool one lets you throw a ton of isos on one usb stick
These boxes are great for running Proxmox, then a VM with your router distro of choice! Make sure to pass the NICs thru to the router OS!
I was tempted, trust me, but I decided against angering OG and the Wife from me toying with it.
I'm setting this up at the moment... proxmox to opnsense with passthrough. It is a pain to set up! how do you keep access to proxmox? do you set up a v bridge that you then pass to opnsense as a gateway that's not WAN? at the moment I use a usb ethernet dongle on such bridge to keep access to it all while i configure the other NICs... I'm getting lost tbh
@@skylinrg pass the NIC through to the vm using VT-d. Serve the home has a good article on this!
I set up a very similar opnsense router last month, I still haven't taken the time to switch over everything from my edgerouter though! I know it's going to take an entire day, and probably a few more hours of tweaking here and there to get it going. I just got my fiber upgrade though and need to take advantage of all that extra bandwidth.
Damn you sound just like me...
Cool Travis, I got mine setup. Will we be able to bring over the static IP reservations from the Edge router 4? I'm looking forward to the next video in this series. Thanks!
I don't know of a conversion tool. I did it manually. Copied the edgerouter contents to a notepad and then put them into Opnsense.
@@digiblurDIY Did you have to copy/paste the DHCP static leases in? Thanks
I edited the xml file and copied them in myself.
Great video, qq what are you using for your wifi?
Using some UniFi access points with this setup for now. I might eventually switch to something else as I'm not tied into any ecosystem for access points or switches.
More videos to come on advanced config and stuff? I need to get mine of these in order.
Yep! Going through some setup scenarios as this one was just to get started type deal.
I just bought the same firewall!
The one I bought has 2 NVME slots in it (I think they are both x1 slots though). I installed 2 Intel Optane 16gb NVME drives in it, and running ZFS mirror for redundancy.
Mine is idling at like 70*C though, I need to take it apart and see if there is a problem with the thermal contact with the heatsink...
Ahh.. Yes. I have seen that one and you needed an adapter type deal between the two drives. How are you liking it so far?
@@digiblurDIY it uses a little adaptor board to use the 2240 slot usually reserved for WiFi chips. I really like it, I wish that they made them 1u height because it's replacing a Dell R210 II that has been running 24/7 since...2012.
But other than the form factor, I love the 2x NVME drive feature, I love that it has 2.5g ethernet (though only a few 2.5g switches exist right now), and I love that it uses a DC power brick so I can swap it out if I have PSU issues.
Have yet to put it into production but I might do that this weekend
The Intel Optane M10 16gb drive is also awesome. They only cost $20 and have 360tb of write endurance. That's more than most 1tb NVME drives. For Pfsense it works great due to all the logging
I have seen some 1U setups but they are pretty expensive compared to these.
got a question for you friend do you cover any of your videos? troubleshooting zigbee networks at the advanced level. diagnosing repeaters etc. also, have you covered any of your videos upgrading the firmware on in devices and where to get those firmware to do so?
I do cover Zigbee2mqtt installs and such and pairing things combined with making sure your network is setup properly. The firmware upgrades happen inside of Zigbee2mqtt with just a click of a button.
Hey can you make a video on virtualizing the FW on these boxes and do performance tests comparing it to without virtualization? ESXi preferred
Not something I plan on doing since my router is super critical to my infrastructure and needs to be bare metal.
@@digiblurDIY 👍
I've done that too, run so much better on OPNsense.
Loving it. I ran it a couple years ago but had to switch due to some hardware issues. So glad to be back on some solid hardware.
Thanks for this video. Please let us know the throughput with the fiber connection installed please. Is your ISP using DHCP or PPPoE for the access configuration?
They just use a DHCP. I am using a xgs-pon to 10GbE box. I have their 2GbE service. The clip showing the 2300'ish mbit speed test in the thumbnail and the first 30 seconds or so of the video are actually done through the Opnsense router.
@@digiblurDIY Thanks. Just DHCP is fine, lucky you. German ISPs use PPPoE, a bottleneck in FreeBSD. That's why I'm asking.
Not so lucky. We have to do this weird bypass as they force us into their gateways but luckily some smarter people than I figured out how to bypass it until they figure out how to shut us down back to their gateway.
Their listing didn’t show it that I seen. What’s the max RAM with the two slots?
According to specs I found it is 32 gig via two sticks.
I've been trying to do just this but utilize a VM on my Proxmox host but have ran into some issues having my NIC passed through to the OPNSense VM. My Starlink and Ubiquiti USG don't play that well together.
I looked into doing Proxmox or some sort of virtualization on the box to double utilize the thing but after reading about issues and such I opted to go bare metal for reliability given it is my router and has to work.
Don’t have an issue here with proxmox , instead of passing the nic , pass the interface and that’s it
Don’t forget proxmox is Linux which is up to date with drivers
However, opnsense/pfsense is BSD
I had issues as well but worked them out. This depends on the cpu and motherboard pcie lanes,how they are laid out.
@@user-jm8ho2hy8g that’s true, multiple variables to be content with.
I’m glad that you got it sorted, it makes sense if you gonna have a pc that’s running 24/7 to be your firewall as well rather than another pc next to it, knowing that it introduces complexity that hypervisor may produce!
I am exactly at this stage but I decided to put opnsense inside proxmox. Why?
1- dns is on pihole - also in proxmox
2- dhcp is on pihole - also on proxmox
3- this machine is already with battery backup
so there is no reason to keep firewall on separate/dedicated hardware, especially that my proxmox has 16 cpu and 64gb of ram - more than enough for every VM or container I can imagine ;)
and if my proxmox is down, my everything is down anyway - in such emergency case simply reconfiguring the routers to be again dhcp is enough to restore connectivity in the house
did I miss anything?
It is your setup to support and run so if you aren't missing anything than roll right on.
hi Travis, does this device accommodate WIFI 6e?
No wifi on the this device unless you put a WiFi 6e card on it. Especially with 6e I would go with external access points to get them closer to the users.
He uses it as a router/firewall not a wifi router …
What about the power consumption of the device?
I've been able to average around 10 watts or so without any tweaks but digging around a little bit I was able to get it down to 6-7 watts with some tweaks on my test box. I do want to test more with a loaded box to see the wattage and make sure it doesn't impact performance by much.
I found Ubiquiti to be unfathomable running the controller on a PC. I bought replacement TP-link Omada kit on a trip to New York from the UK and it works much more predictably.
For routers I've never been a fan of Unifi with the controller thing. The Edgerouter didn't require the controller as it had SSH and GUI. I just needed a little more and there wasn't much in the Edgerouter line I could do so switching to open source was the way.
How’s your experience with opnsense so far?
It is still here. The wife hasn't complained once about it so....
Loving it.
@@digiblurDIY hahaha, very sensible benchmark, what services/ plugins are using with it?
What's a homelab without insanely over-the-top hardware configurations? :D
Exactly! I did go just 8GB on my test one but it should be fine as that is overkill anyways to test a few things.
More opnsense plz. I went ubiquiti to pfsense and its ok but not great for the novice homelab weekend warrior
Will do as I should have followed up with the second part by now of some simple vlans and rules stuff.
Could this run Blue Iris instead of routing software?
Yes it does have iGPU on it to help
What is the consumption of electricity?
Averaging around ten watts but was able to get my test model down to 6 to 7 watts but not loaded. Curious to see how the tweaks do on the production one.
@@digiblurDIY This is less then my asus AX11000 😜
hi , we can build our own switch from open source software?
Not sure I've seen that but why not?
how to do that? any video or open source software@@digiblurDIY
For those looking for an excuse to justify the expense to buy one of these to the wife/gf the ability to use dual wan connections (backup) is worth it.
I might need that dual wan deal. The clowns came to bury my new fiber line and cut the damn thing. It's going to be 2 days until they come fix it. Luckily I still had my cable modem activated.
Don't forget to enable all C-states. 😉
Will definitely be going through and checking on any power savings, tweaks etc and will keep this one in mind.
Just checked and all enabled. Good tip!
switch one toy to another toy
Yes