I have installed opnsense on a pc to use as my business firewall where do I put this in my network
Do I put it just off of a port on my switch or do I need a 2 port ethernet card and plug the internet into one and my router into the other?
Asked
Active
Viewed 1,256 times
1 Answers
3
A firewall is only useful if connections actually go through it. It'll do nothing at all if it just dangles off a single switch – it cannot somehow "attract" traffic1, all your client devices will just continue to directly talk to the router/gateway.
To work properly, the firewall needs to have separate connections for "outside" and "inside", i.e. it needs to sit between the Internet and the LAN. This usually means two Ethernet ports – one from your ISP connection, one to your LAN switch.
But it is possible to use two VLANs over a single Ethernet port (also known as "on a stick" configuration), although your switch must also support VLAN tagging and it won't necessarily provide as good performance as separate physical ports would.
1 (Except by using ARP spoofing, and yes, I've heard of one or two "plug and play" firewall products which do exactly that, but... I would not want to use a security product that is literally performing an attack against the network.)
u1686_grawity
- 426,297
- 64
- 894
- 966
-
Thanks but do I just add another network card to by pc and then plug that into by switch in put??? will opnsence work like that or is will that not work?? – lucaslah Mar 05 '20 at 05:32
-
Hi I ended up getting it to work – lucaslah Jun 01 '20 at 12:59