Hi,
I have a Balance 20X and it has been providing DDNSto to facilitate remote access with OpenVPN to an isolated vlan with a NAS, OpenVPN outbound, managed all my vlans and it’s been great.
I’ve now bought a B One (so I can use the B20X elsewhere) and I hope to use the B One with an Opnsense firewall to offload some of the peplinks responsibilities whilst gaining wireguard, unbound dns and just to experiment and learn more.
This is a basic view of what I have (sorry, i do not have a design program)
I’d like to keep most of my network the same - let the peplink manage the trunks to the switches, vlans and subnet isolations and rules, perform DHCP for the lans etc
But now I would like to pass the outbound internet traffic to the Opnsense firewall.
Using outbound policy to direct the traffic through the 2 WAN connections from the B One - one for a no vpn internet connection and the other for VPN (eg enforce guest vlan to use the WAN that is connected to the opnsense port that is designated / configured for a no VPN connection to the internet)
A very basic picture of what I want to do in principle is this
So the opnsense firewall handles wireguard vpn, remote access to an isolated vlan nas, and performs DNS and IDS/IPS and NAT
The problem is that I have not configured multiple router setups before and opnsense is also taking a bit of familiarisation.
Is this possible?
Can anyone advise on the settings that I need to implement for my B One WAN connections please?
Do I just assign a static IP for the direct connections between routers, change routing mode from NAT to IP Forwarding? Do I select “use default lan ip address for for internal services traffic”?
Do I need to add any static routes or gateways in the Network tab or elsewhere?
And then some config in the opnsense? Static routes for each subnet/vlan that I have behind the B One?
Any help and/or suggestions is greatly appreciated