Book Image

OPNsense Beginner to Professional

By : Julio Cesar Bueno de Camargo
5 (1)
Book Image

OPNsense Beginner to Professional

5 (1)
By: Julio Cesar Bueno de Camargo

Overview of this book

OPNsense is one of the most powerful open source firewalls and routing platforms available. With OPNsense, you can now protect networks using features that were only previously available to closed source commercial firewalls. This book is a practical guide to building a comprehensive network defense strategy using OPNsense. You’ll start with the basics, understanding how to install, configure, and protect network resources using native features and additional OPNsense plugins. Next, you’ll explore real-world examples to gain in-depth knowledge of firewalls and network defense. You’ll then focus on boosting your network defense, preventing cyber threats, and improving your knowledge of firewalling using this open source security platform. By the end of this OPNsense book, you’ll be able to install, configure, and manage the OPNsense firewall by making the most of its features.
Table of Contents (25 chapters)
1
Section 1: Initial Configuration
6
Section 2: Securing the Network
13
Section 3: Going beyond the Firewall

DHCP relay

While using a remote DHCP server (on another network segment), the DHCP relay service will need to be configured. This is required because the DHCP protocol works using broadcasting requisitions on the network, and as we already know, the broadcast domain is limited to the same network in which the hosts reside. OPNsense supports both DHCPv4 and DHCPv6 relaying.

Important Note

The DHCP relay service can only be used on an interface that has the DHCP server disabled.

To start configuring the DHCP relay service, go to Services | DHCPv4 | Relay or Services | DHCPv6 | Relay for the IPv6 protocol.

For both IP protocol versions, v4 and v6, the configuration options are the same. Here are descriptions of each one:

  • Enable: Check this option to enable the DHCP relay service.
  • Interface(s): Select each interface to be configured as the relaying service.
  • Append circuit ID: Check this option to add a circuit ID—which means the OPNsense interface number...