Introduction
A firewall is a vital component of any network security strategy, serving as a gatekeeper between your home lab’s internal network (LAN) and the wider internet (WAN). By monitoring and controlling the flow of network traffic based on predetermined security rules, it ensures that unauthorized access is blocked while legitimate traffic is allowed through. In this setup, OPNsense—a powerful, open-source firewall and routing platform—can significantly enhance your network’s security and performance. For a deeper understanding of the importance of firewalls and what makes OPNsense a standout choice, be sure to check out our detailed guide on firewalls and OPNsense.
Setting up OPNsense is a straightforward process that requires a few key pieces of hardware and software. Let’s dive into what you’ll need to get started.
Choosing the Right Hardware for OPNsense
- USB Flash Drive: You’ll need at least a 4GB drive to load the OPNsense installation image.
- Ethernet Cables: we will need Two cables— one for connecting your motherboard to the network, and another for the LAN connection.
- Internal Storage Media: Opt for an NVMe SSD or SATA SSD, with at least 32GB of space, to ensure fast boot times and reliable performance.
- RAM: A minimum of 4GB is necessary to run OPNsense smoothly.
- Low-Power Motherboard: Energy efficiency is key when selecting a motherboard for OPNsense. Basic firewall tasks aren’t particularly CPU-intensive, so prioritize low power consumption over processing power. If your motherboard has only one LAN port, consider adding a LAN card to separate WAN and LAN connections. Intel Celeron processors, like the J1800, J1900, N100, or N150 series, paired with Intel LAN cards, are ideal for their compatibility and low power usage. Since OPNsense operates 24/7, these components help maintain efficient performance.
- Power Supply: Choose a Bronze 80+ certified PSU to ensure energy efficiency, which will save on electricity costs over time.
Hardware Setup
For this tutorial, we’re using the Gigabyte GA-J1800N-D2H motherboard. This board comes equipped with a J1800 Celeron CPU, a gigabit Ethernet port, and a TDP of just 10W, making it an excellent choice for a low-power, energy-efficient setup.
- SSD: A 128GB SSD will serve as the primary drive for the OPNsense installation.
- RAM: 4GB of DDR3 RAM ensures smooth performance during installation and operation.
- LAN: We’ll use the motherboard’s internal Ethernet port as the WAN interface (for your internet connection).
- PCIe Network Cards: We’re adding two PCIe network cards to provide two additional Ethernet ports. One will be used for the LAN interface, and the other will be reserved for future expansion (more on that in a later post).
- PSU: Any Power Supply Unit will work, just choose 80+ bronze for efficiency, I have chosen an Artis VIP250 250W SMPS psu.
- Cabinet: You can use any small form factor cabinet, a 2U rack mount chassis is recommended for better aesthetics and easier management. and If you’re a DIY enthusiast, consider building your own case—check out my post on creating a custom chassis, complete with free CAD files.
Connecting WAN and LAN Network Cables
Now that your hardware is set up, it’s time to connect your network cables.
- Selecting Network Ports:
- LAN (Local Area Network): Use the inbuilt LAN port on your OPNsense router.
- WAN (Wide Area Network): Use one of the PCIe LAN cards installed in your OPNsense router.
- Connect LAN Cable:
- Plug one end of an Ethernet cable into the inbuilt LAN port on your OPNsense router.
- Connect the other end to a network switch or directly to a computer for initial setup.
- Connect WAN Cable:
- Connect one end of another Ethernet cable into one of the PCIe LAN card ports designated for WAN.
- Connect the other end of this cable to your internet source, such as a modem or ISP router.
- Verify Connections:
- Ensure that all cables are securely connected and that the link lights on the ports are active, indicating a proper connection. Take note of this configuration; you’ll need it for the next steps.
With the hardware set up and network cables connected, you’re ready to move on to the installation of OPNsense. Continue to the next page for a detailed installation guide.