I replaced my ISP router with OPNsense months ago, and I don't regret it at all
OPNsense can also be fairly simple to set up if you go with the basics (like most home routers offer). But the great thing is you can also deep dive into it and setup separated VLANs and masses of tweaks and rules.
What you need to know, though, is that you will need to run it on a separate piece of hardware (just like you'd have bought a router device) and ideally you'd want at least 4 Ethernet ports on it. The minimum is really two ports (a WAN port and a LAN port).
My OPNsense device is a Protectli with 4 ports. One is a WAN port, and I have reserved another for a LAN port, and I have the remaining two ports connected as a LAGG interface to my main switch (so it has dual links for load balancing and redundancy). But again, you don't to do this either if you want to keep it simple.
What I still want to explore with mine, is using the Haproxy plugin to do my reverse proxying directly on the OPNsense device, instead of in a container on my server. This will mean that some traffic destined for my OpenWebRx device can flow directly from the router through the main switch and to the OpenWebRx device (instead of via the server and then back through the main switch).
OPNsense (and PFsense) does mean total control in your hands, and also ongoing updates and patches for many many years...
See
I replaced my ISP router with OPNsense months ago, and I don't regret it at all
I took the plunge a while ago, and OPNsense is fantastic.
#
technology #
opensource #
security #
routers
