# OpnSense Notes

Here’s a collection of notes and details for the house router setup.

### Build<button aria-hidden="true" class="cc-1r0b9w7" data-testid="anchor-button" type="button"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

Software: OpnSense 24.7.4\_1

Hardware: Gigabyte H97N-Wifi motherboard

Processor: Intel i5-4460

### Setup<button aria-hidden="true" class="cc-1r0b9w7" data-testid="anchor-button" type="button"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

Base setup was done following this article: [https://homenetworkguy.com/how-to/set-up-a-fully-functioning-home-network-using-opnsense/#unbound-dns-general](https://homenetworkguy.com/how-to/set-up-a-fully-functioning-home-network-using-opnsense/#unbound-dns-general "https://homenetworkguy.com/how-to/set-up-a-fully-functioning-home-network-using-opnsense/#unbound-dns-general")

Dynamic DNS Setup is here: [https://oga.atlassian.net/wiki/spaces/~311198967/pages/234848257/OpnSense+DynDNS+Setup](https://oga.atlassian.net/wiki/spaces/~311198967/pages/234848257 "https://oga.atlassian.net/wiki/spaces/~311198967/pages/234848257")

It’s a good guide on how to add a new VLAN and associated interface.

### Network Ports<button aria-hidden="true" class="cc-1r0b9w7" data-testid="anchor-button" type="button"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

Here’s a picture of the backside of the router, showing ports and connections:

[![image.png](https://wiki.galaxydump.com/uploads/images/gallery/2025-03/scaled-1680-/5f9H6GnBGyiaEZAp-image.png)](https://wiki.galaxydump.com/uploads/images/gallery/2025-03/5f9H6GnBGyiaEZAp-image.png)

<div class="rich-media-item mediaSingleView-content-wrap image-center cc-1vkpcxj" data-layout="center" data-node-type="mediaSingle" data-renderer-start-pos="617" data-width="633" data-width-type="pixel" id="bkmrk--1"><div class="cc-1xy1ngf">  
</div></div>Here’s the list of used connections:

<div class="pm-table-container with-shadow-observer" data-layout="custom" id="bkmrk-logical-service-conn"><div class="pm-table-wrapper"><table data-layout="default" data-number-column="false" data-table-width="760" data-testid="renderer-table"><colgroup><col></col><col></col><col></col></colgroup><tbody><tr><th aria-sort="none" class="ak-renderer-tableHeader-sortable-column__wrapper" colspan="1" data-colwidth="118" rowspan="1">**Logical**

</th><th aria-sort="none" class="ak-renderer-tableHeader-sortable-column__wrapper" colspan="1" data-colwidth="288" rowspan="1">**Service**

</th><th aria-sort="none" class="ak-renderer-tableHeader-sortable-column__wrapper" colspan="1" data-colwidth="351" rowspan="1">**Connection**

</th></tr><tr><td colspan="1" data-colwidth="118" rowspan="1">WAN (em0)

</td><td colspan="1" data-colwidth="288" rowspan="1">Incoming internet connection.

</td><td colspan="1" data-colwidth="351" rowspan="1">Connects directly to fiber transceiver

</td></tr><tr><td colspan="1" data-colwidth="118" rowspan="1">Spare (em1)

</td><td colspan="1" data-colwidth="288" rowspan="1">Spare port

</td><td colspan="1" data-colwidth="351" rowspan="1">NA

</td></tr><tr><td colspan="1" data-colwidth="118" rowspan="1">Spare (em2)

</td><td colspan="1" data-colwidth="288" rowspan="1">Spare port

</td><td colspan="1" data-colwidth="351" rowspan="1">NA

</td></tr><tr><td colspan="1" data-colwidth="118" rowspan="1">LAN (em3)

</td><td colspan="1" data-colwidth="288" rowspan="1">Untagged LAN traffic.

</td><td colspan="1" data-colwidth="351" rowspan="1">Connects to switch, SW20, port 8.

</td></tr><tr><td colspan="1" data-colwidth="118" rowspan="1">Trunk (em4)

</td><td colspan="1" data-colwidth="288" rowspan="1">VLan tagged traffic from main switch.

</td><td colspan="1" data-colwidth="351" rowspan="1">Connects to switch, SW20, port 1.

</td></tr><tr><td colspan="1" data-colwidth="118" rowspan="1">Mgmt (re0)

</td><td colspan="1" data-colwidth="288" rowspan="1">Management access from VLAN60.

</td><td colspan="1" data-colwidth="351" rowspan="1">Connects to switch, SW20, port 16.

</td></tr></tbody></table>

</div><div class="pm-table-sticky-scrollbar-container">  
</div></div>### Web UI Access<button aria-hidden="true" class="cc-1r0b9w7" data-testid="anchor-button" type="button"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

The UI is available on the LAN interface at: [https://192.168.1.1](https://192.168.1.1/ "https://192.168.1.1")

The LAN interface is LAN3 (em3), which is the bottom port on the 4-port NIC.

### Locked out of Web GUI<button aria-hidden="true" class="cc-1r0b9w7" data-testid="anchor-button" type="button"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

If you ever get locked out of the web interface, open an ssh session to the router, and issue this:

`configctl webgui restart renew`

Taken from here: [https://docs.opnsense.org/troubleshooting/webgui.html](https://docs.opnsense.org/troubleshooting/webgui.html "https://docs.opnsense.org/troubleshooting/webgui.html")

### Speed Test

Installed speed test plugin from here: [https://github.com/mimugmail/opn-repo](https://github.com/mimugmail/opn-repo)

This requires opening an SSH session to the router, and running this line (taken from the GitHub page):

```bash
fetch -o /usr/local/etc/pkg/repos/mimugmail.conf https://www.routerperformance.net/mimugmail.conf
pkg update
```

Once installed, open OpnSense and navigate to available plugins.

Locate the added plugin called: os-speedtest-community, and install it.

Once installed, you can open it from here:

[![image.png](https://wiki.galaxydump.com/uploads/images/gallery/2025-05/scaled-1680-/I07AtrsQCX8x5V00-image.png)](https://wiki.galaxydump.com/uploads/images/gallery/2025-05/I07AtrsQCX8x5V00-image.png)