OPNsense Transparent Filtering Bridge

A frequently requested guide on how to create a transparent filtering bridge in #OPNsense! A transparent filtering bridge allows you to use OPNsense purely as a firewall on your network using your existing network hardware. Because a transparent filtering bridge is physically inserted between 2 devices on your network, you can place the filtering bridge in multiple areas of your network where you decide you want the additional security protections. In this video, I demonstrate how to set up a dedicated management interface in OPNsense that is not a part of the bridge so that you do not have to worry about getting locked out of the OPNsense web UI. It will allow you to freely change the configuration of the bridge without concern of losing access. I personally like having dedicated physical interfaces for management purposes on a number of devices on my network, which is why I am showing how you can also do the same in this guide.. Because of the desire for a dedicated physical interface for management, you will need a device with at least 3 network interfaces to complete this guide. I am using the Gowin R86S since it has 3 2.5Gbps interfaces so it will work well in this scenario (even with Zenarmor enabled, it can still push nearly 2 Gbps of throughput with the Intel N5105 CPU-- with a stronger CPU you can get more throughput). I perform a couple of tests along the way to ensure that the bridge is working properly and to ensure the security protections are actually blocking the intended traffic. This is important to ensure that you do not have a false sense of having increased security on your network. Affiliate links: Grandstream GWN7811P L3 switch: https://amzn.to/3CqJFAs Grandstream GWN7664E AP: https://amzn.to/4hJLBUI Gowin R86S-P2: https://s.click.aliexpress.com/e/_Ddx... ZimaBoard 832: https://amzn.to/3UIeuqj Non-affiliate links: Grandstream GCC6010 convergence device: https://www.ipphone-warehouse.com/gra... Grandstream GWN7811P L3 switch: https://www.ipphone-warehouse.com/gra... Grandstream GWN7664E AP: https://www.ipphone-warehouse.com/gra... Gowin R86S-P2: https://www.gowinfanless.com/uncatego... JetKVM: https://jetkvm.com/ Chapters: 00:00 Introduction 00:29 What is a transparent filtering bridge? 00:42 Location of a transparente filtering bridge 01:59 Dedicated physical management interface 02:52 Hardware that has 3+ physical interfaces 03:50 Overview of steps in this guide 06:39 Example existing network 07:06 Setting up the bridge device 07:30 Installing OPNsense 09:34 Plug PC into bridge device 10:03 Log into OPNsense 10:29 (Optional) Changing the LAN IPs 13:32 Create management interface (MGMT) 15:28 Create firewall rule on MGMT 17:30 Connect MGMT & PC to existing network 17:56 Testing the new management interface 18:41 Setting up the bridge interface 18:57 Disable outbound NAT 19:15 Change the system tunables 20:39 Create the bridge interface 21:47 Remove bogon/private network blocks on WAN 22:08 Disable DHCP on the LAN interface 22:30 Skipping steps on official OPNsense guide 23:27 Set IP config type to "None" 24:30 Create firewall rule on the bridge 25:22 Connecting & testing the bridge 26:37 Testing a firewall rule on the bridge 28:26 Setting up Internet access for OPNsense 31:44 Update OPNsense 32:05 Installing Zenarmor 35:47 Testing Zenarmor 38:43 Setting up intrusion detection (Suricata) 43:33 Note about Suricata & Zenarmor 44:08 Other plugins & protections are available EP60 Join this channel to get access to perks:    / @homenetworkguy