Skip to content

VLAN Firewall Interface Configurations

Work Completed

On this date, the following was completed:

  • Re-worked tasks layout for OPNSense role so that it works off an abstraction that lays out functionality for generating internal (inside) networks. While alot of the functionality is still in progress, this new layout will allow us to utilize a single loop to build each VLAN, it's associated firewall interface, and it's associated DHCP and DNS configurations all in one go (rather than multiple loops).

  • Added functionality to map created VLANs to firewall interfaces. This is so rules can be setup for traffic filtering down the road.

Current Status / Next Steps:

Going forward, I will be doing the following:

  • Modifying the VLAN configurations so that changed mode can be accurately represented.
    • Note: Specifically, for cases in where changes to sub elements in XML aren't shown because the parent doesn't exist yet.
  • Re-visiting the current DHCP configuration in the production environment and determining whether changes need to be made. This is the case as the current DHCP configurations are utilizing ISC for the DHCP server and OPNSense recommends DNSMASQ.
    • If changes need to be made for use, I will work to implement them in the GNS3 virtual environment. Once I've learned how to configure them, I will add those configurations as tasks to the workbooks.