Welcome to the Home Network Guy forum!
Started by JiveTalking, August 28, 2021, 05:06:26 PM
QuoteInstead of having a separate switch in each room, you could have one switch in your closet. However, it means you would need to run an Ethernet drop for each device in all the rooms. It is easier to manage to have 1 centralized switch, but if your house isn't wired and you aren't willing or able to run more wires, the approach you are taking will work also!
QuoteFor testing purposes, you could mimic that allow all rule in your em2 interface to see if you can get access to the Internet. If that works, then you can work on locking down access between your interfaces. If you don't use VLANs, the configuration will be more simple but if you plan to setup VLANs, you have to set them up on the interfaces in OPNsense and your network switches. You also have to be careful not to lock yourself out when changing the VLANs on your switch/OPNsense. You will need to be connected to a port that's not on the VLAN you are trying to set up (VLAN 1 is a safe default since that is untagged traffic).
QuoteIf you don't feel comfortable with creating aliases, you could create 2 block rules
QuoteRepeat the process for the other 2 interfaces. You could always try accessing a device on each network to make sure everything is blocked properly.