How to install and configure OPNSense firewall

You can download this article in PDF format to support us through the following link.

Download the guide in PDF format

turn off


Introduction to OPNSense

OPNSense started from pfSense® and m0n0wall in 2014 and was officially released in January 2015. It is an open source, easy to use and easy to build Hardened BSD firewall and routing platform.

OPNSense contains most features, where you will find cheap commercial firewalls and more. Even though the project is developing rapidly, it still retains familiar aspects of m0n0wall and pfSense as much as possible. The reason for the development of the project is its high focus on security and code quality.

On the OPNSense website, the following are the core functions provided by the firewall:

OPNsense core functions

  • Traffic shaper
  • Two-factor authentication for the entire system
  • Exclusive portal
  • Forwarding cache proxy with blacklist support (transparent)
  • Virtual private network (site-to-site and road administrators, IPsec, OpenVPN and legacy PPTP support)
  • High availability and hardware failover (with configuration synchronization and synchronization status table)
  • Intrusion detection and prevention
  • Built-in reporting and monitoring tools, including RRD graphs
  • Netflow exporter
  • Network traffic monitoring
  • Support plugin
  • DNS server and DNS forwarder
  • DHCP server and relay
  • Dynamic DNS
  • Encrypted configuration backup to Google Drive
  • Status check firewall
  • State table granularity control
  • 802.1Q VLAN support

“Take a person who does not score, does not want to become richer or is not afraid of losing, or even has no interest in his character: he has freedom.” —Jalal Arden Dan Mohamed Rumi

Step 1: Download OPNServer

Go to the “OPNServer Download” page and get a copy there. Choose your architecture, such as image type ISO Standard The mirror is close to you and can be downloaded faster.

After downloading the OPNServer file, please use to unzip bunzip2 As follows.

bunzip2 -d OPNsense--OpenSSL-dvd-amd64.iso.bz2  

After that, your ISO file should be ready.

Step 2: Install OPNSense

You can install OPNServer on a dedicated server or in a virtual machine environment. You will need at least two network interfaces. One for LAN connection and the other for WAN.

After booting the ISO image, the OPNSense installation will begin. In the first window, select the type of installation.

Click “Okay, let’s go“Start installing OPNSense.


Select the type of installation. Adopt ”Guided installation“Simple settings, or advanced installation manually. Other options apply to existing installations.


Select the disk where you want to install OPNSense.


Wait for the installation to complete.


Set the root password OPNSense firewall device.


After the installation is complete, reboot the server to start the OPNSense configuration.


After restarting, log in with username root And password feel


Step 3: OPNSense distribution interface

After restarting OPNSense, the system will display “Option“Page, as shown in the figure below, where you can start configuration.


We will assign the interface as option 1


em0 It is the default interface in OPNSense. After assigning it as WAN, you can continue to set the interface IP address (option 2). you can choose dhcp Or you can enter the IP manually


Perform the same operation on the second interface.

Step 4: Start OPNSense WebGUI

After assigning an IP for you or manually setting an ip, you can continue to start the OPNSense Web GUI with the following IP address:



Enter the user name root and password as the user name you set during the installation process.

Step 5: Initial OPNSense configuration


After logging in to the web interface, you are now free to perform any configuration you wish. From firewall, VPN, security to all other ways. You can go to its “Documents” page and explore access methods.

Thank you for reading through. In the following guide, we will introduce different configuration options of OPNSense. Subscribe to our newsletter to stay in touch and stay in touch. Before that, check out other firewall-related guidelines on our blog.

Configure Cpanel Firewalld on CentOS 7

Install and use Firewalld on Ubuntu 18.04 / Ubuntu 16.04

Zimbra firewall configuration using ufw (for Ubuntu) and firewalld (for CentOS)

You can download this article in PDF format to support us through the following link.

Download the guide in PDF format

turn off