20250429 push notes
This commit is contained in:
Petar Cubela
50
archive/radiochemie/opnsense-on-sophosHW-intro.md
Normal file
50
archive/radiochemie/opnsense-on-sophosHW-intro.md
Normal file
@@ -0,0 +1,50 @@
|
||||
## Goals
|
||||
|
||||
- 2x WAN - 1 external and 1 internal (GA-Network)
|
||||
- Static Routing via WANlrz for BACnet SW
|
||||
- 1x LAN - `10.52.12.0/24`
|
||||
|
||||
## Facts
|
||||
|
||||
### WAN
|
||||
|
||||
> **Note:** Such a setup requires extended considerations and settings which is discussed in [[opnsense-on-sophosHW-multi_wan]].
|
||||
> WANpub will be the primary WAN port
|
||||
> WANlrz is temporarily used for the BACnet software and will be disabled after 2-4 months. The Campus-GA network will in future only be reachable by vpn.
|
||||
|
||||
#### External WAN
|
||||
(primary WAN, in future ga netz ueber vpn)
|
||||
|
||||
- Network: `129.187.9.243/29`
|
||||
- Gateway: `129.187.9.246`
|
||||
- DNS Server: `129.187.104.5` (How reachable?)
|
||||
|
||||
#### Second WAN
|
||||
|
||||
- `192.157.165.50/24` (Campus GA-Netz, for BACnet SW. 2-4 Months living)
|
||||
|
||||
### LAN
|
||||
|
||||
- Interne Netzwerke(20241208):
|
||||
- `10.52.12.0/24` Hauptgebäude GA (VLAN12)
|
||||
- `10.52.50.0/24` GA-Netz (VLAN50)
|
||||
- Interne Netzwerke(20241216):
|
||||
- `10.52.12.0/24` LAN
|
||||
|
||||
### Port Forwarding
|
||||
|
||||
- BACnet `47808/udp`
|
||||
|
||||
### OpenVPN
|
||||
|
||||
- Set up for access to GA network
|
||||
|
||||
### Location
|
||||
|
||||
- FRM Versorgungsgebaeude
|
||||
|
||||
|
||||
## Vor Ort Einsatz
|
||||
|
||||
- port forwarding in both direction to second esxi nic
|
||||
- <https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-transparent-filtering-bridge-on-opnsense>
|
||||
Reference in New Issue
Block a user