50 lines
1.2 KiB
Markdown
50 lines
1.2 KiB
Markdown
## Goals
|
|
|
|
- 2x WAN - 1 external and 1 internal (GA-Network)
|
|
- Static Routing via WANlrz for BACnet SW
|
|
- 1x LAN - `10.52.12.0/24`
|
|
|
|
## Facts
|
|
|
|
### WAN
|
|
|
|
> **Note:** Such a setup requires extended considerations and settings which is discussed in [[opnsense-on-sophosHW-multi_wan]].
|
|
> WANpub will be the primary WAN port
|
|
> WANlrz is temporarily used for the BACnet software and will be disabled after 2-4 months. The Campus-GA network will in future only be reachable by vpn.
|
|
|
|
#### External WAN
|
|
(primary WAN, in future ga netz ueber vpn)
|
|
|
|
- Network: `129.187.9.243/29`
|
|
- Gateway: `129.187.9.246`
|
|
- DNS Server: `129.187.104.5` (How reachable?)
|
|
|
|
#### Second WAN
|
|
|
|
- `192.157.165.50/24` (Campus GA-Netz, for BACnet SW. 2-4 Months living)
|
|
|
|
### LAN
|
|
|
|
- Interne Netzwerke(20241208):
|
|
- `10.52.12.0/24` Hauptgebäude GA (VLAN12)
|
|
- `10.52.50.0/24` GA-Netz (VLAN50)
|
|
- Interne Netzwerke(20241216):
|
|
- `10.52.12.0/24` LAN
|
|
|
|
### Port Forwarding
|
|
|
|
- BACnet `47808/udp`
|
|
|
|
### OpenVPN
|
|
|
|
- Set up for access to GA network
|
|
|
|
### Location
|
|
|
|
- FRM Versorgungsgebaeude
|
|
|
|
|
|
## Vor Ort Einsatz
|
|
|
|
- port forwarding in both direction to second esxi nic
|
|
- <https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-transparent-filtering-bridge-on-opnsense> |