Le Goût du Libre

User Tools

Site Tools

Trace:
opnsensegettingstartedandmaintenance

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
opnsensegettingstartedandmaintenance [2025/11/06 11:57] – created Fabián Rodríguezopnsensegettingstartedandmaintenance [2025/11/07 13:59] (current) – [Essential Steps After a Fresh Install] Fabián Rodríguez
Line 9: Line 9:
     * Define hostname (e.g. `router.home`) and local domain if needed     * Define hostname (e.g. `router.home`) and local domain if needed
  
-  * Go to **System → Settings → Time**: +  * Check for firmware updates (see below under Maintenance)
-    * Enable NTP sync with reliable servers (e.g. `0.ca.pool.ntp.org`)+
  
   * Go to **System → Access → Users**:   * Go to **System → Access → Users**:
-    * Change the password for the `admin` account+    * Change the password for the `root` account
     * Optionally create a new user with limited privileges     * Optionally create a new user with limited privileges
  
-  * Go to **Interfaces → Assignments**: +  * Configure Internet accerss go to **Interfaces → [WAN]**:
-    * Confirm WAN and LAN mappings +
- +
-  * Go to **Interfaces → WAN**:+
     * Configure PPPoE, static IP, or DHCP depending on your ISP     * Configure PPPoE, static IP, or DHCP depending on your ISP
  
-  * Go to **Services → DHCP Server**: +  * Configure your LAN : go to **Services → ISC DHCPv4 [LAN]**: 
-    * Enable DHCP on LAN +    * Check **Enable DHCP server on the LAN interface** 
-    * Configure static leases if needed+    * Configure static leases if needed, by going to the **DHCP Static Mappings for this interface** (click **+**).
  
   * Go to **Services → Unbound DNS → Blocklist**:   * Go to **Services → Unbound DNS → Blocklist**:
-    * Add blocklists (e.g. StevenBlack’s hosts) to filter ads, malware, and adult content +    * Add blocklists under **Type of DNSBL** (e.g. AdGuard List, Steven BlackList) to filter ads, malware, and adult content 
- +    * Whitelist domains 
-  * Go to **Firewall → Rules → LAN**: +    * Enable **Advanced mode** to add custom URLs of Blocklists 
-    * Allow outbound traffic by default + 
-    * Optionally block private IP ranges or sensitive ports +
- +
-  Go to **Firewall → Rules → WAN**: +
-    * Block all unsolicited inbound traffic +
   * Go to **System → Settings → Administration**:   * Go to **System → Settings → Administration**:
     * Enable SSH access if needed     * Enable SSH access if needed
Line 42: Line 33:
   * Go to **System → Configuration → Backups**:   * Go to **System → Configuration → Backups**:
     * Download encrypted configuration file manually     * Download encrypted configuration file manually
-    * Set up automated backups to Google Drive or Nextcloud+    * Set up automated backups to online or offline
  
 ==== OPNsense recommended maintenance tasks ==== ==== OPNsense recommended maintenance tasks ====
opnsensegettingstartedandmaintenance.1762459034.txt.gz · Last modified: by Fabián Rodríguez