Initial Configuration

After successfully installing OPNSense, you'll need to perform some initial configuration to get your firewall operational. This guide walks you through:

Configuring network interfaces
Setting up IP addresses
Accessing the Web UI
Completing initial setup

Network Interface Configuration

Step 1: Assign Interfaces

OPNsense Console: At login screen

You'll see the main configuration menu:

OPNsense Console: List of options

Select option 1 to assign interfaces
When prompted about LAGGs or VLANs, choose no:

OPNsense LAGG/VLANs prompt

You'll see a list of available interfaces. Note that vtnet0 will be your WAN interface - you can verify this by matching the MAC address with your OVH IP Virtual MAC:

OPNsense Console: Valid Interfaces List

Assign the WAN interface by entering vtnet0:

OPNsense Console: WAN interface name entry

Assign the LAN interface by entering vtnet1:

OPNsense Console: LAN interface name entry

Press Enter without typing anything to skip the optional interface:

OPNsense Console: Interface assignment confirmation

Confirm the configuration by entering y:

OPNsense Console: configuration in process...

Step 2: Configure IP Addresses

From the main menu, select option 2 to set interface IP addresses:

OPNsense Console: Main Screen

Configure LAN Interface

You'll see a list of available interfaces:

OPNsense Console: Available Interfaces

Select the LAN interface and configure its IP address:

OPNsense Console: LAN interface Selection

Enter your desired LAN IP configuration:

OPNsense Console: Choose LAN IP address

Complete the LAN configuration:

OPNsense Console: Finishing LAN config

Verify the LAN configuration is complete:

OPNsense Console: LAN config complete

Configure WAN Interface

Select the WAN interface:

OPNsense Console: WAN Interface Selection

For the WAN gateway, use your OVH server's gateway address:

OPNsense Console: WAN GW Config

Test your network connection to verify everything is working:

OPNsense Console: Ping successful

Web UI Access

WARNING

Initial Web UI access isn't possible directly from WAN as there are no firewall rules configured yet, and nothing exists on the LAN segment.

Option 1: SSH Port Forwarding (Recommended)

Use SSH port forwarding to access the Web UI:

shell

ssh -L 8080:10.69.42.1:80 -L 8443:10.69.42.1:443 -N -f user@remote-server

Configuration

Replace:

10.69.42.1 with your firewall's IP address
user@remote-server with your Proxmox host credentials (typically root@your-proxmox-host-ip)

This creates local port forwards:

Port 8080 → Firewall HTTP (80)
Port 8443 → Firewall HTTPS (443)

SSH Port Forwarding

Option 2: LAN VM Access

Alternatively, you can:

Create a new VM with GUI
Attach it to your LAN interface
Access the WebUI through this VM

Initial Web UI Setup

Access the Web UI at https://localhost:8443:

Log in with:
- Username: root
- Password: The one you set during installation
Complete the Getting Started wizard:

System Wizard: General Setup

Configure basic system settings:
- Hostname
- Domain
- DNS servers
- Other general preferences

System Wizard: General Information

Review the configuration summary:

Initial Config Complete

Final Configuration Check

Hardware Offloading

TIP

These settings should be disabled by default when using virtio. If not, disable them manually:

Interfaces settings

Completion

Your firewall should now have a working baseline configuration. You can access the dashboard to monitor your system:

OPNsense Dashboard

Next Steps

From here, you can:

Configure firewall rules
Set up VLANs
Add additional security features
Configure VPN access
And more...

Initial Configuration ​

Network Interface Configuration ​

Step 1: Assign Interfaces ​

Step 2: Configure IP Addresses ​

Configure LAN Interface ​

Configure WAN Interface ​

Web UI Access ​

Option 1: SSH Port Forwarding (Recommended) ​

Option 2: LAN VM Access ​

Initial Web UI Setup ​

Final Configuration Check ​

Hardware Offloading ​

Completion ​