this post was submitted on 12 Jul 2026
22 points (95.8% liked)

networking

3595 readers
1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 3 years ago
MODERATORS
 

Hey y'all, I have a small network with opnsense firewall, a unify ap, some client in different subnets, vpn, DNS and some servers.

As I am completely self thought, I got everything to run reading the docs and forums, but I have no idea how to test if what I build is safe and stable.

Are there good up to date tools, or checklists one could follow to audit the different parts of the network (most important the opnsense config)?

What do you check if looking for security issues?

The network mostly relies on client separation through different subnets on different vlans, but I fear I dont understand how for example the vpn and the nas work together in detail to be sure there is no security implication I oversee.

Also: how do you handle client authentication for devices on the same subnet? I know IP/mac-adress ARP entries are easily spoofed and therefore not secure, but I haven't seen how to do it correctly

you are viewing a single comment's thread
view the rest of the comments
[–] ramble81@lemmy.zip 4 points 1 week ago* (last edited 1 week ago)
  • What it is?
  • Where it connects?
  • What can it access?

Those are ultimately what your questions should distill down to. Starting with a network diagram it one of the best ways. Looking at Layers 1-3 will help answer the first two. From there, keep expanding into 4-7 for your firewall rules and NACLs.