Login

u/Express-Obj3ct

▲ 9 r/opnsense

Opnsense for Matter setup

Coming back on this topic after some time fighting things (other similar post some time ago)

I set up a different LAN for IoT (had an extra port to the router itself, no switch here), put IPv6 into SLAAC, configured Router Advertisements into the dedicated Services tab to that IoT LAN and to be Unmanaged, no dnsmasq or DHCPv6 setup and no new firewall rules for IPv6, just for IPv4 to allow internet and block inter-LAN comms (but allowd the main LAN to comm to this IoT one); devices get IPv6 fe or fd addresses. Everything needed for what I want to achieve hardware-wise will be inside this IoT LAN and no cross LAN needed, so no repeater at all

From opnsense, I pun an old dlink dir600 router in access point mode, than passed that to the Home Assistant machine after setting up a wifi for it

Now, I installed everything needed in Home Assistant for Matter over Thread, tried pairing an Ikea device with a phone on the Wifi created within this LAN and the connection fails. I suspect mDNS, but I don't know how to check it or how else to set it up for this secondary LAN. Home Assistant says Network is unreachable in the logs for the Matter server, but Home Assistant has functional internet overall

Please, any thoughts?

Is it a firewall thing?? I am suspecting the dlink router to some extent, but I am out of ideas

Sorry for the long post

reddit.com
u/Express-Obj3ct — 2 days ago
▲ 1 r/opnsense

I want to setup an IOT VLAN for smart devices, for Ikea Matter devices mostly, for now

Hardware for that VLAN (or even LAN if I have a spare port, I'll be thinking about it): I plan on using an ancient D-link router as a Wifi access point for easier connectivity and for other smart devices in the future that might require Wifi, an Intel NUC as the sole Home Assistant machine and a Sonoff MG24 dongle for Thread connectivity to the devices, mainly Ikea for the beginning

I am very new to all things network admin, let alone IPv6. I understand that IPv6 must be up and working properly for Thread to function properly as well, so I would like to request some help in what settings should I use for that VLAN to get the network going all right

I don't have any ISP IPv6 in my current living situation (triple NAT as I am living with others and daisy chaining routers and different network LANs is all that this place allows me to do, my Opnsense router being my homelab/homeprod oasis that I plan on using as-is when moving out), so:

  • I would like/think that I should have only fully local IPv6 for my network (I read something about SLAAC and RA, not too sure)
  • I would really want this smart network to be on this different, isolated VLAN from the main one with maybe limited or no internet access, but yet to be able to define some firewall rules (I hope) to be able to access the VLAN from the main LAN with my phone on the Home Assistant app, but not the opposite

I have very little understanding and knowledge as of now for IPv6 and the Firewall rules in general (VLANs are pretty fresh as well), but I am here to learn. If you do have tho any good tutorials online for this case in particular (I really did not find any, most likely didn't look far enough), please link me to them

Thanks

reddit.com
u/Express-Obj3ct — 20 days ago