Installing OPNSense Firewall to a fan-less mini PC

There are many great open source firewall projects that are widely available and widely deployed globally. They provide a handful of great features, and are quite stable. They offer commercial grade performance, timely updates and great community support.

OPNSense is one of the leading ones. In this blog post, we’re going to show you how to install this popular firewall software to a fan-less silent mini-PC. Although the instructions to install the software are specific to mini PC, they should be the same for any computer which are x86 compatible (any PC, workstation or server that is x86 compatible).

Mini PCs are great because, they do not waste space. Fan-less ones are great because they do not make noise. Like a modem, you might even forget that you have one in your office / house. Usually they are limited in computing power. But I’ve found one which offer a high-end Intel quad core i7 processor and 8 Gigs of memory.

We’ll install OPNSense onto one of these. The product comes from a company called Qotom. They sell on Amazon and Alibaba. We bought a unit from their Alibaba store.

This mini PC looks something like this:

Mini PC

1. Prerequisites

  • A USB Stick to burn OPNSense Installer USB image and boot the installation. You’ll need a minumum 4GB USB stick.

  • A HDMI cable is for display connection to the mini PC.

2. Download OPNSense Installer USB image and burn to a USB stick.

  • Download the OPNSense installer USB image from Download OPNSense. Make sure you select amd64 for the architecture and vga for the image type. Chose any mirror for your liking.

  • Burn the image to your USB stick with your favorite tool. For Mac & Windows you can use Etcher, for Ubuntu Linux, you can use Ubuntu Disk Image Writer.

Download OPNSense Installer USB image and burn to a USB stick.

  • Place the USB stick into the one of the four USB slots at the back of the device.

  • Press the Power On button at the rear of the device

(From OPNSense get started page) :

Default behaviour is to start the Live environment, to install log in with user installer and password opnsense.

The installation process involves a few simple steps.

  1. Configure console – The default configuration should be fine for most occasions.

  2. Select task – The Quick/Easy Install option should be fine for most occasions. For installations on embedded systems or systems with minimal diskspace choose Custom Installation and do not create a swap slice. Continue with default settings.

  3. Are you SURE? – When proceeding OPNsense will be installed on the first hard disk in the system.

  4. Reboot – The system is now installed and needs to be rebooted to continue with configuration.

WARNING: You will lose all files on the installation disk. If another disk is to be used then choose a Custom installation instead of the Quick/Easy Install.

You can continue reading OPNSense documentation on how to configure and use the firewall.

Next generation firewall features for OPNsense?

OPNSense Dashboard Screen

Sunny Valley Networks provides a software add-on for OPNsense which complements it to have next generation firewall features like Application Control, Content Filtering, All-ports TLS Inspection. You can read this blog post on how to use this module.