I was having an extremely difficult time getting my static IP WAN connection to work on OPNSense. I’m happy to report that I think I have solved the problem. I was able to get it to work last night but only after doing a factory reset.

If I am correct I think my problem was the upstream field. I was leaving it on automatic and I shouldn’t have done that. To the right of the field you can add your own upstream gateway.

What OPNSense means by upstream gateway is really your default gateway. I was under the assumption that since we have to pick the subnet mask that it based on that it would be the default gateway. For example /24 would mean a subnet mask of and then I just assumed the gateway ends in one. I should not assume that.

I also though my issue was firewall rules related or there gateway section that is separate from the interface section. I never had that before and have read the instructions a few times. A lot of this stuff was automated with Sophos and now I have to manually set all this info. This section is important to show health and for load balancing/failover. Both are really important for my setup.

In order to become more comfortable with OPNSense I knew I would be having to factory reset at least one more time and then setting it all up again. This came earlier than I anticipated. That’s okay because I have learned a lot already. As I mentioned earlier I was giving myself a full year to learn this but with the EOL being moved up on my Cyberoam products I have no choice but to kick it into high gear.

The most important parts I have to figure out yet is Wireguard, a better understanding of firewall rules and load balancing/failover. I use 3 and sometimes for different WAN connections for my primary network. It is very imperative that I get this right.