OPNsense Firewall Redesign, Cleanup & Optimization
Worldwide
We need an experienced OPNsense administrator to perform a complete review, cleanup, simplification, and optimization of our production OPNsense firewall (version ~26.1). The firewall currently has high rule count (~110+), legacy components, and complexity that we want to reduce significantly while maintaining strong security and adding better monitoring. Make any suggestions for Optimization or Performance or Security Enhancement. Current Environment Summary Hardware: Intel i5-6500T, multi-WAN (Shaw Static + Dynamic + Webserver), LAGG + VLAN segmentation. Key networks: Corporate, Webserver, CCTV, Service, FelixWelding, ACG. Security: CrowdSec (Free), GeoIP + ASN blocking, OpenVPN + WireGuard. Goals: - Remove bloat (Zenarmor, Tailscale, unused VLANs/aliases) - simplify VPN, strengthen inbound controls, improve monitoring. Scope of Work Required: Full review of current configuration Document current rules, NAT, interfaces, VPN, aliases, tunables. Cleanup & Removal Remove Zenarmor completely (including all remnants). Remove Tailscale. Delete unused VLANs (Management, Creekside, ACGMigration) and related DHCP/NAT/rules. Delete obsolete aliases (EXC01, KEMP, PBX, PMG, Ayush, India, Remote Workers, etc.). Remove redundant inter-VLAN block rules and outdated NAT reflection rules. Simplification & Optimization Consolidate and reorganize firewall rules (floating & interface specific) Implement clean default-deny posture with proper GeoIP + ASN + CrowdSec blocking. Optimize OpenVPN Add WireGuard Remote workers Group A → Webserver Remote workers Group B → Corporate Optimize NAT (especially hairpin/reflection). Tune sysctls, monitoring (Device Monitor, Telegraf, alerts), logging, and performance for the hardware. Testing & Handover Full testing of all networks, VPN access, published services, inter-VLAN access. Provide final clean config export + documentation. Knowledge transfer / recommendations for ongoing maintenance.
$250.00
Fixed-price- IntermediateExperience Level
- Remote Job
- One-time projectProject Type
Skills and Expertise
Activity on this job
- Proposals:10 to 15
- Last viewed by client:2 weeks ago
- Hires:1
- Interviewing:2
- Invites sent:0
- Unanswered invites:0
About the client
- CanadaWinnipeg7:08 PM
- $21K total spent13 hires, 3 active
- 3,101 hours
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by