Hi everyone,

I have a question regarding a basic "somewhat secure" opnsense setup so I can use it as a router/FW for home use. There are a lot of tutorials out there on initial setup and connecting it to the internet but not that many on making it "secure".

I decided to get a little more into networking and IT security. For my first steps I decided to stop using my all-in-one Modem/Router/Switch/AP ("internet box") and put together a setup with dedicated modem, Router, LAN switches and access point(s) throughout the apartment so that I can have more control and tweak things around.

I have the modem here compatible with my ISP and I bought one of those small chinese Intel N100 based passively cooled computers which I set up with opnsense. There are plenty of guides out there on how to set this up to connect to the internet using a modem and the appropriate PPPOE login info for my ISP. So far, so good.

However, I only really want to take that step once I have the opnsense Router set up to be "safe" for home use. So I guess my questions are:

• Just how safe or unsafe are the deafult settings of opnsense with a fresh install? Is it configured to be "closed" and thus needs specific settings to be "opened up" to allow for the kind of applications I want (online gaming, skype calls, torrent, etc.)?
• Or alternatively: Is it configured to be very "open" by deafult and needs specific settings (filtering, rules, etc.) to be "closed" to the most common types of threats to achieve a level of security at least on par with run-of-the-mill internet boxes like the one I used to use?

I would consider myself a somewhat IT-literate user who can set up his own computers and solve most home use issues himself, but definitely not a professional. So I appreciate any answers, but also pointers to ressources on the web / youtube / whatever to help me read up on the basics I need to do this (and more in the future)