This page details the transformation of an Intel NUC7i3DNB into a fully functional OPNsense firewall, seamlessly integrated within the chassis of an HP 1810-24G switch. This modification not only consolidates hardware but also enhances network functionality by merging routing and switching capabilities into a single device.
- Model: Intel NUC7i3DNB
- Processor: Intel Core i3-7100U (Dual-core, 4 threads, 2.4GHz)
- Memory: 8GB RAM
- Storage: 128GB NVMe SSD
- Networking: Integrated into an HP 1810-24G switch, utilizing its 24 gigabit ports
Rather than deploying the Intel NUC as a standalone firewall, I incorporated it into the case of the HP 1810-24G switch, yielding several advantages:
- Optimized Space Utilization: Merging the switch and firewall into a single enclosure reduces equipment clutter and enhances rack organization.
- Fully Functional 24-Port Managed Switch: The HP 1810-24G remains completely operational, providing full gigabit networking capabilities.
- Integrated OPNsense Routing: The NUC functions as a robust router/firewall, eliminating the need for a dedicated external router.
OPNsense was chosen for its open-source architecture, security-driven design, and robust feature set, making it an ideal firewall and router solution. Key features include:
- Intuitive and modern web-based management interface
- Advanced stateful firewalling and traffic shaping
- Integrated support for VPN protocols including WireGuard and OpenVPN
- Intrusion Detection and Prevention System (IDS/IPS) capabilities
With the NUC embedded within the HP switch, the network topology follows this structure:
- LAN Connectivity: All 24 switch ports remain operational and are managed by the HP switch firmware.
- WAN Interface: The NUC’s onboard NIC is designated for WAN uplink, supporting VLAN trunking for optimal network segmentation.
- VLAN Segmentation: OPNsense manages multiple VLANs, ensuring a structured and secure network environment:
- Home VLAN – Personal devices
- Guest VLAN – Isolated guest network
- IoT VLAN – Restricted access for smart devices
- Server VLAN – Hosting infrastructure (Proxmox, self-hosted applications)
- Management VLAN – Dedicated for network administration
Despite its compact form factor, the Intel NUC7i3DNB efficiently handles the demands of OPNsense. Its advantages include:
- Energy Efficiency: The NUC provides enterprise-grade routing and firewalling with minimal power consumption.
- High Throughput: The Intel Core i3-7100U delivers sufficient processing power to support gigabit routing, encrypted VPN connections, and real-time IDS/IPS monitoring.
- Stealthy and Integrated Design: Housing the firewall within a network switch enclosure eliminates unnecessary external hardware and contributes to a streamlined, professional setup.
This NUC-powered OPNsense firewall embedded in a 24-port managed switch serves as a compact, high-performance, and cost-effective core for my self-hosted network. By leveraging OPNsense’s robust security features alongside full VLAN support, this hybrid implementation operates as the central control point for my network infrastructure while preserving the full switching capabilities of the HP 1810-24G.
This project exemplifies how innovative hardware repurposing can result in efficient, powerful, and unconventional networking solutions that optimize both functionality and space.