Metronet Static IP On OPNSense
As luck would have it, fiber internet has made its way to our house out in the boonies. Most cable/internet companies charge an arm and a leg for a static IP and call it a “business account”. When the sales rep came by I asked how much a Metronet Static IP cost. The reply was $10 a month. I was sold on that for sure.
Otherwise, Metronet uses Carrier Grade Network Address Translation (CGNAT) for IP addresses. What that means is that your router or firewall will pull one address, but that your actual IP address is something else.
What that really means is connecting back to your home network via VPN can be a lot more complex. Also, Murphy’s VPN Law, states that you will pull a new DHCP address only while you are away on vacation rendering your ability to connect to your network null and void.
Setup
When Metronet walks away from your house you’ll have a CGNAT connection whether you like it or not. It takes about a week and then they will email or call you to set up your static IP.
You’ll get a typical email that contains:
- Your static IP address
- A gateway address
- Subnet Address
- DNS servers
You have to be on the phone with them because they have to configure it on their end while you are configuring on your end. Because I use a hardware firewall with OPNSense connected directly to their modem configuration is a little tricky.
WAN Configuration
Go to Interface > WAN. Set Configuration Type to Static IPV4. Down below type in your Static IP address that Metronet provided.
Static IP configuration
Now click the + sign on IPV4 Upstream Gateway. Set it to Default Gateway and add the Gateway address they provided you. I left the Default name the same.
Upstream Gateway
Make sure the dropdown box for IPV4 Upstream Gateway is selected for your new Default Gateway. Then hit Save.
Gateway
Connection!
It worked. All I needed was IP address and Gateway address. I use my own DNS servers (Cloudflare Encrypted DNS).
Wrap Up
I hope this saves a moment of time for someone. 99% of most customers are going to use the Metronet supplied router and configuration will be much easier. Using OPNSense as the first device in the chain makes configuration a bit different. Took me and the Tech on the phone a few minutes to work through it.
Now I’m able to VPN back into my home network for files, pictures, or to control Home Automation if needed while I am away.
Thanks John for this topic on your blog post. I am about to go thru the same thing today with MetroNet
Same situation, just trying to set up opnsense. Metronet gave me a static ip and a gateway/router ip. Which one do I enter in the boxes above?
You just saved me hours on the phone!!! Thank you!!!