Hey all, I’ve set up OPNsense as my firewall and I’m trying to figure out which rules I need for Home Assistant. Right now, I’m allowing all traffic from 192.168.1.20 (my Home Assistant server), but that feels way too open. I want to tighten things up without breaking anything.
Everything is on the 192.168.1.x LAN subnet (no VLANs yet). The Home Assistant server also acts as a Zigbee coordinator (USB for now, switching to PoE Ethernet later) and an Open Thread Border Router (SkyLink dongle). Most of my devices are Zigbee or Thread, with a few Wi-Fi and BLE devices. I use Nabu Casa for remote access and the default WebUI at home. And I backup HA to a NAS via smb. I’m not sure if I need to keep any other ports open (like for SSL) in case I need to troubleshoot.
What rules should I set on my OPNsense firewall to make sure Home Assistant can communicate with all my IoT devices and stay secure? I probably don’t need to allow unrestricted access to all networks. Any advice would be appreciated!