Using OPNsense after router

[Blackmagic]

I'm using Asus Merlin now and want to add OPNsense after the router. Meaning OPNsense's IP would be something like 192.168.1.100 on the WAN side from the router rather than have OPNsense after the modem like it would normally go. I'm wondering if anyone would know how I would accomplish such a task? I'm thinking there would be a double NAT in doing so. I noticed in Asus Merlin you can exlude a local IP adress from the DHCP and I did try that but it seems like OPNsense can't be accessed no matter what I do to get this to work after configuring everything. I've read that you can put a router in bridge mode, but upon looking in the router I saw no such option, or I was looking in the wrong spot. Trouble with that is I have to allow other devices connected to the router a DHCP. Would placing a switch on the router help accomplish my goal?

Thanks for any and all advice in advance.

 

[Tech9]

Would placing a switch on the router help accomplish my goal?

What’s the final goal? Extra security, network segmentation, just an experiment to see/learn what OPNsense does?

 

[Blackmagic]

While I don't think it matters, I'm going to be hosting a web server and e-mail server once I change my ISP to 1,000 Mbps fiber. The end goal remains the same: how do I put an OPNsense applicance (a small computer I installed OPNsense to) in front of my router flashed with Asus Merlin? I just can't wrap my head around this configuration right now without just placing the OPNsense computer in line with the modem.

 

[Tech9]

after the router

in front of my router

In front or after your router? In both situations one of the devices will be in double NAT. There is a firewall in between. If your OPNsense is your Internet gateway and your Asus is in double NAT - you can access OPNsense network from your Asus, but not Asus network from your OPNsense.

Example:
Internet -> Firewall (OPNsense, WAN IP from ISP, LAN IP 192.168.1.1) -> Firewall (Asus, WAN IP from OPNsense 192.168.1.x, LAN IP 192.168.2.1)