diff --git a/src/pages/how-to/installation/opnsense.mdx b/src/pages/how-to/installation/opnsense.mdx
index 7d30b9fd..426ce65c 100644
--- a/src/pages/how-to/installation/opnsense.mdx
+++ b/src/pages/how-to/installation/opnsense.mdx
@@ -29,6 +29,28 @@ there are both managed and [self-hosted](https://docs.netbird.io/selfhosted/self
## Configuration
+### Authenticate the machine
+
+Fill out the authentication form with the following values and click `Save`:
+
+- **Management URL**: Default is `https://app.netbird.io:443`. If self-hosting, enter your custom management server URL.
+- **Setup Key**: Paste the setup key from your NetBird account.
+
+
+
+
+
+### Verify Connection Status
+
+The Status page shows detailed information about connected peers and control services, helping you monitor your deployment.
+Access it via `VPN` > `NetBird` > `Status` in the OPNsense menu.
+
+Use this section for diagnostics and troubleshooting common connection or setup issues.
+
+
+
+
+
### Assign NetBird interface
After installation, a new interface named `wt0` will be available but unassigned. To assign it go to `Interfaces` >
`Assignments`. Under `Assign a new interface`, set the following values:
@@ -54,7 +76,7 @@ the following options and click `Save`, then `Apply changes` to activate the int
-OPNsense includes native WireGuard support, however do not configure or manage the NetBird interface (wt0) via the OPNsense WireGuard UI.
+ OPNsense includes native WireGuard support, however do not configure or manage the NetBird interface (wt0) via the OPNsense WireGuard UI.
NetBird fully manages the WireGuard interface and keys.
@@ -65,14 +87,14 @@ This ensures traffic flows freely, while NetBird’s own policies (ACLs) govern
1. Navigate to `Firewall` > `Rules` > `NetBird`.
2. Click `+ Add` to create a new rule.
3. Configure the rule:
- - **Action**: `Pass`
- - **Interface**: `NetBird`
- - **Direction**: `in`
- - **TCP/IP Version**: `IPv4`
- - **Protocol**: `any`
- - **Source**: `any`
- - **Destination**: `any`
- - **Description**: `Allow all on NetBird (managed by NetBird)`
+ - **Action**: `Pass`
+ - **Interface**: `NetBird`
+ - **Direction**: `in`
+ - **TCP/IP Version**: `IPv4`
+ - **Protocol**: `any`
+ - **Source**: `any`
+ - **Destination**: `any`
+ - **Description**: `Allow all on NetBird (managed by NetBird)`
4. Click `Save`, then `Apply changes`.
5. Ensure this rule is at the top of the `NetBird` rules list so it isn’t shadowed by other rules.
@@ -80,29 +102,6 @@ This ensures traffic flows freely, while NetBird’s own policies (ACLs) govern
-### Authenticate the machine
-
-Fill out the authentication form with the following values and click `Save`:
-
-- **Management URL**: Default is `https://app.netbird.io:443`. If self-hosting, enter your custom management server URL.
-- **Setup Key**: Paste the setup key from your NetBird account. .
-
-
-
-
-
-### Verify Connection Status
-
-The Status page shows detailed information about connected peers and control services, helping you monitor your deployment.
-Access it via `VPN` > `NetBird` > `Status` in the OPNsense menu.
-
-Use this section for diagnostics and troubleshooting common connection or setup issues.
-
-
+
+
-### Authenticate the machine
-
-Fill out the authentication form with the following values and click `Save`:
-
-- **Management URL**: Default is `https://app.netbird.io:443`. If self-hosting, enter your custom management server URL.
-- **Setup Key**: Paste the setup key from your NetBird account. .
-
-