• Install base install, assign interfaces, DHCP or static IP with gateway on WAN, no IP on LAN and set static IP on OPT1, run updates from console
• Disable the firewall by logging into shell and running

pfctl -d

Note: for some reason I had to keep turning it off to keep the connection open, release current as of 06/18/2021.

• Log into the WebUI on the OPT1 interface and skip the Wizard.
• Go to Firewall → OPT1 and create a rule to allow all in → save and apply changes
• Enable the firewall by logging into shell and running

pfctl -e

• Disconnect from OPT1 and reconnect to make sure your firewall rule stuck
• Delete any rules from WAN/LAN interfaces then add allow all.

https://docs.opnsense.org/manual/how-tos/transparent_bridge.html

• Disable outbound NAT, go to Firewall → NAT → Outbound and select “Disable Outbound NAT rule generation”.
• Set net.link.bridge.pfil_bridge from default to 1 in System → Settings → System Tuneables.
• Disable filtering on member interfaces by changing net.link.bridge.pfil_member from default to 0 in System → Settings → System Tuneables.
• Create a bridge of LAN and WAN, go to Interfaces → Other Types → Bridge. Add Select LAN and WAN.
• Go to Interfaces → Assign → Available network port, select the bridge from the list and hit +.
• Add an IP address to the interface that you would like to use to manage the bridge. Go to Interfaces → [OPT1], enable the interface and fill-in the ip/netmask. (use OPT2 if you have a 3rd NIC and have already used this for OPT1)
• Go to Interfaces → [WAN] and unselect Block private networks and Block bogon networks.
• Disable the DHCP server on LAN go to Services → DHCPv4 → [LAN] and unselect enable.
• Go to Firewall → Rules and add a rule per interface to allow all traffic of any type.
• Go to Firewall → Settings → Advanced → enable “Disable administration anti-lockout rule”
• Remove the IP subnets in use for LAN and WAN by changing the interface type to none. Go to Interfaces → [LAN] and Interfaces → [WAN] to do so.
• If you have a dedicated NIC to manage the firewall and have added OPT2 to the bridge interface for Internet access/updates/etc Go to Fireall → OPT2 and create a rule to block OPT2 in to “this firewall”, make sure this rule is at the top of the rule list.
• Or if you have a dedicated NIC to manage the firewall, disable OPT2 and add a gateway for OPT1 so that the firewall device can communicate with the Internet.

• Enable the system by going to Services → Intrusion Detection → Administration → check Enabled (don't enable IPS yet, IDS yes but IPS no)
• Select the rules you want by going to Download then checking the rules you want then enabling them, follow-up by checking them again and downloading the rules.
• After the download is complete go to the Rules tab and enable/disable the included rules (note: not all rules are enabled by default and there are about 92000 rules as of 06-17-2021).
• Goto Schedule tab and enable a schedule for downloading rules updates, every 6 to 24 hours should be fine.