OPNsense Forum

English Forums => General Discussion => Topic started by: jojothehumanmonkey on May 09, 2021, 12:09:44 am

Title: how to get fail2ban installed
Post by: jojothehumanmonkey on May 09, 2021, 12:09:44 am

hello and thanks,

i could not find fail2ban package?

is it not supported or is there a opnsense version or alternative.
i am trying to better protect openvpn server.

thanks,
david

Title: Re: how to get fail2ban installed
Post by: mimugmail on May 09, 2021, 06:37:46 am

If you use client certificates it shouldnt be necessary. There is only a package for it, No plugin, so you need configure manually

Title: Re: how to get fail2ban installed
Post by: jojothehumanmonkey on May 13, 2021, 12:25:08 am

"shouldnt be necessary"
yeah, that is why i am looking for more protection.

thanks much

Title: Re: how to get fail2ban installed
Post by: FullyBorked on May 13, 2021, 06:00:44 pm

fail2ban might not be the best tool for the job.  fail2ban isn't wrong per say, but I'd start with hardening and using auth modes that are a little more strict.  Have you checked out a hardening guide such as this https://blog.securityevaluators.com/hardening-openvpn-in-2020-1672c3c4135a (https://blog.securityevaluators.com/hardening-openvpn-in-2020-1672c3c4135a)?