Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - Bear

Pages1
#1
General Discussion / Firewall Config on a transparent Bridge - Questions on FW rules / OVPN IP
November 24, 2019, 05:00:23 PM
Previously, with PFSense, when I made a filtering bridge, all of my rules for what could or couldn't come in from the WAN side were on the WAN device, and rules for what could go out from the network were on the LAN device.  I'm rethinking my ways.

Would it work/be better to place all rules on the filtered bridge interface in Opnsense alone, using the "source" and "destination" options instead, while leaving both members of the bridge unconfigured?  I have a feeling that my PFSense config wasn't optimal, though the docs on using a filtered bridge weren't very helpful from the PFsense side.

Also, unrelated - When setting up an OpenVPN server, my bridge interface has an IP.  However, when in VPN:OpenVPN:Servers, whenever I select my bridged network as the interface, I get an error that says "An IPV4 protocol was selected, but the selected interface has no IPV4 address, when my bridged network interface is the ONLY interface that I've assigned an IP address to.  Does anyone have any thoughts on this as well?

I'm running a transparent bridge due to having a bunch of public IPs that I'd prefer not to 1:1 NAT with.

Any help/thoughts would be appreciated. :)

-Bear
#2
General Discussion / Moving over from PFSense with public IPs - Have some questions!
November 22, 2019, 04:12:02 PM
I guess this'll be my introductory post. :)

I'm a longtime user of m0n0wall who later moved to pfsense on a Dell system, and most recently, I purchased a Qotom i3-7130u-based system to move to to opnsense.

I had a couple of issues with pfsense that I'm hoping the community here can help me sort out before I try to move my opnsense box into "production."

1) I'm running pfsense (and soon opnsense) as a filtering bridge.  Randomly, my administration page will be accessible or unaccessible from the internal part of the bridge (It's expressly prohibited from the outside part) - Will I have a similar issue with pfsense?  Is there any rhyme or reason why this would occur?

Is there a better mode (rather than resorting to 1:1 NAT which has its own issues I'd prefer to avoid) for using OpnSense with a /26 of Public IPs?

2) OpenVPN has always been weird under pfsense.  For example, only one user actually works.  No other users will authenticate.  If I delete the user that works, the next user who is at the top of the config screen suddenly works without any change of credentials, certificate, account, etc.  Has anyone had this issue on opnsense?

Thanks for any help - This looks to be a great community.

-Bear

Pages1