Topics

Hello,

I came across a setup with two Fortinet routers, setup as an HA - seemed straight forward, Internet to a small switch - then each of the foritnets into that switch, and two heartbeat connections between the two routers. Then to the internal switch

However at this location they only have One External Static IP, and from what I've read - or at least how I understand it, when setting up two routers in HA, we need at least three external static IPs.  One to each router, and a virtual one.  So I'm wondering can I set up two opnsense devices (same hardware) in HA mode with one static IP similar to the described above or do I need three?

Thanks


Thanks

Hello,

I've seen setups of businesses using the Cisco Anyconnect VPN where users can use their AD credentials to connect.  But they can even change their password. So if there is a remote user and they have to change their password every 60 days.. when it's getting close to the expiry date, when they connect to the VPN the anyconnect client will prompt them that their password is about to expire and they can change it there, which will then update it in AD.

Is this possible with the vpn option in opnsense?  if not how would you recommend users change their password remotely if coming into the office is not possible?

Thanks

Hello,

I'm in the process of doing an upgrade to my router, and I'm planning on replacing the HDD, with an SSD.   I'm looking for some suggestions of drives I should consider.   I'm thinking of a size 128 to 250gb.  But since I will be using caching, and IDS, logging.. etc.. I want to make sure I have a good solid (no pun intended) drive that will last a long time.

Thanks

Hello,

I'm wondering how people are handling multiple web filtering rules..   for example.. I want users to be blocked from Facebook or youtube etc..  but another group to have access to those sites.   It appears that opnsense is configured to have one rule apply to everyone?

Is this possible to do with the base installation?

Thanks

Hello,  I'm currently using Sophos UTM in my home network, and it's been good.
Currently my setup is configured, where my firewall blocks everything going out.  With a few minor exceptions like a rule for my Voip Phones specifically on the specific ports  it uses.

But then I use web filter policies for my machines.   I have two groups, one for my wife and I and the other for the kids' devices.  I manage everything with static IPs on all devices.  (IP reservation)   So I have a web filter group for the kids, which allows them to the sites I want and is applied to the devices I choose, and it also has a time setting.  So after 8pm no more internet access.

And then I have another group for my computers allowing access to everything and no time limits.

I'm wanting to explore opnsense more, and I was wondering if I'm able to do a similar setup with opnsense or do I need a different kind of setup or maybe a plugin like Sensi?   I'm wanting to do as much as I can with complete opensource technology.

Thanks