Messages

1

General Discussion / Nat Port forwarding Associated filter rule problem

« on: March 25, 2019, 02:33:49 pm »

I just got the last release of Opensense and configured it whit one of my public ip( the ISP gave me a public subnet whit 5 ip 63.xx.xx.64/29)
as WAN ip,and i created 1 virtual ip alias for each free ip i have,on the LAN side i configured the class 192.168.0/24,now i can access interent whitout any problem and and seems to work fine,
if i try to create a rdp port forwarding from the wan ip,(or any other of the virtual ip address that i have,changing the destination to the specific wan virtual address)
to an internal ip on the lan it work only if i set "pass" to the filter rule association parameter, if i leave "add associated filter rule" i cant reach the address on the lan,it seems like Opensense cant create the rule properly, anyway if i go to
 Firewall>Rule i can see the rule created " pass any 3389 to 192.168.1.xx" but it dosent work , anyone have experienced this kind of problem before?

2

General Discussion / Help whit Opensense configuration

« on: March 21, 2019, 12:55:21 pm »

Hi,
I have a cisco router only managed by the ISP (i cant access the router), they provide me a pool of public ip addresses 63.xx.xx.64/29
hostmin is 63.xx.xx.65 hostmax is 63.xx.xx.70, but when i surf on internet i go out whit 82.xx.xx.xx.Now i need to put Opensense between the cisco router and mi lan network, i need to configure OpenVPN , and i need to configure Nat for example if i want that the port 3389 opened on the public ip 63.xx.xx.69 point to 192.168.1.18 and the same port of the public ip 63.xx.xx.68 point to 192.168.1.100, wich kind of configuration is more suitable for do this? I heva configured Opensense before but ever whit WAN whit only one public ip Address.i dont understand if i can do this if i connect the wan port of pfsense to the lan of the Cisco ISP Router (as i usually do whit a sigle public address wan)
Any help will be appreciated
Thanks!!

3

Italian - Italiano / Re: Scegliere Hardware adatto Opensense 80 client

« on: March 20, 2019, 02:37:34 pm »

Nessuno ragà?

4

Italian - Italiano / Scegliere Hardware adatto Opensense 80 client

« on: March 11, 2019, 08:37:39 pm »

Buonasera sono un nuovo iscritto su questa comunity,ho installato e configurato pfsense e opensens diverse volte senza nessun problema sempre in infrastrutture di rete sulla media dei 20 client con funzione firewall router interno e server openvpn di solito utilizzavo questo tipo di minipc  https://www.miniserver.it/firewall/apu-2-nic-wifi/apu2-firewall-entry-level-2-nic-2gb.html ovvero 2 NIC APU2 based 2GB RAM, ora ho l 'esigenza di configurare un firewall che faccia anche da dhcp e tirare su anche openvpn (non si connetteranno tutti i client tramite vpn ma credo una decina massimo) ed eventualmente abilitare anche la funzione ids Suricata  e i pc collegati saranno circa 40 piu telefoni voip e smartphone vari collegati al wifi quindi come dicevo circa 80 client collegati alla rete, ero orientato su questo hardware https://www.miniserver.it/firewall/apu-4-nic-wifi/apu4-firewall-entry-level-4-nic-4gb.html

Firewall Entry Level 4 NIC APU4 based 4GB RAM
AMD Embedded G series GX-412TC, 1 GHz quad Jaguar core with 64 bit and AES-NI support, 32K data + 32K instruction cache per core, shared 2MB L2 cache
Storage: 16 GB mSATA SSD module, MLC flash
4 Gigabit Ethernet channels (i211AT Intel Chipset)
Secondo voi questa configurazione hardware è sufficente o si rischia di creare un collo di bottiglia? si potrebbe fare un bound di due porte lan per utilizzarle entrambe ed evitare sovraccarichi? per Il tutto sarà collegato a un router cisco con fibra 50/down 50/up, premetto che vorrei evitare di utilizzare pc usati ma eventualmente hardware superiore da inserire nell armadio rack