"
Hi There, I would love to hear more about how you have set this up. I have been wanting to get authelia set up and working with HAProxy. Are you running Authelia in a docker somewhere on your lan? Have any tips for getting it setup and how to use it on specific subdomains?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Web Proxy Filtering and Caching / Re: HAProxy chainloading Lua Scripts
February 24, 2021, 11:16:59 PM #2
19.1 Legacy Series / Help with Reflection for port forwards
April 02, 2019, 12:56:10 AM
I am looking to understand what else I may be missing in order to get Reflection working for port forwarding.
Currently have a few port fwd rules setup to some internal servers. All the forwards are working as expected so long as I am connecting externally.
Example of issue: port fwd setup for nextcloud, I am able to access fine while outside my local network, when internal it is not resolving the external dynamic URL to the internal IP address. So the nextcloud client is never able to sync.
-using afraid.org dynamic DNS
-using the dynamic DNS updater in OPNsense
-Reflection for port forwards is enabled
-Automatic outbound NAT for Reflection is enabled
any ideas?
Thanks!
Todd
Currently have a few port fwd rules setup to some internal servers. All the forwards are working as expected so long as I am connecting externally.
Example of issue: port fwd setup for nextcloud, I am able to access fine while outside my local network, when internal it is not resolving the external dynamic URL to the internal IP address. So the nextcloud client is never able to sync.
-using afraid.org dynamic DNS
-using the dynamic DNS updater in OPNsense
-Reflection for port forwards is enabled
-Automatic outbound NAT for Reflection is enabled
any ideas?
Thanks!
Todd
#3
General Discussion / Re: issues with setup, existing L3 switch with vlans
March 20, 2019, 04:35:08 PM
found my issue. I'll explain what I needed in case other folks out there have the same problem.
so i thought that i was safe with the auto rules since there was once for LAN networks, I had assumed this would include all traffic from internal. This was not the case. I noticed that I was able to get to the internet from a console on my 3750 (GW) but nothing else internal and figured i would try setting up a outbound nat rule for 1 vlan. boom, everything was happy! in hindsight I actually prefer it like this as I do have a couple vlans I do not want any traffic seeping out from.
hope this helps someone out there.
I do have to say I am VERY impressed with OPNsense so far and kind of kicking myself for not doing this sooner!
already have replaced my old ovpn server with OPNsense box with MFA, very slick setup!
so i thought that i was safe with the auto rules since there was once for LAN networks, I had assumed this would include all traffic from internal. This was not the case. I noticed that I was able to get to the internet from a console on my 3750 (GW) but nothing else internal and figured i would try setting up a outbound nat rule for 1 vlan. boom, everything was happy! in hindsight I actually prefer it like this as I do have a couple vlans I do not want any traffic seeping out from.
hope this helps someone out there.
I do have to say I am VERY impressed with OPNsense so far and kind of kicking myself for not doing this sooner!
already have replaced my old ovpn server with OPNsense box with MFA, very slick setup!
#4
General Discussion / Re: issues with setup, existing L3 switch with vlans
March 19, 2019, 10:41:05 PM
Apologies, maybe I didn't articulate that correctly, The link from the 3750 switch to the OPNsense box is still an internal vlan. I just called it a WAN vlan. Bad choice of words there, my apologies.
so the LAN port on the OPNsense box is connected to the cisco3750. the WAN port is connected directly to my cable modem. 3750 is running l3 and handling all of the routing for the vlans. these were already setup and are operating as expected.
so the LAN port on the OPNsense box is connected to the cisco3750. the WAN port is connected directly to my cable modem. 3750 is running l3 and handling all of the routing for the vlans. these were already setup and are operating as expected.
#5
General Discussion / issues with setup, existing L3 switch with vlans
March 19, 2019, 09:58:08 PM
Hello,
I just built an Apu4c4 OPNsense box and am trying to replace an old asa5505 that's seen better days.
Existing network is c3750 stack running L3 with several vlans, i have a WAN vlan (10.1.5.0/30) thats running from the 3750(10.1.5.2) to the ASA(10.1.5.1).
existing vlans are all 10.0.x.x/24.
i have setup the LAN port on the OPNsense box to match the old internal interface of the ASA and just set the WAN port on the OPN box to DHCP.
I have setup static routes back to the 3750 on the OPN box.
OPN is pulling IP fine however I could not ping anything external, internal devices ping fine.
I added a gateway for the LAN pointing at the WAN ip and can now ping both external and internal address fine from the OPN box. However I still cannot access anything on the internet from any internal devices on any of the vlans.
any ideas on what I am doing wrong here?
Thanks!
Todd
I just built an Apu4c4 OPNsense box and am trying to replace an old asa5505 that's seen better days.
Existing network is c3750 stack running L3 with several vlans, i have a WAN vlan (10.1.5.0/30) thats running from the 3750(10.1.5.2) to the ASA(10.1.5.1).
existing vlans are all 10.0.x.x/24.
i have setup the LAN port on the OPNsense box to match the old internal interface of the ASA and just set the WAN port on the OPN box to DHCP.
I have setup static routes back to the 3750 on the OPN box.
OPN is pulling IP fine however I could not ping anything external, internal devices ping fine.
I added a gateway for the LAN pointing at the WAN ip and can now ping both external and internal address fine from the OPN box. However I still cannot access anything on the internet from any internal devices on any of the vlans.
any ideas on what I am doing wrong here?
Thanks!
Todd
Pages1
