OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of vip-123 »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - vip-123

Pages: [1]
1
19.7 Legacy Series / Multiple LAN Ports - Bridge Possible?
« on: December 07, 2019, 12:32:24 am »
Have multiple NICs on my Unit -
https://protectli.com/protectli-4-port/

FW1 version - older but works fine..

just needed another LAN Port have have one on the unit but the bridge setup is a little complicated.
thought I bridged LAN2 - no interface with LAN1 - and no go - devices plugged into LAN2 don't work -
it acts like LAN 2 is a segment - but that doesn't appear to be a default configuration, but might be.

Simple question -
Is it possible to bridge OPT1 AND OPT2 TO default OPT1 vlan (LAN1 and LAN2 on LAN1 vlan1)

logically just make those two ports a switch and then from it what it looks like there would then be a virtual vlan device for vlan1 that takes the IP and routing over vs the physical interface?

2
Tutorials and FAQs / Re: HOWTO - DNS Security / Unbound DNS with DNSCrypt, DoH Plugin for IPv4 + IPv6
« on: September 13, 2019, 05:38:49 pm »
Old - Post but was reading up on the "Server List" if you want to manually use known servers like "cloudflare"

Noticed that when I add 1.1.1.1 / 1.1.1.1:53 it fails with something like no servers found.

the list does seem to work when typing cloudflare lower case then it saves and works.

SNI Still not encrypted but still a vast improvement for my testing.

- The sites not loading issue.
(figure off topic but might as well attempt to explain what I'm guess Issue is in this particular Case)

That I found is the firewall on the remote site blocking origination countries / geo IPs
I do this to on many firewalls like meraki and others.

trick is some sites are pulling css / fonts and other items from IPs that are not located in referenced IPs by Geo and if your rule is set to something like only allow these counties and deny all other traffic.  then you get the above kind of issue.

basically the bank is blocking certain countries from access.
you might be in .de however your request when using CF is routed through another country like (example) spain/france/etc for speed / backbone performance - then that might be a blocked inbound ..

the firewall for the bank is blocking inbound from either CF proxy due to too many hits from their proxy IP (which is common for a webserver that doesn't understand to strip back to the originators actual IP)

(/figure off topic but might as well attempt to explain what I'm guess Issue is in this particular Case)

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2