OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of dietzelmann »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - dietzelmann

Pages: [1]
1
Web Proxy Filtering and Caching / Re: Allow Wildcard Firewall Rules - Windows Updates + Anydesk
« on: October 24, 2019, 08:56:39 pm »
I made it work by allowing all Microsoft IPs based on this csv: https://www.microsoft.com/en-us/download/details.aspx?id=53602

One problem solved - new problem created by activating web proxy / filter.

I have exact the same problem now as it is written here: https://forum.opnsense.org/index.php?topic=6648.0 but since May 2018 no solution.

2
Web Proxy Filtering and Caching / Re: Allow Wildcard Firewall Rules - Windows Updates + Anydesk
« on: October 22, 2019, 08:40:26 am »
Quote from: mimugmail on October 22, 2019, 05:37:00 am
Arent whitelists in proxy capable doing regex?

Maybe but I haven't found a working solution in any site (stackoverflow or here). At least my regex which works fine on Sophos UTM isn't working with OPNsense.

3
Web Proxy Filtering and Caching / Allow Wildcard Firewall Rules - Windows Updates + Anydesk
« on: October 21, 2019, 08:55:46 pm »
Hey guys,

I'm currently using Sophos UTM and I want to migrate my firewalls to OPNsense. Since OPNsense is advertising
Quote
HIGH-END SECURITY MADE EASY
I'd have never thought that easy peasy tasks on Sophos UTM need expert knowledge on OPNsense.

I've read a few threads where people struggeld with allowing wildcard domains in OPNsense. And I can confirm it's definitely a pain in the ass. I'm already trying it since a few days to make Windows Updates and AnyDesk work.

Todo -> allow these Domains::
  • *.net.anydesk.com [TCP] 80,443,6568
  • *.update.microsoft.com [TCP] 80,443
  • *.update.microsoft.com [TCP] 80,443
  • download.windowsupdate.com [TCP] 80,443

With Sophos UTM this is an easy job since Windows Updates are proconfigured as a service.

All other * wildcards can be handled with a regex like this:
Code: [Select]
^https?://([A-Za-z0-9.-]*\.)?windowsupdate\.com/
Has somebody  ever made Windows Updates and Anydesk work with OPNsense?



sources:
  • https://support.anydesk.com/Firewall
  • https://answers.microsoft.com/en-us/windows/forum/all/how-to-add-outbound-rule-in-windows-firewall-to/7f9c04c1-5216-47d9-9de3-64cc19eb796d

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2