Messages

I made it work by allowing all Microsoft IPs based on this csv: https://www.microsoft.com/en-us/download/details.aspx?id=53602

One problem solved - new problem created by activating web proxy / filter.

I have exact the same problem now as it is written here: https://forum.opnsense.org/index.php?topic=6648.0 but since May 2018 no solution.

Arent whitelists in proxy capable doing regex?

Maybe but I haven't found a working solution in any site (stackoverflow or here). At least my regex which works fine on Sophos UTM isn't working with OPNsense.

Hey guys,

I'm currently using Sophos UTM and I want to migrate my firewalls to OPNsense. Since OPNsense is advertising

HIGH-END SECURITY MADE EASY

I'd have never thought that easy peasy tasks on Sophos UTM need expert knowledge on OPNsense.

I've read a few threads where people struggeld with allowing wildcard domains in OPNsense. And I can confirm it's definitely a pain in the ass. I'm already trying it since a few days to make Windows Updates and AnyDesk work.

Todo -> allow these Domains::

• *.net.anydesk.com [TCP] 80,443,6568
• *.update.microsoft.com [TCP] 80,443
• *.update.microsoft.com [TCP] 80,443
• download.windowsupdate.com [TCP] 80,443

With Sophos UTM this is an easy job since Windows Updates are proconfigured as a service.

All other * wildcards can be handled with a regex like this:

Code Select Expand

^https?://([A-Za-z0-9.-]*\.)?windowsupdate\.com/

Has somebody  ever made Windows Updates and Anydesk work with OPNsense?




sources:

• https://support.anydesk.com/Firewall
• https://answers.microsoft.com/en-us/windows/forum/all/how-to-add-outbound-rule-in-windows-firewall-to/7f9c04c1-5216-47d9-9de3-64cc19eb796d