Messages

1

General Discussion / Re: Not sure what to call this, I need to block people seeing the opnsense login.

« on: March 10, 2020, 02:51:48 pm »

If "net" means your LAN: You can allow access only for specific hosts (would need to disable lock-out rule). Or even better: Have a service interface with exclusive access to the opnsense and disable access from normal LAN completely.

Sorry I meant WAN.

2

General Discussion / Not sure what to call this, I need to block people seeing the opnsense login.

« on: March 10, 2020, 01:32:19 pm »

Hi folks, Just start Opnsense, Well anything like this to be honest. I was one of those lazy people that just used the router stuff.
Well, no more.
But. How does one stop someone seeing the Opnsense WebGUI from the WAN? I had no idea what to search for or I would have done that first.

So basically here is what I have at the moment.
4 ip block here in the UK

The first IP address of the IP block is unusable because it is the network address
The last IP address of the IP block is also unusable because it is the broadcast address
The second IP address is assigned to the router
The other IP addresses can be used as required.





D...

3

General Discussion / Question: Building the network: From Start?

« on: January 26, 2020, 04:55:07 pm »

Firstly, Hi to all.

Now, I recently emailed Opnsense and get a great reply back from Mr. Ad Schellevis. He was truly helpful and as I totally butchered my question. I was pointed here. Hopefully, I will manage to get the question right.

I am learning disabled, dyslexia and Aspergers, but I try my hardest to do my own writing. SO here goes.

I want to build my partner CJ and I a network, we were donated a bunch of parts to help us get this off the ground. I have two servers, a few switches no rack yet so making do with homemade:) She wants to get Foreverhome Animal rescue information hub out to a wider audience. https://www.facebook.com/mfharh/
plus as we are both disabled we are helping other small rescues in Scotland that can not afford hosting or websites with a free place to have one to help them with a face to get donations.

Plus, the disability side of things. the place for the CJ and Darren site etc.

--------



What has me stuck is this.
I have a business fiber line from Plusnet in, the modem from BT, our Linksys router a box I built for Opnsense, the two hp servers, 3 switches. I will post the names, numbers at the end.

Now how do I do this correctly, it is a bit above my paygrade as is said.
Do I bypass the Linksys and add that just as wifi later in the chain? or go modem>Linksys>Opnsense box>switch then servers?


Any help is truly appreciated.
Darren.



BT Modem
Linksys WRT1900ACS
Box I built for the Opnsense

Donated Parts.
2x HP Proliant  DL385 G6
Cisco Catalyst 4948 10GE Switch 48 Port
2x Cisco Catalyst 2970 series 24 port switch
Cisco 1700 series router
Surge protector.