"
Its the same CPU, yes.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Hardware and Performance / Re: Deciso 2770, 3842, 3852, and 3862 CPU
February 16, 2024, 12:37:44 AM #2
Hardware and Performance / Re: DEC2770 RAM Upgrade
February 13, 2024, 09:15:27 PMQuote from: yourfriendarmando on February 12, 2024, 02:56:08 AM
I think for greater adoption of Deciso hardware, there should be a support section to get manuals, BIOS updates, specifications, etc. Comparing to Protecli's website, Deciso is harder to find out about their hardware.
Agreed! I don't expect free hardware support or anything, but a forum section or repository for manuals, user contributions, etc. would be welcome.
I ordered some RAM that should be compatible and will report back here.
#3
Hardware and Performance / Re: extreme power saving possible?
February 05, 2024, 08:23:32 PM
BSD will likely never give you the best possible power savings, but you can enable PowerD and set it to the minimum profile if you haven't already. There may also be some other power-related settings in the 'tunables' menu.
#4
Hardware and Performance / Re: Installation on an Untangle u25
February 05, 2024, 05:35:52 PM
the datasheet says the u25 runs on an intel atom, so theoretically yes. if it has a console port or video out you could almost certainly boot from an opnsense liveusb and install it that way.
#5
Hardware and Performance / DEC2770 RAM Upgrade
February 05, 2024, 05:21:08 PM
apologies if this is covered in the documentation but i couldn't find it - i have a DEC2770 with 8GB of RAM, can I upgrade this? the board diagram looks like a standard DIMM, are there any restrictions on the type or capacity?
TIA!
TIA!
#6
General Discussion / Re: Captive potal and PS5
February 02, 2024, 09:44:03 PM
this sounds to me like a dns issue, i'd check your dns configs first. does a normal pc/phone/etc. have any issues using the captive portal?
#7
General Discussion / Re: Tips for moving from Netgear Orbi router
July 22, 2021, 12:38:26 AM
Is that orbi the mesh wifi system? I'm not intimately familiar with it in particular, but it should have an option for "AP mode" rather than bridge mode (I believe I misspoke before). If so, that's what I'd use. So your network topology would be ISP>Modem (bridge mode)>OPNsense>Orbi mesh(ap mode)/other devices.
As for the order, I'd setup OPNsense on the 280 with the WAN interface set to DHCP, enable basic things like dhcp, dns, etc. then set the modem into bridge mode, plug the OPNsense machine into it, and make sure you have internet.
Then setup the Orbi system as access points on your new LAN, and you'd be good to go.
I hope that makes sense, and I hope it works out for you!
As for the order, I'd setup OPNsense on the 280 with the WAN interface set to DHCP, enable basic things like dhcp, dns, etc. then set the modem into bridge mode, plug the OPNsense machine into it, and make sure you have internet.
Then setup the Orbi system as access points on your new LAN, and you'd be good to go.
I hope that makes sense, and I hope it works out for you!
#8
General Discussion / Re: Tips for moving from Netgear Orbi router
July 21, 2021, 07:20:51 PM
If you're planning on putting the Orbi router into bridge mode, I'd take it out of the picture entirely and use it's satellites solely as access points if that's possible. I assume you don't have a static IP address from your ISP, is your modem in bridged mode? I would suggest this if possible to avoid a doube NAT situation.
Otherwise, setting up a basic network in OPNsense is pretty painless in my experience. Do you have any specific concerns?
Otherwise, setting up a basic network in OPNsense is pretty painless in my experience. Do you have any specific concerns?
#9
Web Proxy Filtering and Caching / Re: HAProxy Clients cant access the internet properly
July 21, 2021, 07:13:20 PM
Can you post your HAproxy config?
#10
Web Proxy Filtering and Caching / Not sure what I'm doing wrong HAproxy
July 21, 2021, 04:55:54 PM
Hi there, some background on my setup/intentions.
I'm trying to setup a nextcloud server on my LAN, and use HAproxy running on OPNsense as a reverse proxy and ssl offload. I currently have NAT rules allowing ports 443 and 80 direct to the nextcloud host (though I don't believe this is correct for my end goal.) and the traffic flows correctly with no SSL. When I enable the HAproxy service, nothing seems to change.
Basically, I'm not sure what firewall rules/proxy config I need. If anyone has any advice, or can point me to any resources I've missed, I'd really appreciate it. Thank you!
Here is the HAproxy config:
I'm trying to setup a nextcloud server on my LAN, and use HAproxy running on OPNsense as a reverse proxy and ssl offload. I currently have NAT rules allowing ports 443 and 80 direct to the nextcloud host (though I don't believe this is correct for my end goal.) and the traffic flows correctly with no SSL. When I enable the HAproxy service, nothing seems to change.
Basically, I'm not sure what firewall rules/proxy config I need. If anyone has any advice, or can point me to any resources I've missed, I'd really appreciate it. Thank you!
Here is the HAproxy config:
Code Select
#
# Automatically generated configuration.
# Do not edit this file manually.
#
#
# NOTE: HAProxy is currently DISABLED
#
global
uid 80
gid 80
chroot /var/haproxy
daemon
stats socket /var/run/haproxy.socket group proxy mode 775 level admin expose-fd listeners
nbproc 1
nbthread 1
tune.ssl.default-dh-param 2048
spread-checks 2
tune.chksize 16384
tune.bufsize 16384
tune.lua.maxmem 0
log /var/run/log local0 info
defaults
log global
option redispatch -1
timeout client 30s
timeout connect 30s
timeout server 30s
retries 3
default-server init-addr last,libc
# autogenerated entries for ACLs
# autogenerated entries for config in backends/frontends
# autogenerated entries for stats
# Frontend: cloud.mydomain (nextcloud)
frontend cloud.mydomain
http-response set-header Strict-Transport-Security "max-age=15768000"
bind 0.0.0.0:443 name 0.0.0.0:443 ssl prefer-client-ciphers ssl-min-ver TLSv1.2 ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256 ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 crt-list /tmp/haproxy/ssl/60f61d81b268b0.59299585.certlist
bind 0.0.0.0:80 name 0.0.0.0:80 ssl prefer-client-ciphers ssl-min-ver TLSv1.2 ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256 ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 crt-list /tmp/haproxy/ssl/60f61d81b268b0.59299585.certlist
mode http
option http-keep-alive
option forwardfor
# tuning options
timeout client 30s
# logging options
option httplog
# ACL: cloudmercurysh
acl acl_60f61c51384f19.94264676 hdr(host) -i cloud.mydomain
# ACL: nc_caldav
acl acl_60f61f185cebf7.32684781 path_end -i /.well-known/caldav
# ACL: nc_carddav
acl acl_60f61f4a0bec96.53535847 path_end -i /.well-known/carddav
# ACL: nc_nodeinfo
acl acl_60f61f74e56445.36705108 path /.well-known/nodeinfo
# ACL: nc_webfinger
acl acl_60f61f9051b7f8.52959457 path /.well-known/webfinger
# ACTION: cloudmercurysh
use_backend cloud.mercury.sh if acl_60f61c51384f19.94264676
# ACTION: nc_caldav
http-request redirect code 301 location /remote.php/dav if acl_60f61c51384f19.94264676 acl_60f61f185cebf7.32684781
# ACTION: nc_carddav
http-request redirect code 301 location /remote.php/dav if acl_60f61c51384f19.94264676 acl_60f61f4a0bec96.53535847
# ACTION: nc_nodeinfo
http-request redirect code 301 location /index.php/%[capture.req.uri] if acl_60f61c51384f19.94264676 acl_60f61f74e56445.36705108
# ACTION: nc_webfinger
http-request redirect code 301 location /index.php/%[capture.req.uri] if acl_60f61c51384f19.94264676 acl_60f61f9051b7f8.52959457
# Backend: acme_challenge_backend (Added by Let's Encrypt plugin)
backend acme_challenge_backend
# health checking is DISABLED
mode http
balance source
# stickiness
stick-table type ip size 50k expire 30m
stick on src
# tuning options
timeout connect 30s
timeout server 30s
http-reuse safe
server acme_challenge_host 127.0.0.1:43580
# Backend: cloud.mydomain (nextcloud server)
backend cloud.mercury.sh
# health checking is DISABLED
mode http
balance source
# stickiness
stick-table type ip size 50k expire 30m
stick on src
# tuning options
timeout connect 30s
timeout server 30s
http-reuse safe
server cloud.mydomain 192.168.42.22:80
Pages1
