OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of rgradert »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - rgradert

Pages: [1]
1
Virtual private networks / Re: Advices on my new setup
« on: September 25, 2024, 11:31:15 pm »
You are on the right track, I would recommend looking at
https://docs.opnsense.org/manual/nat.html#one-to-one

The OPNsense documentation doesn't look like it covers this just yet.

You could also check out the Netgate documentation for this as it is almost the same.

https://docs.netgate.com/pfsense/en/latest/nat/1-1.html


I personally use a WAN aggregator for this with multiple firewalls for different network segments and private APN stuff through IPSEC/BGP.

2
Virtual private networks / IPSEC VTI and Domain Controller Access
« on: September 25, 2024, 10:20:27 pm »
Hello,

To preface, I have an old Netgate appliance that is failing. Mission critical life safety equiment resides on this network so downtime would need to be limited heavily. As a result, we are standing a new OPNsense firewall up adjacent to the old network. All new Firewall, Switches, VLANs, etc etc.

Vlans are created with any/any on the new FW. Wireguard established for mobile devices. IPSEC established for LAN to LAN traffic between the networks. Tunnels are up and working. Devices ping, some limited services are available.

No domain services can be established. The goal being to stand up a new DC and replicate it to the old. Then slowly move all network devices over to the new system. Once complete, move the DCs over to the new network. Hopefully providing minimal downtime.

Anyone have experience with this.

For one, there is a 'main switch' as the primary gateway with a 0.0.0.0/0 default route to the old firewall. This created the asymmetrical routing issue resulting in default deny rules playing goalie. NoW that is sorted but services still cannot be established.


3
Zenarmor (Sensei) / Re: Block ALL does NOT block iMessage and FaceTime
« on: December 13, 2022, 07:04:05 pm »
Quote from: NW4FUN on December 07, 2022, 04:24:34 pm
That's not the case as testing was made while on Wi-Fi...however, even when off WLAN, it automatically initiates a VPN tunnel into the FW routing all traffic through it.

I clearly understand that a VPN is utilized to keep all traffic routed through the firewall regardless of connection.

What's the confusion?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2