Messages

Now when the new GEOip is here and you create a new license key
should the key be used with  geopipupdate 3.1.1 older or newer?

I have a synology nas that I open some port on so I could connect from outside firewall.
It work perfect.

Then I installed a VPN on my NAS, when I am connected to the VPN I cant access the NAS from outside.

On local side it's no problem to connect to nas with local IP but outside I cant reach the NAS.
It is possible to fix this so I can be connected to VPN and still access the NAs outside firewall?

Thank you, I try this when I come home.

I have one NAS and one webserver.

The webserver have port 80 and 443 open for web and ssl, I have Lets encrypt cert, on this server.
Now I also have a NAS from synology and want to use Lets encrypt on that device too.

My webserver is hosting example1.com domain and on my nas I want domain2.com
But how could this be done?

I think I can on my webserver with open port redirect traffic to domain2.com so it work but how do I do when lets encrypt need port 80 and 443 for renew lets encrypt?

Hello.
Love the new plugin Let's Encrypt.
But is it possible that someone write a tutorial on this.

Probably I get some problem when I add SSL cert from lets encrypt.
But I try and see what happend.

I made it works but not sure I made it correct.

In firewall -> advance I activate 'Reflection for port forwards' (pure NAT)
Also 'Reflection for 1:1' & 'Automatic outbound NAT for Reflection' is activate.

When I go to mydomain.com I am redirected to my webserver control panbel but When I add www to the adress it works.
That is ok for me, redirected to my site with coorect domain name made it easier to work with site.

I have tried split dns but I cant get it to work.

Do I need to do more than enable it?

Now I have set up my firewall with open port 80 and config my webserver with 2 domains.
When I am outside the firewall I could use www.domain.com and domain.com and it works perfect.

But when I am behind the firewall the domain.com take me to the OPNsense login page
www.domain.com take me to a page that have this message on:

A potential DNS Rebind attack has been detected.
Try to access the router by IP address instead of by hostname.

I have read something about NAT reflection but cant get it right.
Can you help me?

bartjsmit today you are a true hero.

I called my ISP and they will give me a public IP.

Hello.
This is really strange.

If I go to a webpage that show my WAN IP I get 185.113.99.137
Also ddclient get this ip from dyndns.
But when I look in OPNsense -> firewall my WAN ip is 100.65.21.225

When I open a webbrowser in phone (outside LAN) and enter
185.113.99.137 - dead no connection
100.65.21.225 - dead no connection

Inside my LAN on my computer
185.113.99.137 - dead no connection
100.65.21.225 - OPNsense login

Why do I get different IP adress?


Question number 2

I cant manage to open a port to my webserver.
I Attach a picture. (Dont know how to show that in forumpost)

Have I done right?

This have never been hard but I feel like it is now a days.

I have decided to start using OPNsense and need some advice on wifi.
Wifi network card is not powerful enough as an access point, or is there a Network Card That is?

Anyway I have an Asus n66u router that i configured as an access point.
How should I configurate the AP in OPNsense?

Should I add it to my switch on a local network or in a network port in my OPNsense?

What is the pro / cons about the switch or network port and how about security?

Hello.

I am new to this forum and this OPNsense.
Before I have running lots of firewallsdistro like m0n0wall, pfsense and untangle.

Now I want to try this distro.

For the first time I shlould by new hardware for my firewall and have looked at this motherboard
http://www.gigabyte.com/products/product-page.aspx?pid=4918#ov

Is this a good motherboard and will it handle all services with about 10-20 users?
Are all the components working with OPNsense?

Or is there another hardware that is batter and cost about the same ammount?