Topics

1

Documentation and Translation / 16.7.3 port forwarding and error on IDS doc

« on: September 23, 2016, 10:42:11 pm »

Docs » User Manual » Inline Intrusion Prevention System » IPS SSLBlacklists & Feodo Tracker
says system-settings-networking   should be  interfaces:settings

Be nice to include a simple port forwarding section with details for adding a port forward... I googled it and got wrong into for destination address  (should be WAN address)

Thanks

2

16.7 Legacy Series / 16.7.3 port forwarding

« on: September 20, 2016, 11:16:02 pm »

Just install 16.7.3 on new box...  setup lan and wan interfaces, nest thing I did was setup NAT, port forwarding

I tried using wan DHCP    as well as static WAN  IP    but nothing is working.

I have upstream gateway which is a frontier DSL modem , made subnet /24   on static WAN

I am trying to forward port 8100 which is a management port for an app I use.   I forward frontier modem to wan interface of opnsense, then forward wan to my lan ip, it creates a firewall rule appropriately.

I'm using canyouseeme.org to check for port 8100.... no good.

My normal router works fine  (Mikrotik)

Any ideas?

3

16.7 Legacy Series / SSL/HTTPS Transparent Proxy

« on: September 15, 2016, 10:20:55 pm »

I am on newest opnsense ver 16.7.3 and am a newbie. Transparent proxy is setup for HTTP but not yet for HTTPS due to all the warnings about man in the middle. I would like to do HTTPS proxy filtering with transparent but have questions...
1. Will all browsers give cert errors until I give them a cert to install? What if I buy a cert through a trusted public CA?
2. If I enable the "SSL Domain/IP only" setting under the general forward proxy settings, will the certificates still be required for access? I understand no filtering will be done here, so maybe no need  for certs?