"
I'm using Nginx as a reverse proxy and I try to set a CSP but I can't figure out how to set default-src 'none' and base-uri 'self'
Maybe someone could point me in the right direction.
Maybe someone could point me in the right direction.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Web Proxy Filtering and Caching / Nginx Security Headers: default-src 'none' & base-uri 'self'
March 06, 2026, 05:21:38 PM #2
25.7, 25.10 Legacy Series / DHCP6 Gateway Monitoring isn't working
September 21, 2025, 06:22:07 PM
Hi, I have basically the same problem described here but I'm on 25.7.3
I get a static IPv4 address and IPv6 prefix from my provider.
My WAN settings:
IPv4 Configuration Type: PPPoE
IPv6 Configuration Type: DHCPv6
Request prefix only & Send prefix hint are both checked
Clients are able to connect to websites via IPv6 and my servers are reachable via IPv6 from the internet. Also IPv6 Ping via Interfaces > Diagnotics is working.
But if I want to Enable Gateway Monitoring the gateway is "Offline" and the Gateway monitor isn't starting with this error in the log:
Routes are there:
I also tried the give the gateway an IPv6 address from within my prefix without luck. If I uncheck "Request prefix only" the gateway still gets an fe80 address.
I get a static IPv4 address and IPv6 prefix from my provider.
My WAN settings:
IPv4 Configuration Type: PPPoE
IPv6 Configuration Type: DHCPv6
Request prefix only & Send prefix hint are both checked
Clients are able to connect to websites via IPv6 and my servers are reachable via IPv6 from the internet. Also IPv6 Ping via Interfaces > Diagnotics is working.
But if I want to Enable Gateway Monitoring the gateway is "Offline" and the Gateway monitor isn't starting with this error in the log:
Code Select
/usr/local/etc/rc.syshook.d/monitor/20-recover: The required WAN_DHCP6 IPv6 interface address could not be found, skipping.Routes are there:
Code Select
ipv6 default fe80::ded2:fcff:fe24:dd60%pppoe0 UGS NaN 1492 pppoe0 WAN
ipv6 2606:4700:4700::1111 fe80::ded2:fcff:fe24:dd60%pppoe0 UGHS NaN 1492 pppoe0 WANI also tried the give the gateway an IPv6 address from within my prefix without luck. If I uncheck "Request prefix only" the gateway still gets an fe80 address.
#3
25.1, 25.4 Legacy Series / DHCP6 Gateway Monitoring isn't working
June 20, 2025, 11:29:36 AM
Hi, I have basically the same problem described here but I'm on 25.1.8
I get a static IPv4 address and IPv6 prefix from my provider.
My WAN settings:
IPv4 Configuration Type: PPPoE
IPv6 Configuration Type: DHCPv6
Request prefix only & Send prefix hint are both checked
Clients are able to connect to websites via IPv6 and my servers are reachable via IPv6 from the internet. Also IPv6 Ping via Interfaces > Diagnotics is working.
But if I want to Enable Gateway Monitoring the gateway is "Offline" and the Gateway monitor isn't starting with this error in the log:
Routes are there:
I also tried the give the gateway an IPv6 address from within my prefix without luck. If I uncheck "Request prefix only" the gateway still gets an fe80 address.
I get a static IPv4 address and IPv6 prefix from my provider.
My WAN settings:
IPv4 Configuration Type: PPPoE
IPv6 Configuration Type: DHCPv6
Request prefix only & Send prefix hint are both checked
Clients are able to connect to websites via IPv6 and my servers are reachable via IPv6 from the internet. Also IPv6 Ping via Interfaces > Diagnotics is working.
But if I want to Enable Gateway Monitoring the gateway is "Offline" and the Gateway monitor isn't starting with this error in the log:
Code Select
/usr/local/etc/rc.syshook.d/monitor/20-recover: The required WAN_DHCP6 IPv6 interface address could not be found, skipping.Routes are there:
Code Select
ipv6 default fe80::ded2:fcff:fe24:dd60%pppoe0 UGS NaN 1492 pppoe0 WAN
ipv6 2606:4700:4700::1111 fe80::ded2:fcff:fe24:dd60%pppoe0 UGHS NaN 1492 pppoe0 WANI also tried the give the gateway an IPv6 address from within my prefix without luck. If I uncheck "Request prefix only" the gateway still gets an fe80 address.
#4
24.7, 24.10 Legacy Series / Access modem (Zyxel FWA710) behind firewall
August 18, 2024, 07:07:03 PM
Hello,
I have a Multi WAN setup with a DSL connection and a Zyxel FWA710 5G Router.
I would like to be able to reach the GUI of the 5G router from my LAN. The Router is in IP Passthrough mode so I see the public IP in OPNsense.
I've read some other forum posts about this topic and added an outbound NAT rule + disabled the "Block private networks" option on WAN_5G without success.
Maybe you can point me in the right direction. I've included screenshots of the interfaces, my outbound NAT rules and the Zyxel router.
I have a Multi WAN setup with a DSL connection and a Zyxel FWA710 5G Router.
I would like to be able to reach the GUI of the 5G router from my LAN. The Router is in IP Passthrough mode so I see the public IP in OPNsense.
I've read some other forum posts about this topic and added an outbound NAT rule + disabled the "Block private networks" option on WAN_5G without success.
Maybe you can point me in the right direction. I've included screenshots of the interfaces, my outbound NAT rules and the Zyxel router.
#5
Hardware and Performance / OPNsense vs. Proxmox Bridge with LAGG
May 22, 2022, 12:32:03 PM
I'm about to set up my first OPNsense instance as a virtual Proxmox machine.
For the WAN interface I'll use a PCIe passthrough NIC.
My question regards the LAN interface. I want to use LAGG with 2 NICs and I have two ideas how to set it up:
1. I set up the LAGG and bridge in Proxmox and use the virtual interface in OPNsense.
2. I create a bridge without NIC in Proxmox, passthrough both NICs to OPNsense, create the LAGG interface in OPNsense and create a bridge with the LAGG interface and the virtual Proxmox interface.
The connection to Proxmox isn't heavily used. The connection from Proxmox LAN to the switch has priority.
Which option would result in better performance and less CPU usage?
For the WAN interface I'll use a PCIe passthrough NIC.
My question regards the LAN interface. I want to use LAGG with 2 NICs and I have two ideas how to set it up:
1. I set up the LAGG and bridge in Proxmox and use the virtual interface in OPNsense.
2. I create a bridge without NIC in Proxmox, passthrough both NICs to OPNsense, create the LAGG interface in OPNsense and create a bridge with the LAGG interface and the virtual Proxmox interface.
The connection to Proxmox isn't heavily used. The connection from Proxmox LAN to the switch has priority.
Which option would result in better performance and less CPU usage?
Pages1
