121
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
122
Zenarmor (Sensei) / Whitelist only
« on: January 03, 2021, 09:48:20 pm »
Hi, is it possible to configure a policy based on a strict whitelist approach, meaning everything is blocked except what is defined within the whitelist?
br
br
123
Zenarmor (Sensei) / Re: Sinkhole for Ad Blocking
« on: January 03, 2021, 02:16:18 pm »We're currently working on this and hope to ship before year-end.
Would be great!
Thanks
124
20.7 Legacy Series / Re: Unbound service routinely stopping/crashing following 20.7.7 update
« on: January 02, 2021, 06:28:11 pm »
for the record,
I upgraded to 20.7.7_1 last week and immediately applied the patch:
No issues identified, everything works.
br
I upgraded to 20.7.7_1 last week and immediately applied the patch:
Quote
# pkg add -f https://pkg.opnsense.org/FreeBSD:12:amd64/20.7/misc/unbound-1.13.0_1.txz
No issues identified, everything works.
br
125
German - Deutsch / Re: Hilfe für ein Isoliertes VLAN. Nur Internet
« on: December 30, 2020, 11:07:52 am »126
German - Deutsch / Re: DLNA/UPNP Mediaserver / Vlan
« on: November 12, 2020, 11:29:09 am »
Hab ein ähnliches Setup und wollte den Server nicht in das LAN stellen mit dem Smart TV. Hab einen Raspberry als Medienserver welcher auf das Synology NAS per SMB zugreift auf spezifische Ordner in das TV LAN gestellt.
fg
fg
127
Virtual private networks / Re: IPsecVPN With Windows 10 native VPN Client
« on: November 08, 2020, 08:04:08 pm »https://docs.opnsense.org/manual/how-tos/ipsec-rw-w7.html
This guide requires you to install Root Certificate into your client. Should I remind you that it is a big security risk?
https://blog.malwarebytes.com/security-world/technology/2017/11/when-you-shouldnt-trust-a-trusted-root-certificate/
Is there any other way to enable VPN without exposing your clients' computers to potential malware, etc?
Hi, here is some misunderstanding. The opnsense guide requires you to install "Your" Root certificate. As long as everything is proper setup and you protect the private keys belonging to your CAs this is not a security risk.
You can trust your CA more than any other public CA
.br
128
German - Deutsch / Re: OPNsense / *sense (Online) Usergroup?
« on: October 31, 2020, 05:17:22 pm »
Ich wäre auch dafür, wenn irgendwie möglich versuche ich teilzunehmen.
Fg
Fg
129
20.7 Legacy Series / Re: Unbound DNS blacklist
« on: October 25, 2020, 04:00:25 pm »
Ok thanks!
Just doublechecked, it works.
br
Just doublechecked, it works.
br
130
20.7 Legacy Series / Re: Unbound DNS blacklist
« on: October 25, 2020, 12:07:15 pm »
Hi all, just one questions. I switched from manual blacklist to the Unbound blacklist feature.
The blacklist entries should be stored in the /var/unbound/etc/dnsbl.conf or I am wrong here?
In my case the file is still empty after enabling the feature, even so all files in /var/unbound/etc/
Where are the entries stored?
br
The blacklist entries should be stored in the /var/unbound/etc/dnsbl.conf or I am wrong here?
In my case the file is still empty after enabling the feature, even so all files in /var/unbound/etc/
Where are the entries stored?
br
131
20.7 Legacy Series / Re: Unbound DNS returns IP addresses for all local VLAN interfaces
« on: October 23, 2020, 03:25:55 pm »
@Mks: the help text says that the unbound custom options will be removed in a future version so that' s nothing I want to use if possible
Yes, but there will an alternative for that, see https://github.com/opnsense/plugins/issues/1503#issue-493737939
br
Yes, but there will an alternative for that, see https://github.com/opnsense/plugins/issues/1503#issue-493737939
br
132
20.7 Legacy Series / Re: Unbound DNS returns IP addresses for all local VLAN interfaces
« on: October 18, 2020, 11:56:49 am »
Hi,
you can configure "views" in the "Custom Options", may this solves the issue.
br
you can configure "views" in the "Custom Options", may this solves the issue.
br
133
20.7 Legacy Series / Re: How to use DNS over TLS in 20.7.3
« on: September 29, 2020, 06:42:14 pm »
Hi,
I've it configured via Custom Options
br
I've it configured via Custom Options
br
134
20.7 Legacy Series / Re: How to use DNS over TLS in 20.7.3
« on: September 28, 2020, 09:01:20 pm »
Hi, sorry my fault, I misunderstand the question.
One question, is certificate verification, e.g 185.95.218.42@853#dns.digitale-gesellschaft.ch supported?
br
One question, is certificate verification, e.g 185.95.218.42@853#dns.digitale-gesellschaft.ch supported?
br
135
20.7 Legacy Series / Re: How to use DNS over TLS in 20.7.3
« on: September 28, 2020, 04:04:01 pm »
Hi, don't get it. I've 20.7.3 running, Custom Options are still available in Unbound.
Please elaborate.
br
Please elaborate.
br