Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - elektroinside

#16
Very nice, well done!
#17
Thanks Franco!
Nice list :)
#20
18.1 Legacy Series / Re: PPPoE reconnect loop
April 05, 2018, 06:26:32 PM
This never happened to me...
#21
If we're at it and anybody knows this, yeah, 18.1.7 release date is also very good to know :p
#22
I need this info (if possible to disclose) because of some logistical decisions i need to make.

Thanks.
#23
I have never done your setup. I'll start with saying that anything that needs to be blocked, should be blocked as fast as possible, any other design is risky and i will never recommend anything else.

Regarding your question, you should carefully follow all your fw rules, priorities and ordering. Something with higher priority is passing your packets, probably an "allow any to any" on some interfaces/vlans.

Welcome to OPNsense!
#24
Cloudflare is some sorts of proxy for anything behind them, they intercept all queries before reaching the destination. Including encrypted communication. I didn't try, but without dnssec this may work with Cloudflare as well (although dnssec is not encrypted DNS communication, it is a signed response, with which Cloudflare may interfere).
#25
Follow this tutorial and you will get your IDPS up and running:
https://forum.opnsense.org/index.php?topic=6893.0

It's not updated, but I hope you'll manage to find the options which were modified in the GUI.
#26
18.1 Legacy Series / Re: Bug in DNS resolution?
April 05, 2018, 06:04:15 AM
It works exactly as it should.

This is the help text under that option:
"By default localhost (127.0.0.1) will be used as the first DNS server where the DNS Forwarder or DNS Resolver is enabled and set to listen on Localhost, so system can use the local DNS service to perform lookups. Checking this box omits localhost from the list of DNS servers."

This means your queries go directly to the configured DNS servers, and will not go through the DNS resolver (Unbound) or DNS forwarder (dnsmasq). But they are going out some way or another. There's no bug anywhere :)
#27
Quote from: nle on April 04, 2018, 06:08:32 PM
Do I have to open any ports in NAT/Firewall to make this work?

No.
#28
Much more to gain using Quad9 than Cloudflare anyway. Those 10-15 ms faster performance with Cloudflare is nothing compared to the security offered by Quad9. Regarding privacy.. that's something for you to decide.
#29
Still going strong here... absolutely no issues...
#30
Hmm.. Maybe a packet capture can shed some light what on what is going on there.. have you tried that?