OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of fabian »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - fabian

Pages: 1 [2] 3 4 ... 185
16
German - Deutsch / Re: reverse proxy | nginx | host not found in upstream
« on: July 15, 2022, 05:39:21 pm »
DNS-Problem?

17
Web Proxy Filtering and Caching / Re: Upstream Server for Nginx using a self-signed certificate
« on: July 06, 2022, 05:32:37 pm »
You can use a trusted one or you can open the advanced settings.

18
General Discussion / Re: Dropbear SSH Server
« on: July 03, 2022, 11:24:00 am »
You are likely not scanning OPNsense but some kind of an embedded device.

19
Web Proxy Filtering and Caching / Re: transparent HTTPS-Proxy - Exclude Network-Members
« on: July 01, 2022, 06:59:46 am »
You can use a port forwarding rule for exclusion.

20
General Discussion / Re: Change Nginx Upstreamserver via API
« on: June 29, 2022, 11:08:45 pm »
Go to the user and generate a key.

21
Web Proxy Filtering and Caching / Re: WAF nginx - add rules naxsi
« on: June 29, 2022, 11:06:33 pm »
There is an API in the background.

22
Web Proxy Filtering and Caching / Re: Captive portal + transp.proxy + ICAP. credential data
« on: June 22, 2022, 12:47:42 pm »
In the portal solution or with a few hacks not supported on OPNsense

23
German - Deutsch / Re: Verständnisfrage zu Benutzer Zertifikaten
« on: June 22, 2022, 12:32:36 pm »
Die Verknüpfung ist nicht für die Weboberfläche da, sondern zum Beispiel für OpenVPN.

Wenn du eines der beiden großen Proxy-Plugins installiert hast, kann das ein Zertifikat verlangen.

24
General Discussion / Re: Access to Web Server from Outside
« on: June 12, 2022, 12:29:33 am »
The hosting capability is very restricted as the nginx plugin is running on a firewall appliance. For example, you may not get a database driver you need etc.

It can serve static files or PHP files with not that many PHP extension requirements. So the best thing is to forward the connection to your apache httpd you have already prepared using the nginx reverse proxy. Usually you have to set one or two values on a page and leave the rest at the defaults.
And yes, you could also use nginx on the backend server instead of apache httpd. But that is your application server, you are going to configure and does not matter from OPNsense's point of view.
If OPNsense cannot reach your apache httpd, then check the following:

* does the target host have its own firewall and is it properly configured (allows access from OPNsense to the target application) -> nftables / iptables on linux
* does the apache httpd listen on the correct IP address and port?

25
Zenarmor (Sensei) / Re: Blacklisting youtube.com for Google Chrome
« on: June 04, 2022, 08:43:23 pm »
Sure you can use any port but QUIC is only used by HTTP 3 in the HTTP context which forces encryption using QUIC so it is HTTPS by default. Other ports for HTTPS than 443 are uncommon.

26
Zenarmor (Sensei) / Re: Blacklisting youtube.com for Google Chrome
« on: June 04, 2022, 06:33:08 pm »
QUIC is only available via HTTPS, not with HTTP so only UDP/443.

27
German - Deutsch / Re: interner FTP Server nicht erreichbar von aussen
« on: May 28, 2022, 04:42:49 pm »
os-ftp-proxy installieren und konfigurieren:

auf feste IP verbinden -> FTP server eintragen rest nach bedarf einstellen.

Dann DNAT regel auf WAN auf den FTP Proxy machen und die verbindung erlauben.

Das wars dann auch schon.

28
Web Proxy Filtering and Caching / Re: NGINX Reverse Proxy - subdomains
« on: May 28, 2022, 04:34:53 pm »
not restart - that will *NOT* regenerate the config. It will do what service control is expected to do - restart only.
The reconfigure button is *ALWAYS* on the bottom of the pages or it will be done when clicking the apply button.

29
Web Proxy Filtering and Caching / Re: WAF nginx - add rules naxsi
« on: May 25, 2022, 08:03:53 pm »
Id just needs to be unique. It should not be < 1000 since that are the internal rules. The rest is up to you.

30
Web Proxy Filtering and Caching / Re: NGINX Reverse Proxy - subdomains
« on: May 25, 2022, 07:58:34 pm »
Click on the reconfigure button.

Pages: 1 [2] 3 4 ... 185
OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2