Announcement

Collapse
No announcement yet.

Anyone want to help me set up pfSense?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Is MaxMind's DB a DNSBL feed?

    Here's one for folks: following that guide do I have to configure things for OpenVPN as well? And what about firewall rules? Do I need to duplicate my firewall rules for my VPN client or will the regular rules apply?
    Originally posted by rprade
    There is no rhyme or reason to the anarchy a defective Z-Wave device can cause

    Comment


    • #17
      Is MaxMind's DB a DNSBL feed?

      No it is a global geoblocking list. PFBlocker blocks network addresses known to be used for malware and similiar.

      IP Geolocation and Online Fraud Prevention | Maxmind

      OpenVPN or any of the optional VPN configurations are similiar that they are all VPN.

      VPN (virtual private network) is an encrypted tunnel from outside of your network to the inside of your network. When you are using a VPN tunnel to access your home network you see everything on your LAN as if you were at home. The firewall rules get autoconfigured for the VPN you are using. No need to change what PFSense configures.

      Do I need to duplicate my firewall rules for my VPN client or will the regular rules apply?

      The VPN tunnel has its own rules on either client or host side. You just configure the VPN settings to match on the Host and the Client. Easy peasy stuff and way easier than a few years ago.


      When the client VPN is up and connected to the host VPN (PFSense) you are protected from the internet via the PFSense firewall. If you open a browser and do a "what is my IP?" you will see your home internet IP address.

      VPN has been around a long time.

      Did this for the airline many years ago.

      It allowed for access from anywhere on the internet. It is a multilayered secure tierd approach using layers like an onion. It is very flexible.

      VPN

      With two PFSense boxes you can create a VPN bridge that is always up between two points of presence; say for remote controlling a second Homeseer 3 box.

      You can do an el cheapo VPN like connection between two points of presence using SSH. In the SSH tunnel you can run other services locally.

      IE:

      1 - SSH to another computer from your desktop to another computer passing port 22

      ssh -D 8888 root@internetipaddress

      2 - configure you favorite local browser to connect to the above via a loopback address / proxy

      general settings - network proxy - manual proxy port 8888 using loopback address of 127.0.0.1

      When you surf you will be surfing from the distantly connected network.

      You can test it by just typing in what is my IP.

      Using SSH you can also configure RDP or VNC within the SSH tunnel as above.
      Last edited by Pete; May 11th, 2018, 02:04 PM.
      - Pete

      Auto mator
      Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.8X
      Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.8X
      HS4 Pro - V4.0.5.0 - Ubuntu 18.04/W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono 6.8X
      HS4 Lite -

      X10, UPB, Zigbee, ZWave and Wifi MQTT automation. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant

      Comment

      Working...
      X