Netgate Store

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - newUser2pfSense

Pages: [1] 2 3 4
1
OpenVPN / pfSense OpenVPN Setup and MacBook Pro Setup
« on: April 10, 2018, 08:17:00 pm »
I have a couple of questions about OpenVPN:

1) I've never setup OpenVPN before on pfSense.  I've seen a handful of instructional videos on YouTube.  Would anyone have a suggestion on which video is the best/correct to follow and easy to understand?

2) I already have a dynamic DNS account with pfSense configured to communicate with this account.  When I go to OpenVPN.net, which client do I download and install to my Macbook Pro in order to connect to my pfSense router?  I guess I'm looking for a .dmg file to install.  There is "privatetunnel-mac-2.8.dmg".  Is this what I need?

I just want to make sure I'm doing this correctly.  Any suggestions would be helpful.  Thank you.

2
Cache/Proxy / Re: Can't seem to get Squid Cache + ClamAV to work
« on: February 08, 2018, 04:11:36 pm »

3
Cache/Proxy / Re: Squid ClamAV Not Reporting Virus'
« on: February 07, 2018, 07:39:52 pm »
I'm now on pfSense:
2.4.2-RELEASE-p1
FreeBSD 11.1-RELEASE-p6

Using a Mac mini and MacBook Pro both using Firefox to test the EICAR HTTP files, I completed the 4 steps, twice, and I can still download the HTTP files.  I haven't configured for HTTPS yet.

Another interesting factoid...Using Debian 9 Stretch Linux with Firefox installed, I couldn't download the HTTP files but I still didn't receive the red colored virus message.

4
General Questions / Suricata & IPv6 Alerts
« on: February 06, 2018, 04:37:32 pm »
Iíve installed and configured Suricata with no issues; currently only using it on the WAN.  For blocking, Iím using the Inline IPS Mode; it seems to be working so far.  In System / Advanced / Networking, Iíve unchecked Allow IPv6.

From the Suricata WAN Categories/Rules Iíve enabled, when I look at the Suricata Alerts, I see a lot of IPv6 addresses in the Src and Dst columns.  They seem to stem from entries in the decoder-events.rules:
SURICATA zero length padN option
SURICATA ICMPv6 unknown code
Sport 131 and 132 are used.

Iíve configured both entries for Rule action is drop.

Nevertheless, I thought I disabled IPv6.  I have no devices on my network configured for IPv6.  Any suggestions as to why Iím seeing these IPv6 addresses in the the Src and Dst columns of the Suricata Alerts section?  Thanks.

5
OpenVPN / Re: OpenVPN File to iPhone
« on: February 05, 2018, 04:32:07 am »
I am looking for different way, not using iTunes or any of the other ways the OpenVPN app suggests, but to actually copy/paste the file to a path on the iPhone while the iPhone is connected to a Linux box.  Is this possible?  I hope that makes sense.

6
OpenVPN / OpenVPN File to iPhone
« on: February 04, 2018, 03:07:41 pm »
I realize the iPhone OpenVPN app has several different methods of importing a private tunnel (apparently it's an .ovpn file), however, I'm just wondering if anyone has ever tried to import their private tunnel by connecting their iPhone to a Linux or Mac machine and copied it to the iPhone in this manner?  Can it even be done?  Thanks.

7
Firewalling / Re: Apple Remote Desktop (ARD)
« on: January 22, 2018, 03:04:05 pm »
Thanks Derelict.  I'll give Messages a try.

8
Firewalling / Re: Apple Remote Desktop (ARD)
« on: January 22, 2018, 02:32:21 pm »
Derelict...I wouldn't be able to setup and OpenVPN server on their end.  I know where the Screen Sharing is in System Preferences -> Sharing and they have Remote Management checked in Sharing as well but I'm not sure what you are referencing in "Messages".  Can you point me to that so I can try that?


9
Firewalling / Re: Apple Remote Desktop (ARD)
« on: January 22, 2018, 01:38:26 pm »
Ok, I placed an Any Any LAN rule at the top and did a packet capture on my LAN.  My relatives internet IPv4 address responded back to my LAN IPv4 address several times with a "udp port 3283 unreachable".  Port 3283 is Apple's Remote Management port.  My relative of course has always had remote management enabled on their Mac so I could remote.  Hmm.  Seems something is blocking the port.  Maybe their ISP doesn't have their router in bridge mode maybe?

10
Firewalling / Re: Apple Remote Desktop (ARD)
« on: January 22, 2018, 12:54:59 pm »
I use ARD with my relatives IPv4 address; my Mac to their Mac.  Nothing in between.  It is interesting to see when my relative begins to read the result from whatismyip.com vs the DynDNSs IP check.  It sounds like whatismyip provides an IPv6 address and DynDNS provides and IPv4 address.

I've locked down my LAN pretty tight.  In an effort to test if pfSense was blocking the connection, I created a port alias with 3283 and 5900.  I then crafted a rule on my LAN to pass traffic from my LAN to any using the port alias and still couldn't get through.  Maybe I'm crafting the rules incorrectly.

11
Firewalling / Apple Remote Desktop (ARD)
« on: January 22, 2018, 12:31:00 pm »
Hello...

I'm currently running pfSense 2.4.2-RELEASE-p1 (amd64).  I've been attempting to connect to a relatives MacBook Pro from my Mac using Apple Remote Desktop with no luck.  I've always been able to connect in the past.  There are only two things that have changed since that time; my relative got a new router from her ISP which they stated they put it in bridged mode and I began to use pfSense.  Each of our Macs are up to date as well.  I don't know that pfSense is blocking the connection but am wondering if anyone has any experience with pfSense and Apple Remote Desktop that may be able to provide some guidance?

Thank you.

12
Installation and Upgrades / 2.4.0 ZFS Install
« on: October 16, 2017, 07:18:34 pm »
During the installation process of pfSense 2.4.0, does anyone know if you can choose/select the ZFS file system; a checkbox, radio button or something similar?  I thought I would backup my current pfSense instance and create a fresh install of pfSense 2.4.0 with ZFS and then restore my backup.  Any response would be appreciated.  Thank you.

13
Firewalling / Re: Block private networks - Block bogon networks
« on: June 28, 2017, 06:31:22 pm »
Thanks to everyone that replied.  I appreciate it.  I now have my answer.

14
Firewalling / Block private networks - Block bogon networks
« on: June 25, 2017, 02:52:00 pm »
My WAN interface has the Block private networks... and Block bogon networks checked.
My LAN interface, 192.168.1/24, and my WLAN interface, 192.168.2/24, do not have either checked.  Do I need to check these for my LAN and WLAN?  I couldn't find the correct answer in the forums.
Thanks in advance.

15
Firewalling / Re: Setting Gateways
« on: June 16, 2017, 07:18:54 pm »
Thank you for the reply.  I appreciate the info.

Pages: [1] 2 3 4