skipmorrow

joined 1 year ago
 

I currently have my reverse proxy on my NAS. That means I forward all of my 443 HTTPS traffic to my NAS. I am using OpnSense for my router, and there are several options for reverse proxies on that. Everything works the way it is now, but I do wonder if it would be "better" if I moved all of the reverse proxy stuff to my router. I don't know that anything would be simpler to manage one way or the other, so I think it comes down to best practices and security. If I move the reverse proxy to my router, I would be able to remove that forwarded port, but is that really any more or less secure?

 

This is kind of hard to explain, but hopefully it makes sense. I don't think a screenshot would help because everything "LOOKS" fine. But the characters in my Ubuntu VM console look funny. And I can't drag my mouse across the text to select it. Nor cacn I right-click. The console works fine, and I can run commands. I don't see the Ubuntu desktop, just this console. I don't even really need the desktop, but if it's there and I can start it up when I want it, that will be OK, but for now I would like to figure out how to get a regular console for this VM. Any ideas? Thanks, and sorry for the newb question!

[โ€“] skipmorrow@lemmy.world 0 points 10 months ago

Yeah, but I'd rather not change it because I am pretty sure there are some devices in the house where I set up static IP addresses. I try not to do that, but over the years, I am pretty sure there are at least a couple. Heh, maybe a good time to seek them out!

[โ€“] skipmorrow@lemmy.world 1 points 10 months ago (2 children)

Let's see if I got this... great idea to disable DHCP on the new OPNSense for now. I forgot about that. Just keep the one LAN cable going in, and I will just keep the IP address as it is right now (.79). Not even worry about the WAN port at all. Set up all of the features, including things like reserved IP addresses and whatnot. Then, when I am ready to drop it in, I will turn the old router off, and on the new router set up a static IP on the LAN port (.0.1) and add the WAN port (DHCP). Drop it in place, turn on DHCP and I'll be good to go.

 

I am going to build a router with OPNSense (in Proxmox, on an HP thin client). I am stuck with setting up the networking (I have the Inel 4-port card). I don't really know how to get started. Right now my device has one LAN cable going into it, and my consumer router is doing everything. I can set up a bridge for the other ports, but what IP address will I use for the LAN? I can't use 192.268.0.1 because that will collide with my consumer router. Do I just take my consumer router offline while I am setting this up?I'd rather not because for sure I will get stuck and will want to look something up online. I guess I could use my phone but not the best when I am trying to see someone setting up something like this.

Silly question, I know, but I just can't think of a clean way to get this going with minimal disruption. In a nutshell, what's a good strategy for setting up and testing the OPNSense while it's not actually doing any routing and then seemlessly drop it in and start working on it?

 

I'm thinking about building a box for pfsense. Looking at hardware options and I see a pretty significant difference in price when comparing hardware with and without AES-NI. I don't necessarily think I'll need AES. The way I understand it, AES is for using VPN that is somehow running on the router??? I mean, my wife and I both use VPNs on our work computers so we can reach our work networks, but that isn't using any encryption features on my router, is it?? Or am I not understanding?