The pfsense Club - Page 54 - Overclock.net - An Overclocking Community

Forum Jump: 

The pfsense Club

Reply
 
Thread Tools
post #531 of 561 (permalink) Old 12-07-2018, 08:16 AM
New to Overclock.net
 
zeroibis's Avatar
 
Join Date: Jan 2013
Posts: 573
Rep: 18 (Unique: 17)
Here is my entry into the Club!


I am using an old box from work with a 4 port intel nic I got out of an old server.


I love how simple it is to create fully isolated lans. (my switch does not support vlans)


I have all my lans fully isolated except that the non wifi lans can talk to the printer lan. This was great as I was able to put my sister on her own lan because she uses xbox and other things that require upnp and I do not want that traffic on my lan. However, I did want her to be able to print to the network printer so I made it so our lans can talk to that one. Also I love how easy it is to lock down the printer lan and prevent internet access and only allow the ports the printer should be using.


Same for the wifi having it only talk to the internet and nothing else.


As you may have guessed I am enjoying exploring all the options in Pfsense to also get experience with it for use at work.



You can see the pic below for the system specs.
Attached Thumbnails
Click image for larger version

Name:	pfsense  hw.PNG
Views:	16
Size:	62.8 KB
ID:	236746  

zeroibis is offline  
Sponsored Links
Advertisement
 
post #532 of 561 (permalink) Old 12-08-2018, 01:19 AM
What should be here ?
 
huzzug's Avatar
 
Join Date: Jun 2012
Posts: 5,253
Rep: 358 (Unique: 256)
Quote: Originally Posted by huzzug View Post
Hey guys. I have PFS running on a VM on win7 with a mobile router. The setup ran fine until today morning when it lost access to internet or so I thought.

I can ping and lookup dns for the site from pfsense web gui but can't browse to them from chrome or any other browser.

Any ideas?


Edit: Got the connectivity back. Now trying to set up a VPN server beween 2 pcs. Mine, acting as a server that has PfSense running on VBox that's connected to a mobile router. I've configured the OVPN and extracted the .exe to install on the other system but the connection does not happen. It always times out.

How or where do I look for to troubleshoot this?
Anyone who can help?

#2 their debt is insane, even for a "diverse field" company. They cannot even afford to service the debt maintenance let alone make an actual dent in the debt itself. - Internet Stranger
huzzug is offline  
post #533 of 561 (permalink) Old 12-08-2018, 01:48 PM
New to Overclock.net
 
EniGma1987's Avatar
 
Join Date: Sep 2011
Posts: 6,283
Rep: 337 (Unique: 247)
Quote: Originally Posted by huzzug View Post
Anyone who can help?
Mobile router means gets new IP wherever you plug it in right? Thats not going to work.

EniGma1987 is offline  
Sponsored Links
Advertisement
 
post #534 of 561 (permalink) Old 12-08-2018, 06:59 PM
What should be here ?
 
huzzug's Avatar
 
Join Date: Jun 2012
Posts: 5,253
Rep: 358 (Unique: 256)
Quote: Originally Posted by EniGma1987 View Post
Mobile router means gets new IP wherever you plug it in right? Thats not going to work.
Would setting up DNS in PfSense work?

#2 their debt is insane, even for a "diverse field" company. They cannot even afford to service the debt maintenance let alone make an actual dent in the debt itself. - Internet Stranger
huzzug is offline  
post #535 of 561 (permalink) Old 12-09-2018, 12:30 PM
New to Overclock.net
 
Prophet4NO1's Avatar
 
Join Date: Feb 2014
Posts: 3,075
Rep: 162 (Unique: 119)
I use NoIP for my dynamic DNS needs. Free and you can configure pfsense to auto update it as the IP changes. On the client end, you just put whatever your noip domain is and it pulls the correct IP like any other DNS lookup.

It would be easier, probably, to make pfsnese the server uless you have some specific reason for doing it the other way around.
Prophet4NO1 is offline  
post #536 of 561 (permalink) Old 12-09-2018, 09:06 PM
What should be here ?
 
huzzug's Avatar
 
Join Date: Jun 2012
Posts: 5,253
Rep: 358 (Unique: 256)
I've done just that. The PfSense is a server that's running in a Vbox. The system which has the Vbox is connected to the internet with a mobile router. I've set OVPN server in PfSense as well as set DynamicDNS server side. All I'm doing client side is installing the OVPN settings installation in windows that was exported from server.

#2 their debt is insane, even for a "diverse field" company. They cannot even afford to service the debt maintenance let alone make an actual dent in the debt itself. - Internet Stranger
huzzug is offline  
post #537 of 561 (permalink) Old 12-10-2018, 06:39 AM
New to Overclock.net
 
EniGma1987's Avatar
 
Join Date: Sep 2011
Posts: 6,283
Rep: 337 (Unique: 247)
Quote: Originally Posted by huzzug View Post
I've done just that. The PfSense is a server that's running in a Vbox. The system which has the Vbox is connected to the internet with a mobile router. I've set OVPN server in PfSense as well as set DynamicDNS server side. All I'm doing client side is installing the OVPN settings installation in windows that was exported from server.



both your client and server configs list the IP of the server. You cannot just export a config and be done, you have to manually do your configuration file and specify dynamic DNS server that hosts your stuff. You will also have to wait for that dns server to be updated with your new IP every time you move before anything will work. Even then, Im not positive you can even do such a thing. I dont know if the VPN connections will let you look up a DNS because of a possible security issue that has with it.


You are trying to set up a VPN in the opposite way it was intended. The server is supposed to be stationary/on a network itself like in an office building, and then the clients move around the world and connect in over a secure tunnel.

EniGma1987 is offline  
post #538 of 561 (permalink) Old 12-10-2018, 08:14 AM
Typo Elemental
 
Simmons572's Avatar
 
Join Date: Feb 2013
Location: Carboard box, power strip, and a 56k modem.
Posts: 3,027
Quote: Originally Posted by EniGma1987 View Post
both your client and server configs list the IP of the server. You cannot just export a config and be done, you have to manually do your configuration file and specify dynamic DNS server that hosts your stuff. You will also have to wait for that dns server to be updated with your new IP every time you move before anything will work. Even then, Im not positive you can even do such a thing. I dont know if the VPN connections will let you look up a DNS because of a possible security issue that has with it.


You are trying to set up a VPN in the opposite way it was intended. The server is supposed to be stationary/on a network itself like in an office building, and then the clients move around the world and connect in over a secure tunnel.
He can correct me if I am wrong, but i think he is trying to setup the VPN as a termination point that exits inside the network, without replacing his firewall. It's not a standard usecase, but should absolutely be doable

CPU
AMD Threadripper 1900x
Motherboard
Asus Prime X399-A
GPU
EVGA 1080 Classified
Hard Drive
Samsung 960 Evo
Hard Drive
Intel 750 Series 400GB U.2
Hard Drive
Samsung 850 Pro 512 GB
Hard Drive
Samsung 850 Pro 512 GB
Power Supply
Seasonic 1050w 80+ Gold
Case
Corsair Air 740
Operating System
Windows 10 Pro
CPU
i5 6600k
Motherboard
Asus Z170i Pro Gaming
GPU
Sapphire R9 Nano
RAM
Kingston FURY 16GB (2 x 8GB) DDR4-2400
Hard Drive
Samsung 950 Pro 512 GB
Power Supply
Athena AP-MFATX40 400W Flex-ATX
Cooling
be quiet! ​PURE ROCK ​SLIM
Case
Lian-Li PC-TU 100B
Operating System
Windows 10 Pro
Monitor
ViewSonic XG2401
Keyboard
MK Disco RGB TKL (KBT Brown)
Mouse
Razer Mamba TE
Mouse
Razer Firefly Cloth
Audio
Beyerdynam​ic DT 770 ​Pro 80 ohm
Audio
Antlion Audio ModMic 4 w/ Mute
Audio
Schiit Fulla 2
Other
Noctua NF-A9x14 (x2)
Other
Fractal Design FD-FAN-SSR2-92
Other
Fractal Design FD-FAN-SSR2-60 (x2)
Other
Fractal Design GP12-WT
CPU
i7 6800k
CPU
Xeon e5-1620 V3
Motherboard
EVGA Micro 2
GPU
Asus GTX 780
GPU
Sapphire Fury X
GPU
Sapphire RX 480
RAM
Kingston - FURY 8GB (2 x 4GB) DDR4-2400
RAM
ADATA - XPG Z1 8GB (2 x 4GB) DDR4-2400
Hard Drive
SanDisk - SSD PLUS 240GB
Hard Drive
Kingston - SSDNow V200
Power Supply
Corsair HX850i
Cooling
be quiet! - PURE ROCK
Case
Thermaltake Core V21
Operating System
Windows 10 Pro
▲ hide details ▲


Simmons572 is offline  
post #539 of 561 (permalink) Old 12-10-2018, 10:40 AM
What should be here ?
 
huzzug's Avatar
 
Join Date: Jun 2012
Posts: 5,253
Rep: 358 (Unique: 256)
Quote: Originally Posted by EniGma1987 View Post
both your client and server configs list the IP of the server. You cannot just export a config and be done, you have to manually do your configuration file and specify dynamic DNS server that hosts your stuff. You will also have to wait for that dns server to be updated with your new IP every time you move before anything will work. Even then, Im not positive you can even do such a thing. I dont know if the VPN connections will let you look up a DNS because of a possible security issue that has with it.


You are trying to set up a VPN in the opposite way it was intended. The server is supposed to be stationary/on a network itself like in an office building, and then the clients move around the world and connect in over a secure tunnel.
Quote: Originally Posted by Simmons572 View Post
He can correct me if I am wrong, but i think he is trying to setup the VPN as a termination point that exits inside the network, without replacing his firewall. It's not a standard usecase, but should absolutely be doable
What I'm trying to do is to be able to view the files I have stored on my parents system which is miles away. I did a similar setup for a friend of mine with Hamachi, but that doesn't work on mine. Besides, I got myself involved with PfSense and wanted to experiment with it rather than Hamachi.

#2 their debt is insane, even for a "diverse field" company. They cannot even afford to service the debt maintenance let alone make an actual dent in the debt itself. - Internet Stranger
huzzug is offline  
post #540 of 561 (permalink) Old 12-10-2018, 11:26 AM
New to Overclock.net
 
EniGma1987's Avatar
 
Join Date: Sep 2011
Posts: 6,283
Rep: 337 (Unique: 247)
Quote: Originally Posted by huzzug View Post
What I'm trying to do is to be able to view the files I have stored on my parents system which is miles away. I did a similar setup for a friend of mine with Hamachi, but that doesn't work on mine. Besides, I got myself involved with PfSense and wanted to experiment with it rather than Hamachi.



Then the server should be set up on your parents system, and you would be the client.

EniGma1987 is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off