On a previous post, we’ve discussed how to use Bind9 on your pfSense in a way that external names were forwarded to name servers while internal names were statically resolved by Bind. In this post, we are going to discuss how to override the IPs returned by external name servers with IPs of our choosing….
On a previous post, we’ve discussed how to use Bind9 on your pfSense in a way that external names were forwarded to other name servers and internal names were statically resolved. In this post, we are going to integrate pfSense’s DHCP Server and Bind9, so that when DHCP assigns an IP to a device, it…
If there is one annoying thing on pfSense that seems to be never fixed is its DNS Resolver service called Unbound. Release after release, the Netgate folks still struggle to identify and fix the random crashes, unexpected restarts and whatnot. In this post, we are going to install Bind9, a very solid DNS server, to…
From previous posts, we have deployed Zabbix Server on a Proxmox container. We also hardened the installation through Let’s Encrypt certificates for the web frontend and TLS encryption for the communication between Server and Agents/Proxies, after all, although encrypted Zabbix Server <-> Agent/Proxy communication with PSK or SSL certificates 🙂 In this post I will…
In crazy times as today’s, having strong and unique passwords are a must to handle threats from Internet. However, keeping track of such passwords is very hard, and this is where password managers come in. There are several password managers out there, but I really enjoy Bitwarden. If you don’t know them, I urge you…
Most Internet Service Providers (ISP) install devices in our houses, such as a cable/DSL modems or a ONT/ONU for optical, which have a web interfaces on a private IP address of its own. Since the device is not connected to any port of your local network switch, and therefore, sit outside your your network, accessing…
Private Internet Access (aka PIA) provides a cheap VPN service that allows up to 10 simultaneous devices. Recently I have switched from Surfshark to PIA because although Surfshark allows unlimited devices, having multiple connections in the same device (pfSense router) doesn’t always work. The reason is that different connections to different countries can have the…
In previous posts it was discussed how to create a DMZ network and host a website from a isolated VLAN on your network. That is a powerful resource, but with the limitation of not being possible to use a friendly FQDN such as geekistheway.com or mydomain.com as the frontend for the websites. This post will…
DMZ (aka Demilitarized Zone) network as defined by Wikipedia “is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet”. The purpose is to add an additional layer of security by separating what is exposed a public service in the DMZ, while the rest of…
In this short post I will describe how to force your DDNS service to periodically refresh your IP on your pfSense. In theory, that should never be needed because when your WAN IP changes, DDNS service should notice it and update your IP on demand. However, I have notice my IPSEC tunnel never reconnected after…