Unifi Dream Machine Pro (aka UDM Pro) is a nice appliance for acting as Unifi controller for your Access points (APs), while it also offers a 8-port managed switch using low power, noise and heat. It is an average router, and a lousy security appliance (hopefully they will improve a lot in this area). This…
For future posts, you will need to have at least one pair of public/private SSH keys installed on your devices for no password access to them. To do so, simply run ssh-keygen -t rsa -b 4096 to generate a 4096 bits RSA key. You will be asked to confirm the key name. Accept the default…
For future posts, we will need to have SSH enabled on the pfSense device, so let’s get this out of the way. Configuring SSH user I highly recommend not to use admin user for accessing pfSense through SSH. If you do it, you will face several constrains which will probably cost you hours to go…
For future posts, we will need to have SSH enabled on the Synology NAS, so let’s get this out of the way. Although you can use admin user to connect to Synology DSM, you can create a new user for this purpose. Go to Control Panel >> User and click the Create button, fill in…
For future posts, we will need to have SSH enabled on the Unifi devices, including the Dream Machine Pro, so let’s get this out of the way. Allow SSH access onto UDM-pro Go to your UDM-Pro page (eg. 192.168.1.1). As usual, you will have to use your Unifi account credentials to login on the UDM-Pro….
In a previous post, I have described how to issue Let’s Encrypt certificates for free. SSL certificates have many applications, including replacing self-signed certificates that are not recognized by browsers. That is the goal of this post. Replace pfSense’s self-signed certificate by the one we have created using Let’s Encrypt API. Let’s Encrypt setup If…
In a previous post, we have been through the steps to setup DuckDNS DDNS on your pfSense. However, if you are using CloudFlare as your DNS provider, it makes sense to configure it to also provide a Dynamic DNS for your domain. It is worth remembering that CloudFlare has a free version to manage your…
DuckDNS is a simple and free Dynamic DNS (aka DDNS) service that is supported as a custom configuration on your pfSense, but still very stable and easy to get it running with the right steps. DuckDNS account Go to duckdns.org and sign-up using one of the many supported authentication methods. In particular, I find it…
If you are like me and don’t want unencrypted data flowing on your network or maybe even on Internet, than this post is for you! I will adopt CloudFlare DNS as it has API to integrate with Let’s Encrypt SSL services through the ACME plugin. Both CloudFlare and Let’s Encrypt are free, so that is…
This post is complementary to a previous POST protecting your network from malicious DNS. Here we are going to leverage a recent addition to pfBlockerNG: a brand new DoH feed! What is the big deal in allowing DNS over HTTPS (aka DoH) on your network?! Well, users can bypass the DNS over TLS of your…