In my previous post, we went through the process of installing Zabbix Server on a Debian LXC container. Although it works alright, it doesn’t come with HTTPS support out of the box. It also has an “ugly” /zabbix in the end of the URL. In this short post, we are going through the steps of…
In crazy times as today’s, having strong and unique passwords are a must to handle threats from Internet. However, keeping track of such passwords is very hard, and this is where password managers come in. There are several password managers out there, but I really enjoy Bitwarden. If you don’t know them, I urge you…
Private Internet Access (aka PIA) provides a cheap VPN service that allows up to 10 simultaneous devices. Recently I have switched from Surfshark to PIA because although Surfshark allows unlimited devices, having multiple connections in the same device (pfSense router) doesn’t always work. The reason is that different connections to different countries can have the…
DMZ (aka Demilitarized Zone) network as defined by Wikipedia “is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet”. The purpose is to add an additional layer of security by separating what is exposed a public service in the DMZ, while the rest of…
On Wednesday, September 29th 2021 a widely used Certificate Authority (CA) from Let’s Encrypt expired and brought the world to its knees. Well, at least my homelab, anyways. The exact message would be something like “The following CA/Certificate entries are expiring: Certificate Authority: Acmecert: O=Let’s Encrypt, CN=Let’s Encrypt Authority R3, C=US” The fix is quite…
If you recently upgraded to pfSense 2.5, you may have received notifications about some CA/Certificate entries close to expiring. The exact message would be something like “The following CA/Certificate entries are expiring: Certificate Authority: Acmecert: O=Let’s Encrypt, CN=Let’s Encrypt Authority X3, C=US” The fix is quite simple, just visit System >> Cert Manager >> CAs…
Many of us have more than one pfSense (maybe connecting our home and office, our home and our parents, etc) which would benefit with a direct connection between them. In this post I will describe how to create a routed tunnel that connects both ends, in a way that Site A can directly access Site…
A typical home network is a simple single network and if any of your devices is compromised or infected with malware, the attacker may be able to spread malware or compromise all of your other devices. You can better protect your home network by separating your home network into sub-networks (aka subnets). Devices in a subnet do…
A typical home network is a composed of a single network and if any of your devices is compromised or infected with malware, the attacker is able to spread malware or compromise all devices. You can better protect your home network by separating your home network into sub-networks (aka subnets). Devices in a subnet do not have…
Surfshark provides a cheap VPN service that allows unlimited number of devices with ad blocking. In this tutorial we are going to configure pfSense with Surfshark and assign an interface to it so that we can route it to other services. Surfshark information The first step is getting your Surfshark credentials. Go to the login…