Search found 16 matches

by UAW-Chrysler NTC
January 14th, 2019, 12:38 pm
Forum: Hardware
Topic: QOTOM-Q350G4 for GROB personnal network ?
Replies: 2
Views: 821

Re: QOTOM-Q350G4 for GROB personnal network ?

I have one too for my simple RED/GREEN network at my condo. I recently revised my approach on things and here's what and why. 1st the J1900 CPUs dont support AES-NI and as such that's something that I feel will be needed going forward, especially since I VPN always. Also, I stay away from the 2-port...
by UAW-Chrysler NTC
January 9th, 2019, 7:22 pm
Forum: IPFire in General
Topic: traffic monitor
Replies: 2
Views: 361

Re: traffic monitor

https://wiki.ipfire.org/addons/start
Iftop is a realtime bandwidth monitor
iptraf-ng is a console based network statistic monitoring utility.
by UAW-Chrysler NTC
January 9th, 2019, 7:16 pm
Forum: IPFire in General
Topic: Running primary/secondary DNS server behind IPFire?
Replies: 2
Views: 209

Re: Running primary/secondary DNS server behind IPFire?

Perhaps see the wiki about DNS forward configuration
Start here https://wiki.ipfire.org/dns/start
by UAW-Chrysler NTC
January 9th, 2019, 7:11 pm
Forum: IPFire in General
Topic: Filter by Windows Server 2016 AD users but not by IP
Replies: 3
Views: 239

Re: Filter by Windows Server 2016 AD users but not by IP

I suppose if you turn on web proxy and authenticate via AD ( in ipfire as Windows NT4 Domain)
In essence you are controlling who goes to the internet by their AD login.
Is that what you're trying to so ?

I've never used that authentication via web proxy but I see it there.
by UAW-Chrysler NTC
January 9th, 2019, 7:07 pm
Forum: IPFire in General
Topic: Site to Site VPN on DMZ
Replies: 1
Views: 139

Re: Site to Site VPN on DMZ

You gotta get rid of the old routers. Site to site VPN is predicated on the routers at each end. So bite the bullet and replace them. To stick IPfire on the inside and then try to get to the DMZ etc seems crazy to me. I like keeping things simple. You said it, the current edge devices are old. It's ...
by UAW-Chrysler NTC
January 9th, 2019, 7:02 pm
Forum: IPFire in General
Topic: how to capture traffic to port 443 / https ( not caching the site )
Replies: 2
Views: 193

Re: how to capture traffic to port 443 / https ( not caching the site )

Why not setup a sniffer on the LAN and then you will get what you need ?
Why try to do that when there are other means to do captures.
Wireshark does a good job
by UAW-Chrysler NTC
January 9th, 2019, 6:59 pm
Forum: Hardware
Topic: apu3b4
Replies: 1
Views: 635

Re: apu3b4

Runs great
What's wrong with yours?
by UAW-Chrysler NTC
January 9th, 2019, 6:57 pm
Forum: Hardware
Topic: Outdoor Wifi Antenna
Replies: 2
Views: 479

Re: Outdoor Wifi Antenna

Hardware is so cheap and accessible.
Why not just upgrade your hardware.
Even if it was doable the performance would be lacking :)
You will enjoy thing more if you just upgrade your equipment.
by UAW-Chrysler NTC
January 9th, 2019, 6:53 pm
Forum: Hardware
Topic: IPFire on mini-itx plus UE200 USB NIC
Replies: 2
Views: 453

Re: IPFire on mini-itx plus UE200 USB NIC

I can confirm factually that this USB 3.0 gigabit adapter works TP-LINK USB 3.0 to Gigabit Ethernet Network Adapter I don't suggest buying an older USB 2.0 one. Afterall, you might end up with a USB 3.0 port and be able to gain plenty of speed instead of being stuck with a USB 2.0 via a USB 3.0 port...
by UAW-Chrysler NTC
January 9th, 2019, 6:43 pm
Forum: Installation
Topic: Ipfire wireless client
Replies: 1
Views: 440

Re: Ipfire wireless client

You can configure ipFire in a RED - BLUE - GREEN configuration In this setup if you choose you can have RED (Internet or WAN) can be wireless. Wireless in a sense that you are getting your Internet connectivity via wireless. So this connection to the RED Ethernet port is based on whatever equipment ...
by UAW-Chrysler NTC
January 9th, 2019, 6:26 pm
Forum: Installation
Topic: OpenVPN Net2Net routing issues
Replies: 6
Views: 409

Re: OpenVPN Net2Net routing issues

I do these configs all the time. From your description I can say this. 1. You speak of a bridge network Your GREEN should be a private IP network address Make sure your Office B uses a different private IP address This ensures no conflict when you setup the VPN site to site Also check that the gener...
by UAW-Chrysler NTC
January 9th, 2019, 6:09 pm
Forum: Installation
Topic: Router behind ipfire
Replies: 7
Views: 923

Re: Router behind ipfire

Likely that router you have not configured properly with the wifi capabilities. You should try a switch as suggested because using one of those routers with wan and wifi as a switch can get tricky. If you really want to have Wifi on your GREEN network just buy an access point and configure it. Plug ...
by UAW-Chrysler NTC
January 9th, 2019, 6:01 pm
Forum: IPFire in General
Topic: How to block local LAN SPecific IPs from INternet
Replies: 2
Views: 264

How to block local LAN SPecific IPs from INternet

Hey Everyone, What's the best practice for blocking a select few local IPs on the LAN (green side) from going to the Internet ? Just don't want anything from those 4 PCs on the LAN to be able to go Internet bound. What's the best practice ? I've thought of using Web Proxy & URL Filter and specifying...
by UAW-Chrysler NTC
October 23rd, 2018, 12:14 pm
Forum: IPFire in General
Topic: How to access ipFire from Internet
Replies: 9
Views: 639

Re: How to access ipFire from Internet

When I establish that rule, at the bottom it says policy:blocked I can't access from the outside. I changed from GeoIP any network and it seem to work. I say seem because I'm doing this test internally now. So it Network A and ipfire establishes network B From network A PC I use the WAN address of i...
by UAW-Chrysler NTC
October 23rd, 2018, 11:15 am
Forum: IPFire in General
Topic: How to access ipFire from Internet
Replies: 9
Views: 639

Re: How to access ipFire from Internet

Yes, I want to access the GUI, the web interface.
So I want to be anywhere on the Internet, outside, and access the firewall's GUI.
You know, access like via https://domain.com:444 and see the firewall.

That's what I wish to do :)