Wiki

User Tools

Site Tools

Trace: media_server rsync_files_securely_with_and_without_a_password test_enpassant_capture_gives_check
pfsense:install_pfsense:pfsense_configuration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pfsense:install_pfsense:pfsense_configuration [2021/06/18 08:32] – [Miscellaneous Configuration] peterpfsense:install_pfsense:pfsense_configuration [2023/04/22 08:31] (current) peter
Line 7: Line 7:
 In **DNS Server Settings**: In **DNS Server Settings**:
  
-  * DNS servers:  **Any DNS Servers you want to use**.  The Servers here are **not** going to be used, as long as Unbound is not working in Forwarding Mode, so just leave it as default, since we are using the **Resolver** Option for Unbound.   +  * DNS servers:  **Any DNS Servers you want to use**.  The Servers here are **not** going to be used, as long as Unbound is not working in Forwarding Mode, so just leave it as default, since we will be using the **Resolver** Option for Unbound.   
-    * Use Gateway:  **none**.  Only needed on Multi-WAN networks.  As Unbound will be doing the Resolving, these  configuration they are not used anyway.+    * Use Gateway:  **none**.  Only needed on Multi-WAN networks.  As Unbound will be doing the Resolving, these  configuration are not used anyway.
   * DNS Server Override:  **Not Checked**.  To prevent any DNS configuration setup on the system being overridden by the ISP or other applications.   * DNS Server Override:  **Not Checked**.  To prevent any DNS configuration setup on the system being overridden by the ISP or other applications.
-  * Disable DNS Forwarder:  **Not Checked**.  To have pfSense use it'local cache for lookups.+  * Disable DNS Forwarder:  **Not Checked**.  To have pfSense use its local cache for lookups.
  
 <WRAP info> <WRAP info>
Line 53: Line 53:
   * Allow Agent Forwarding:  **Not Checked**.   * Allow Agent Forwarding:  **Not Checked**.
   * SSH Port:  **22**.   * SSH Port:  **22**.
 +
 +{{:pfsense:install_pfsense:pfsense_-_system_-_advanced_-_admin_access_-_secure_shell.png?800|}}
 +
 +  * Click **Save**.
  
 <WRAP info> <WRAP info>
Line 63: Line 67:
 </WRAP> </WRAP>
  
-{{:pfsense:install_pfsense:pfsense_-_system_-_advanced_-_admin_access_-_secure_shell.png?800|}} 
- 
-  * Click **Save**. 
  
  
Line 163: Line 164:
   * Skip rules when gateway is down:  **Not Checked**.     * Skip rules when gateway is down:  **Not Checked**.  
  
-<WRAP important>  Take special note of the **Skip rules when gateway is down** option.+<WRAP alert> 
 +**ALERT:**  Take special note of the **Skip rules when gateway is down** option.
  
 One might think that with the check mark unchecked, means that it skips rules when the gateway is down.  But no, it means just the opposite! One might think that with the check mark unchecked, means that it skips rules when the gateway is down.  But no, it means just the opposite!
Line 174: Line 176:
   * Not even the firewall logs provide an alert.   * Not even the firewall logs provide an alert.
   * They even show the defined gateway rules still executing properly!   * They even show the defined gateway rules still executing properly!
 +
 +If there is a need to still allow a computer to access the internet anytime (even when VPN is down) then a rule will be needed in **Firewall -> Rules -> LAN** to allow the internal IP address there.
 +
 +  * If this access if only needed when the VPN is down, then put it in the LAN firewall rules list after the normal policy-routing rule for VPN traffic.
 +  * That way it only comes into play when the VPN is down.
  
 </WRAP> </WRAP>
pfsense/install_pfsense/pfsense_configuration.1624005138.txt.gz · Last modified: 2021/06/18 08:32 by peter
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki