Skip Navigation
Lemmy devs are considering making all votes public - have your say
  • @UniversalMonk @SatansMaggotyCumFart I don’t know you, I’ve never seen you before, and I’ll likely never see you again, so feel free to skip reading this, but I’m absolutely not surprised that your posts get downvotes if this is indicative of your average comment. Accusatory, sarcastic, and grating are not the adjectives that I associate with positive energy. I don’t think public voting is going to solve the issue you described.

  • Deleted
    Can't access webserver from WAN after Opnsense upgrade
  • @bluetrain
    > The strongest example I’ve uncovered of this is, from my WAN (or LAN) directly accessing my WAN IP.

    What have you been testing from? Laptop pointed to LAN IP, laptop pointed to WAN IP, and cellphone with WiFi disabled pointed to WAN IP?

  • Deleted
    Can't access webserver from WAN after Opnsense upgrade
  • @bluetrain
    > This doesn’t seem to be an issue and comports with everyone’s guides online for configured IP passthrough mode on the BGW320-505 and, in fact, Opnsense does show my WAN IP address as my actual address (something it did not before!).

    This corroborates my assessment. You were previously in a double NAT situation. You saw your WAN IP on your gateway because your WAN IP was your gateway, not your interface IP. You now see the ISP’s head end IP as the gateway due to IP passthru

  • Deleted
    Can't access webserver from WAN after Opnsense upgrade
  • @bluetrain

    >I have had this configured to IP passthrough mode without issue for years. But, after the Opnsense upgrade (and defaults), I did notice that my gateways were configured differently. Previously, my upstream WAN gateway was the IP address of the BGW320-505 box. Now, my upstream WAN gateway is my WAN IP address with a .1 substituted for the final digit.

    This is critical info. You have been configured for IP Passthrough for exactly however long ago you updated.

  • Remote access in a country with heavy cencorship
  • @mfat Depending on how they’re blocking VPNs (i.e. blocking specific ports, or allowing specific ports), you may be able to run one on a non-standard port. As an extreme example, you could run Wireguard on port 80 (HTTP), which is practically the last possible port that can ever be blocked on public internet.

  • Proxmox SMB Share not reaching full 2.5Gbit speed
  • @Pete90 @MangoPenguin Bytes (B) are used for storage, bits (b) are used for network. 1B=8b.
    2.5Gbps equals 312.5MBps.
    With that in mind, there are a lot of moving parts to diagnose, assuming you want to reach that speed for a transfer. Can the storage of both machines reach that speed? I believe I saw the NAS’s disk tested and clocked at 470ish MBps, but can the client side keep up? I saw the iPerf test, but what was the exact command used? Did you multithread it?

  • Setup a DNS server on a dynamic public ip
  • @papelitofeliz
    3. Set up your PiHole on a static private IP.

    1. Ensure both sites can route across the tunnel. Based on your experience level and scope, dynamic routing is not recommended or necessary, which means static routes. Point a route for each side’s subnet to the Wireguard tunnel IPs so your firewalls know how to reach and respond to each other across the tunnel.

    2. Configure your devices to use PiHole for their DNS, via DHCP ideally.

  • Setup a DNS server on a dynamic public ip
  • @papelitofeliz
    VPN for sure:

    1. Set up both locations with Dynamic DNS providers. DuckDNS is free, but if you’re building infrastructure you may as well buy your own domain and set it up through that (Namecheap is what I use and recommend).

    2. Set up a Wireguard tunnel between both locations. Do *not* specify an endpoint for either. You could specify endpoints to boost security (barely), but it will cause your system to fail during IP changes, for the duration of the TTL.

  • InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)CL
    ClickyMcTicker @hachyderm.io

    Left all corporate social media behind but still need some sources of information. 🏳️‍🌈 IT professional

    Posts 0
    Comments 8