System: Settings: Administration
(x) Enable HTTP Strict Transport Security
TCP port 4444
(x) Disable web GUI redirect rule
(x) Disable DNS Rebinding Checks
(x) Enable Secure Shell
(x) Permit root user login
(x) Permit password login
SSH PORT 2222
System: Gateway: Configuration
WANGW 192.168.4.254
Interface: WAN
(x) Upstream Gateway
Interfaces: WAN
( ) Block bogon networks
( ) Block private networks
IPv4 Configuration Type: Static IPv4
192.168.4.2xx/24
GW: WANGW
Interfaces: LAN
Description: INSIDE
Interfaces: Assignments
em2: DMZ
em3: SERVER
Interfaces: SERVER
Enable (x)
IPv4 Configuration Type: Static IPv4
IPv4 address: 10.0.10.1/24
Interfaces: DMZ
Enable (x)
IPv4 Configuration Type: Static IPv4
IPv4 address: 10.88.2xx.1/24
Services: Dnsmasq DNS & DHCP
DHCP Range: 172.17.2xx.100 bis 172.17.2xx.200
Interfaces: INSIDE
Enable (x)
IPv4 Configuration Type: Static IPv4
IPv4 address: 172.17.2xx.1/24
Firewall
Firewall: Settings: Advanced
Disable reply-to: (x) Disable reply-to on WAN rules
Firewall: NAT: Outbound
| Interface |
Source |
Source Port |
Destination |
Destination Port |
NAT Address |
NAT Port |
Static Port |
Description
|
| WAN |
INSIDE net |
* |
* |
* |
Interface address |
* |
NO |
|
| WAN |
SERVER net |
* |
* |
* |
Interface address |
* |
NO |
|
| WAN |
DMZ net |
* |
! 10.88.0.0/16 |
* |
Interface address |
* |
NO |
|
Firewall: Rules
| Interface |
Protocol |
Source |
Port |
Destination |
Port |
Gateway |
Schedule |
Description
|
| DMZ |
IPv4 * |
DMZ net |
* |
* |
* |
* |
* |
|
| SERVER |
IPv4 * |
SERVER net |
* |
* |
* |
* |
* |
|
| INSIDE |
IPv4 * |
INSIDE net |
* |
* |
* |
* |
* |
|
| Interface |
Protocol |
Source |
Port |
Destination |
Port |
Gateway |
Schedule |
Description
|
| WAN |
IPv4 TCP |
HOST |
* |
WAN address |
2222 |
* |
* |
|
| WAN |
IPv4 TCP |
HOST |
* |
WAN address |
4444 |
* |
* |
|
| WAN |
IPv4 ICMP |
* |
* |
* |
* |
* |
* |
|
System: Gateways: Configuration
| Parameter |
Wert
|
| Name |
DNSGW
|
| Interface |
WAN
|
| Address Family |
IPv4
|
| Priority |
255
|
| IP Address |
192.168.4.88
|
| Upstream Gateway |
( )
|
System: Routes: Configuration
| Parameter |
Wert
|
| Disabled |
No
|
| Network Address |
10.88.0.0/16
|
| Gateway |
DNSGW - 192.168.4.88
|
| Description |
UNSERE DMZs
|
Zertifikat einpflegen
- Zertifikat holen
- Entpacken
- tar -xvzf it2*.xinmen.de.tgz
- Zertifikat
fullchain.pem
- Private Schlüssel
privkey.pem
- Hostname IP Test
- host opnsense.it213.xinmen.de
opnsense.it213.xinmen.de has address 192.168.4.213