Archives
/
opensense-docs
mirror of https://github.com/opnsense/docs
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
993 Commits
4 Branches
0 Tags
549 MiB
master
OPNWAF-newfeatures
OPNcentral_backups
rss
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4b3e99efcd'
${ noResults }
Commit Graph

302 Commits (4b3e99efcd709f5fdb7f436522203c44cfece57c)

Author SHA1 Message Date
Ad Schellevis 4b3e99efcd Access / Servers / LDAP - update page to match ui settings. closes https://github.com/opnsense/docs/issues/537 8 months ago
Thore Goebel cd9d88871c
Fix typo in link (#535) 8 months ago
Thore Goebel 472a1c6a4b
Update Spamhaus How-To (#533) 
* Spamhaus How-To: update terms to match UI

* Mention DROPv6
 8 months ago
Ad Schellevis 22e2a930db System: Gateways: Single: migrate to MVC - update docs. closes https://github.com/opnsense/core/issues/6377 8 months ago
Ad Schellevis a10e5962e6 icap- replace icar test string with the one available on our download mirror. closes https://github.com/opnsense/docs/issues/530 9 months ago
Andreas Dolp ff3ea5b11a
Fix typo in documentation/manuals/how-tos/multiwan. (#529) 9 months ago
doktornotor 08b7784965
Remove duplicated words in dnscrypt-proxy.rst (#525) 9 months ago
satrapes 64c73024ed
Add a ProtonVPN Road Warrior setup page (#521) 
* Add ProtonVPN WireGuard page

---------

Co-authored-by: Dimitris Paraskevopoulos <dimitris.paraskevopoulos@u-blox.com>
 10 months ago
Ad Schellevis 0c57a39f65 System: Gateways: Group - add a note in the example about the "gateway" selection. closes https://github.com/opnsense/docs/pull/518 11 months ago
Ad Schellevis 60825064db stylefix 11 months ago
satrapes 07b8c50c59
Update terminology on Wireguard how-to pages (#517) 11 months ago
Ad Schellevis 8a48dce6da System/Access/Servers - add compliance option and some cleanups. closes https://github.com/opnsense/docs/issues/514 11 months ago
Ad Schellevis bcb0368cc4 VPN / OpenVPN - some typos in sslvpn_instance_s2s.rst 11 months ago
Monviech 7bfa32740c
Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst (#510) 
Hint that IPv6 transport doesn't work with UDP Encapsulation
 11 months ago
Daniel Aleksandersen 2f1b56bc93 mdns-repeater only supports up to 5 interfaces 
Upstream documentation:
fbe78e7ffd/mdns-repeater.c (L330)
 11 months ago
Ad Schellevis 8086c52a2d fix minor compile issues 12 months ago
Monviech 54eef60c16
Wireguard - Reworked wireguard s2s completely & added MTU + MSS to wireguard client (#498) 
* Update wireguard-client.rst - Add MTU and MSS hints

* Update wireguard-s2s.rst - Add MTU and MSS hints

* Update wireguard-s2s.rst - changed mss values

* Update wireguard-s2s.rst - Reworked How-To completely

* Update wireguard-client.rst - adjusted mss value

* Update wireguard-client.rst - Different mss values for IPv4 and IPv6

* Update wireguard-s2s.rst - Improved some aspects

* Update wireguard-client.rst - Improved some aspects

Normalization rules should have different MSS values for either IPv4, or IPv4+IPv6.

Changed the protocol back to any, since I'm unsure if selecting TCP only means IPv4 TCP, since there is also only IPv6 selectable.

* Update wireguard-s2s.rst

- Omitted Source Port in Firewall rules
- Added tip and note about dynamic WAN IP

* Update wireguard-s2s.rst - Terminology changes 23.7.6

- Changed Local to Instance
- Changed Endpoint to Peer
- Added information about CARP vhid tracking to mitigate HA problems.
- Added note about Keepalive for NATed sites.
 12 months ago
Monviech d16635ca9a
ipsec-swanctl-rw-ikev2-eap-mschapv2 (#501) 
* created ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

* Update vpnet.rst

Changed the position of Legacy and New > 23.1
Added how-tos/ipsec-swanctl-rw-ikev2-eap-mschapv2 to doctree in New > 23.1

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

General structure of How-To added

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

Populated Prerequisites

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

Populated IPsec connection settings for roadwarriors

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

Fixed IP address formatting in pools

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

* ipsec-swst Version completedanctl-rw-ikev2-eap-mschapv2.rst - Fir

* Update vpnet.rst - Switched Positions for client config

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst - Version 1.0

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

- Added DNS configuration payload information to pools and clients https://github.com/opnsense/core/pull/6864
- Added hint that ncp client is not affiliated with Deciso B.V.

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst - Added Routing

hint for Windows RAS Client in Split Tunneling mode.
 12 months ago
Monviech 3cc00bfdf5
Update nat_reflection.rst (#507) 
* Update nat_reflection.rst

- Fixed typo (asynchronous should be asymmetrical traffic)
- Added note about "reply-to" in specific setups with VPN WAN

* Update nat_reflection.rst

- Fixed VTI NAT description, referenced the tunables to make it work
 12 months ago
Ad Schellevis 8d030c3596 minor compile issue in https://github.com/opnsense/docs/pull/489 1 year ago
Cedrik Pischem e86e01f1db
How-To for Reflection and Hairpin NAT added (#489) 1 year ago
Ad Schellevis 5aa468ceba Authentication - LDAP: add new "constraint groups" property implemented in d971257fd9 1 year ago
Hiigaraa c2745b3ddc
Update Orange FTTH guide with additionnal info and troubleshooting section (#475) 1 year ago
Thomas 1eecec559c
manual: how-to for FritzBox IPv6 
New HowTo to explain the setup of an OPNsense as IPv6
router / firewall behind an AVM Fritz!Box (common German Router)
 1 year ago
Monviech c0c1bb9e5c
Update carp.rst - fixed Build Warnings and added note (#490) 1 year ago
Monviech ceed02cc9c
How-To added for suricata bypass feature (#485) 1 year ago
Monviech cb07e622b6
Update carp.rst - Add IPv6 CARP Section (#488) 1 year ago
Ad Schellevis 62d8fc1915 Community Plugins / HAProxy - ditch outdated documentation without owner. 1 year ago
Matt Jolly b5401626f2
Fix typo'd port (#481) 1 year ago
Ad Schellevis 470ff9702c OpenVPN - add new Instances module 1 year ago
Sam Wilson 1cc6809fdc
Update multiwan.rst (#480) 1 year ago
Michael 5f24f0de2f
Update multiwan.rst (#478) 
Add a note to disable shared forwarding when using multiwan with sage tier in gw groups
 1 year ago
Ad Schellevis d46cf057ed missing new-line, closes https://github.com/opnsense/docs/issues/476 1 year ago
Ad Schellevis d1b8f3c680 Sky UK tutoriali: escape quotes. closes https://github.com/opnsense/docs/pull/474 1 year ago
sjjh 0982c72fc1 Update insight.rst: typo 
Netlfow -> Netflow
 1 year ago
Franco Fichtner 5f50d046fd dnscrypt-proxy: listen address is automatic on IPv6 so the daemon trips over itself 
See: https://github.com/DNSCrypt/dnscrypt-proxy/issues/1217
 1 year ago
Hiigaraa cc565a2ca5
Update Orange FTTH guide to follow the changes in the Orange infrastructure (#468) 1 year ago
Franco Fichtner c8b3bb0043 orange fr: note change in 23.1.6 about VLAN-PCP on DHCP(v4) 1 year ago
Franco Fichtner 86480ca98d dnscrypt-proxy: same same but not different 
Remvoe the Unbound workaround asa "default" suggestion.  Standalonew
works fine so just make sure to reflect this correctly in the document.
 1 year ago
Franco Fichtner 0a0a607146 bind: improve documentation for 23.1.6, remove faulty advanced section 
Better blocklist support exists in Unbound and since Bind can run as
standalone there is no need to transform the faulty advanced options
to the file-based override that Unbound still supports.
 1 year ago
Ad Schellevis b9fbf01aa6 cloud_backup - fix typo 1 year ago
Ad Schellevis c22256a674 VPN/IPsec/Examples - add a note about connecting childre. closes https://github.com/opnsense/core/issues/6451 2 years ago
Ad Schellevis 39187fbf03 System/Settings/Administration - reorganise settings a bit and add missing options. Also explain the risks of using "listen interfaces" and how to properly use them. Loopbacks are intended to create the environment needed to reliably bind a service in a changing world. 2 years ago
Ad Schellevis c4c8ac2078 Access / Servers / Radius - add mnissing options 2 years ago
Justin Horton d5f3033ae9
Update "first" WireGuard instance number (#459) 2 years ago
Joseph Shanak b93ca29af3
Fix typo (#458) 2 years ago
Michael e5472386dc
manual: make note about IPv6 24 hour disconnect (#454) 
https://forum.opnsense.org/index.php?topic=32259.msg156936;topicseen#msg156936
 2 years ago
Justin Horton c44d97b664 Fix typos in wireguard-client.rst 2 years ago
Daniel Melzak 106cf9fc0e
Some warnings and an example for clarity (#444) 
* Some warnings and an example for clarity 

Added a warning about overlapping networks for the LAN and Wireguard interfaces, as doing so will cause the clients not to be able to communicate with each other properly. Added an example to request another PD from your ISP, as ATT only hands out /64s and one will not be enough to subnet the networks properly.

* Clarification and briefness

Tried to add just enough information to clarify that it is a completely separated network that requires routing to reach the LAN interface.
 2 years ago
Ad Schellevis 1c8f849bd3 VPN/IPsec - add NAT before IPsec example. 2 years ago