#vlans — Public Fediverse posts

Managing #OpenWRT via #Ansible is a breeze. I just love the fact that all the settings, all the #firewall rules, all the good stuff is configured with config files.

I've created 6 #VLANs, all of them completely #isolated, with a few allowed traffic rules. I've even isolated the #Windows #PC of my roommate inside of the #trusted #network.

Now his #XiaomiTVBox can't scan the network anymore (yes it actually does that. I've noticed it while working on my packet monitoring project).

#networking #subnetting #subnet #homelab #selfhosting #openwrt #privacy #security #vlan #isolation #dmz

#OPNsense users, it is time to migrate your legacy #IPSEC VPN tunnels to the new connection setup. The Legacy IPSEC feature will be deprecated in 26.1.

I have updated my IPSEC post [1] with the new connection settings. The migration was not straightforward and required some changes, but it is not complicated either.

A little gem here is the #CIDR subnet mask notation used for Policy Based Routing, which allows multiple subnets (#VLANs) on both sides to be automatically routed, without the need for ongoing changes to tunnel settings.

[1]: https://du.nkel.dev/blog/2021-11-19_pfsense_opnsense_ipsec_cgnat/

new bike is bridge too fr and a luxury - am going to finish out the local lan boxes, get a vps and a couple monster drives, will try to get ids/ips and vital 24/7 pkt cap going plus maybe a ssl/tls proxy - combined with fog server and viln clients could make a fun exploit testing setup but moreover i just want the pkt cap most of all for audit trail and visibility #elk stack #malcolm #selks10 #sec onion #polar proxy #sslstrip #promisc #noarp #arkime
#sftp server #accounts #dmz #segmented lans #vlans #spanning port #openwrt #port mirror #fog server #suricata #snort