Skip to Content

Category Archives: Tech

Technische documentatie van Kapitein Vorkbaards digitale avonturen

OpenVPN in a pfSense CARP cluster

Written on November 21, 2017 at 14:44, by

If you’ve set up a pfSense CARP cluster for high availability and you’re running OpenVPN on it there are a few tweaks you can make to improve your experience. The issues: OpenVPN client is unable to connect to WAN VIP… …and when it does, no internet connection is available via OpenVPN. You cannot reach the […]

How to set up PfSense High Availability (hardware redundancy)

Written on November 21, 2017 at 06:51, by

What is High Availability in PfSense? High Availability (HA) in PfSense comes down to hardware redundancy, essentially having a hot spare instantly taking over a router that becomes unavailable, aka failover. Instantly in this case being one or two seconds, without firewall states being broken, so your file will just continue downloading and your video […]

Log in to PfSense based on Active Directory group membership

Written on November 10, 2017 at 08:30, by

You can assign an Active Directory group to log in to PfSense’s web interface. This article has a more elaborate discussion of two different methods to achieve an Active Directory link, here I’ll just describe the LDAP one. RADIUS will work as well. On your domain controller – Create a PfSense group and add users […]

Set up OpenVPN on PfSense with user certificates and Active Directory authentication

Written on November 8, 2017 at 06:58, by

This article explains how to set up PfSense as an OpenVPN server which authenticates clients based on the certificate they have and their Active Directory credentials using either RADIUS or LDAP. If you find this article helpful feel free to click some of the ads on this page. It won’t make me rich but it […]

Protect your network with domain filtering on PfSense 2.4 and pfBlockerNG

Written on November 6, 2017 at 06:50, by

PfBlockerNG on PfSense protects your network by filtering internet traffic based on lists of domains or ip addresses. The lists are usually provided by third parties. Setting up pfBlockerNG and getting it to work is relatively simple but there’s a lot of possibilities that may not seem obvious right away. PfBlockerNG is a PfSense package. […]

Scan your network’s internet traffic with Squid and ClamAV on PfSense 2.4

Written on November 3, 2017 at 06:34, by

This article describes how to set up a virusscanner on your PfSense router. We’ll set up the Squid proxy server and ClamAV as a virusscanner. A lot of internet sites now use TLS (https) so not scanning inside encrypted web traffic would miss a lot of data. However we cannot decrypt en re-encrypt traffic with […]

Installing Snort for IDS/IPS on PfSense 2.4

Written on November 3, 2017 at 06:19, by

This article explains how to set up an IDS/IPS system using Snort of PfSense 2.4. There are other howtos; this documentation is mainly for my own benefit. If my documentation helped you, please consider clicking some of the ads on this page. It won’t make me rich but I would know someone found it useful […]

De Gevreesde Wegklikker

Written on September 20, 2017 at 06:13, by

In mijn loopbaan als allround systeembeheerder heb ik bij verschillende organisaties voornamelijk vriendelijke en geduldige collega’s gehad. Toch zijn er bepaalde types gebruikers die overal terug te vinden zijn. Hieronder beschrijf ik er een paar. Ik twijfel er niet aan dat er voor systeembeheerders/helpdeskers soortgelijke lijsten zijn. De Wegloper: loopt weg als je aankomt om […]

Check number of outgoing mail through ASSP

Written on July 7, 2017 at 10:06, by

Last week we had a spam issue when a user’s mail credentials were apparently guessed or stolen. (Our mail server doesn’t do two factor yet.) A lot of spam was sent from that useraccount. To monitor our relay server I wrote a script that checks for unusual amounts of mail being sent. It sends a […]

My tmux config

Written on July 4, 2017 at 14:53, by

This is my ~/.tmux.conf file, for my own reference. For the right keyboard sequences to be passed on from PuTTY it might be necessary to set your keyboard to Xterm R6. Here’s the file.