The OpnSense Series:5. DNS and Website / DNS Block List Setup

In this video we will setup Unbound DNS on OpnSense and I will show you how to also block / filter DNS requests.

Пікірлер: 12

  • @sprakata5138
    @sprakata513817 күн бұрын

    great video! followed all the steps. got it working. i hope you will create a video for opndns.

  • @jonomoss

    @jonomoss

    9 күн бұрын

    Thank you, I can look into doing that for you, I have a few planned videos I want to do. But I will definitely add OpnDNS. to the "todo" list

  • @richmaliz
    @richmaliz3 ай бұрын

    Thanks for the excellent explanation on how to setup Unbound DNS. Very concise and easy to follow.

  • @jonomoss

    @jonomoss

    3 ай бұрын

    Thank you for the kind words, I'm really glad it helped.

  • @metal-beard
    @metal-beard4 ай бұрын

    Thanks for this informative series mate. Loads of content and very well explained.

  • @jonomoss

    @jonomoss

    4 ай бұрын

    Thank you very much for your kind words, I really do appreciate it.

  • @hyp3rimag
    @hyp3rimagАй бұрын

    Can you make some beginner friendly best practice guides for ZenArmor? Like what we should initially be blocking besides all the toggle switches and what applications and protocols we should block? How to interpret some of the logs in there so we know what to do with some of that information? Its hard to find something clear and concise like your tutorial for that!

  • @jonomoss

    @jonomoss

    Ай бұрын

    Hi there, Sorry I don't see myself doing a ZenArmor guide any time soon. I tried ZenArmor in the passed and was never a fan of it. PS I'm not saying ZenArmor is bad, each to their own, however I personally prefer using the mix of "IPS/IDS (Suricata)", "Unbound Block lists" and custom firewall rules. Doing it this way, in a sense has "taught" me a lot more and I feel that I have more control over my network. Where with ZenArmor, I never felt like I had "Control" over my network.

  • @FearArtificialIntelligence
    @FearArtificialIntelligenceАй бұрын

    Very nice tutorial, i have a question, in the second 352, the menu doesnt have Management, only wan, lan and loopback, im doing something wrong or the menu changed?

  • @jonomoss

    @jonomoss

    Ай бұрын

    Hi there, Thank you so much for your kind words. Nope, you are not doing anything wrong. In the previous video of the series kzread.info/dash/bejne/lneGyqWrn87Lg9I.html I created a new "management" network. If you don't want / need a "management" network, having just LAN, WAN and Loopback is correct.

  • @davemck1936

    @davemck1936

    Ай бұрын

    ​@@jonomoss I just watched that video and I didn't see any instructions on setting up the "management" network (source) Do you have another video on that? Stuck at 6:18 as I can't select multiple interfaces. Looks like I'm adding an Alias but not sure as to what I'm adding to the alias. Just port 53 on WAN, LAN, Loop & VPN's?

  • @jonomoss

    @jonomoss

    Ай бұрын

    Hi @davemck1936 Sorry my mistake, I have edited that comment, if you see this video from kzread.info/dash/bejne/lneGyqWrn87Lg9I.html I renamed the default LAN network to "Management". If you are not worried about having a separate "Management" network, you will have a single "LAN" network. With regards to the "Portforwarding" section you are stuck on, If I understand your question correctly, you will only forward "Local" networks DNS, so for example if you have "WAN, LAN, VPN" networks, you will only use the "LAN" interface and "VPN" interface, that is if you want to also block websites / DNS on the VPN. You don't do it on the WAN. So you will then create two separate "Portforwarding" rules. One for "LAN" interface and one for "VPN" using port 53, you don't select multiple interfaces on one rule. I hope this make sense.