zYx

Reactions

0 Promote 0 Like 0 Boom 0 LOL 0 Spam 0 Abuse

Comments

  • The internet service is the leased line. A Juniper router, provided by the ISP and to which we don't have access, connects directly to the Firebox using an "External" configuration, say eth0. eth1 (trusted) is going to the core switch, where everything else happens. So, I am not sure about the leased line using a…
    in Branch Office VPN Using Starlink On One End Comment by zYx October 21
  • Thanks for this, Bruce. However, I'm struggling to understand the concept, so I prepared a diagram of my current setup. Sites A and B can talk to each other, as can all remote sites. If the leased line goes down at Site A, Starlink at Site A (as the initiator) can maintain the VPN connection with Site B (as per this thread…
    in Branch Office VPN Using Starlink On One End Comment by zYx October 21
  • The issue I'm envisioning is that I have Draytek routers at [quite a few] remote sites running different firmware (as some of them are slightly different models), but we do have two main sites operating on WatchGuard M390, so it looks like I can create a VPN tunnel between them, using STarlink on one end. Site A (Main site…
    in Branch Office VPN Using Starlink On One End Comment by zYx October 17
  • @tantony I implemented Pihole at my org. DC DNS servers use Pihole as their primary DNS before using public DNS, i.e. 1.1.1.1, etc. Even Mobile VPN clients use our DC's DNS, so if the user is connected to a VPN, their ads, tracking, etc. are blocked! I have two Pihole Ubuntu VMs at two different sites and use gravity-sync…
    in Block Google ADs, and ads Comment by zYx July 28
  • Did you ever get it working? I'm considering Starlink as our backup connection on one of our sites.
    in Branch Office VPN Using Starlink On One End Comment by zYx July 3
  • @"james.carson" thanks for your reply. 7 days ago when I created this post, I rebooted the firewall in the evening and all started working again. I added 8 different DNS IPs to our guest network pool. A few days ago, a user reported that their TV's WiFi is no longer working, and it turns out that two of those DNS IPs are…
    in Some DNS IPs blocked by the firewall Comment by zYx April 24
  • Hi Bruce, yes I have a Total Security suite, so I realised Application Control is included, and I am playing with different combinations now. We have enough bandwidth for me not to have to restrict users too much and our policies are very basic, but there are areas I want to restrict. I was watching Traffic Manager when…
    in Outgoing policy disabled, blocks or restricts popular services - please advise Comment by zYx September 2022
  • Hi, I was wondering this too. We have two M390 boxes at different locations with 150 TDR host sensor licenses each which gives us 300 host sensor licenses, plus we also bought 300 EPDR licenses. I'm currently running both EPDR and TDR Sensor on my work laptop. Do I need to run two? I'm confused. Does it mean we have 300…
    in EPDR versus TDR Comment by zYx July 2022