วีดีโอ

Hi, it will be greyed out for two main reasons, one being if it cannot find the "opnsense" folder or two if the ISO is not correct. so the first thing you will need to check is that you are naming your folder correctly. So it will be "opnsense" a "-" then the version number. So in this video it is "opnsense-24". Next is to make sure you download the "DVD" version of OpnSense from their website. Upload that into the "opnsense-24" folder and rename it to "cdrom.iso" From there it should pick it up and not be greyed out. Sometimes it can take a bit of time for EVE-NG to detect it, so restarting the EVE-NG service or the entire host it is installed on can help. If you are still struggling, you can reply to this comment with the "file path" you are using / saving the ISO to and a link to the OpnSense ISO you are using. From there I can try see if I can find what is causing you issues. I hope this helps

@@jonomoss I appreciate your guidance on this. I was able to follow your directions and able to install OPNsense. However, I am unable to establish any connectivity. I have switched the VTNET 0 & 1. I have set the VMWare as bridged and VT Editor VTNET 0 to the WIFI connection, but I am unable to get any connectivity and login to the OPNsense WebGUI.

Hi, yes you will have to do it for each VLAN network.

Hi, you need to make sure the user you are running the script as has IPMI "Administrator" access. I have a written guide at jono-moss.github.io/post/dell-r710-how-to-quiet-the-fans/ Just double check that you have set the correct permissions for your user and that you have the correct user details set in the script. Hopefully that helps you.

Thank you for all the kind words and I'm glad you are enjoying the tutorials.

I think the official documentation of OPNsense needs to be improved as well on this regard!

+1000 can you give a walkthrough how to setup road warrior (mobile user on Android via Internet, public variable IP) VPN client setup (on Opnsense side + on mobile client side

Hi there, Okay so I would always recommend that you do a backup of all your data before you start as you can never know if something will go wrong. So make sure that you do this first. (Please note that this is a guide to help you in the right direction, I'm not responsible for any damages or losses. Please make sure you research thoroughly and feel comfortable before you start ) You can extend or add hard drives to existing arrays using via the RAID Controller Menu like in this video. However I would recommend that you rather use Dell EMC OpenManage Server Administrator (OMSA) to do it as it is easy to see what is happening via a GUI. I myself make mistakes when trying to use the RAID Controller Menu, so I always use OMSA for this. I made a video on how to do this via OMSA, you can have a look here and see if this is something you feel comfortable with: th-cam.com/video/Z-EJnSPeThA/w-d-xo.html To install OSMA on windows, here is a link to Dell's manuals: www.dell.com/support/kbdoc/en-za/000132087/support-for-dell-emc-openmanage-server-administrator-omsa You can download the windows version from here: www.dell.com/support/home/en-za/drivers/driversdetails?driverid=65c9y You can just check the "Compatible Systems" section on the above link to make sure your Dell is supported, if not you will just need to find the version that supports your machine. However the above link supports "PowerEdge R720". Notes and things to plan / think about: Expanding the arrays should not destroy any of your data, However. If you are expanding the "OS" array (the array windows is installed on), your server should boot into Windows just fine, but you might need to then use a program such as "GParted" to move the partitions around if you are going to then "Grow" the "OS" partition. I hope this makes sense. Other then that you should be good to go. Just a reminder to please back up your data and to research thoroughly before starting. There is plenty videos on TH-cam on expanding windows "OS" partitions. Hopefully this guides you to a solution.

Hi there, yip you will only need a firewall rule to allow DNS into the Management network. So you will have a rule that is something like the following: Protocol = IPv4 (TCP/UDP) Source = ALL or Management Net Source Port = ALL Destination = This Firewal Destination Port = 53 (DNS) So this will allow local DNS queries from the Management network in to the firewall. Then for non local DNS requests. Since the port forwarding is done internally, so forwarded to 127.0.0.1 ( “This Firewall”) no firewall rule is needed for that. I hope that make sense

@@jonomoss so in addition to the NAT/forwarding step shown in the video, I also need the firewall rule which you described?

Hi, yes it should.

Hi, Thank you. PAM users that have root permissions (be in the root group) can login by default. However If you want to change that / not give your PAM user access to it. You can see the following guide: www.dell.com/support/manuals/en-us/openmanage-server-administrator-v10.0.1/omsa_10.0.1_users_guide_pub/editing-server-administrator-user-privileges-on-linux-operating-systems?guid=guid-167f8744-21ed-4399-82aa-eabb7a706a23&lang=en-us I hope that helps you.

Hi, I'm not too sure if it will work for the T710, you could try it. It will only install updates if it finds supported hardware. So you won't hurt your server. However, I would rather suggest you check out the following video: th-cam.com/video/ki78B4A_XkI/w-d-xo.html Allen Sampsell goes through how to create a bootable ISO with all the updates for a specific server. That way you can get the exact updates you will need for your T710. I hope this helps.

@@jonomoss Thanks - That will be a big help

Hi, I'm not too sure if it will work for the T710, you could try it. It will only install updates if it finds supported hardware. So you won't hurt your server. However, I would rather suggest you check out the following video: th-cam.com/video/ki78B4A_XkI/w-d-xo.html Allen Sampsell goes through how to create a bootable ISO with all the updates for a specific server. That way you can get the exact updates you will need for your T710. I hope this helps.

Hi, I use draw.io. The offline version can be downloaded from: www.drawio.com/

Thank you very much, I'm glad you found it helpful.

Thank you, I can look into doing that for you, I have a few planned videos I want to do. But I will definitely add OpnDNS. to the "todo" list

Thank you, I will be making videos / guides on this very soon.

Hi, when using the CLI, the PAM user has to have root permissions (be in the root group). However If you want to change that / give your user access to it. You can see the following guide: www.dell.com/support/manuals/en-us/openmanage-server-administrator-v10.0.1/omsa_10.0.1_users_guide_pub/editing-server-administrator-user-privileges-on-linux-operating-systems?guid=guid-167f8744-21ed-4399-82aa-eabb7a706a23&lang=en-us I hope that helps you.

Aye! Thanks! Meanwhile I found a jankier solution by using docker directly on the machine. The problem was that the user I was using in Pam it's root

I'm glad it helped.

Hi there, Yes this will work for any OpenVPN connection type, which NordVPN supports. You can follow their User guide here on how to get it to work on OpnSense: support.nordvpn.com/hc/en-us/articles/20397569418129-OPNsense-21-setup-with-NordVPN The above support article has the Certificate Data for NordVPN. If you want to know how to find the certificate data / where it comes from, You can get the Certificate Data from their OpenVPN Configuration files: nordvpn.com/ovpn/ So for example, You can download and open the Configuration file for the "ad1.nordvpn.com" file: downloads.nordcdn.com/configs/files/ovpn_legacy/servers/ad1.nordvpn.com.udp1194.ovpn Then if you open the ovpn file in a text editor, you will find the certificates Data under the <tls-auth> section if you look in the videos description box, I have a link there where to find SurfSharks Certificate Data. The link is: support.surfshark.com/hc/en-us/articles/12434921071890-How-to-set-up-Surfshark-on-an-OPNsense-router I hope this helps you.

@@jonomoss Thank you very much for the reply and those links. Will definitely go through those links and test it out...👍👍👍👍👍👍

You're welcome, I'm glad it helped.

Hi there, Sorry I don't see myself doing a ZenArmor guide any time soon. I tried ZenArmor in the passed and was never a fan of it. PS I'm not saying ZenArmor is bad, each to their own, however I personally prefer using the mix of "IPS/IDS (Suricata)", "Unbound Block lists" and custom firewall rules. Doing it this way, in a sense has "taught" me a lot more and I feel that I have more control over my network. Where with ZenArmor, I never felt like I had "Control" over my network.

Hi there, Thank you so much for your kind words. Nope, you are not doing anything wrong. In the previous video of the series th-cam.com/video/dCRhCrokeSo/w-d-xo.html I created a new "management" network. If you don't want / need a "management" network, having just LAN, WAN and Loopback is correct.

​@@jonomoss I just watched that video and I didn't see any instructions on setting up the "management" network (source) Do you have another video on that? Stuck at 6:18 as I can't select multiple interfaces. Looks like I'm adding an Alias but not sure as to what I'm adding to the alias. Just port 53 on WAN, LAN, Loop & VPN's?

Hi @davemck1936 Sorry my mistake, I have edited that comment, if you see this video from th-cam.com/video/dCRhCrokeSo/w-d-xo.html I renamed the default LAN network to "Management". If you are not worried about having a separate "Management" network, you will have a single "LAN" network. With regards to the "Portforwarding" section you are stuck on, If I understand your question correctly, you will only forward "Local" networks DNS, so for example if you have "WAN, LAN, VPN" networks, you will only use the "LAN" interface and "VPN" interface, that is if you want to also block websites / DNS on the VPN. You don't do it on the WAN. So you will then create two separate "Portforwarding" rules. One for "LAN" interface and one for "VPN" using port 53, you don't select multiple interfaces on one rule. I hope this make sense.

Nice, I'm glad it helped you.

@mandeepmails I saw you asked about getting the R70 update ISO, but for some odd reason I cant find that comment any more. I do see that forum.allenscloud.com is not online anymore which is a shame. I have however uploaded the ISO to archive.org/details/r-710-bootable So hopefully that helps you.

@@jonomossthanks Jon. Literally I tried a lot on my own but couldn’t reach anywhere. Yeah TH-cam was acting weird, I felt like I I’m on targeted to some canary release 😂rofl

confirming everything works great. for the first time i can feel peace with the fans controlled. you're a life saver. before finding this channel i saw people are ordering noctua fans, playing with wires, compaining about connectors and now i'm just laughing out loud that i didn't follow that route. i used ubuntu mate, my bios and everydriver is updated with your help. you're a star ⭐

Thank you very much for the kind words, and I am extremely happy that you got it all working in the end, 😂 I agree that it is definitely a better method then having to worry about buying Noctua fans and trying to get them to fit correctly.

Hi @coolricksanchez, that is awesome I'm glad it guided you. I'm very excited to see your final script, what you are doing is very cool and definitely will be a huge contribution to others. Yeah my script still works perfect for me. I have had no issues at all with it. It has honestly been a set and forget script. Thank you for the heads up about the link not working any more, I have updated it to the correct link now. I do appreciate that.