Really that bad?
Comment on My Unifi Dream Machine Pro's ad-blocking was doing more than I expected
erev@lemmy.world 2 weeks agoTheres so much I end up handling manually with my UDM that at this point i might rather just install open source routing software on it atp. I don’t even use the web UI for wireguard because I can’t even specify the allowed IPs for a connection.
StopSpazzing@lemmy.world 2 weeks ago
chagall@lemmy.world 2 weeks ago
Funny. This was the exact use case which cemented my pf/OPN sense decision. I used to use pf, now use OPNsense. And as you probably know, the IP specificity issue is not just regarding Wireguard, it’s also regarding your reverse proxy, if you’re running one.
As an aside (and I may be showing my lack of knowledge here), I have OPNsense handling DHCP which broadcasts two PiHoles (redundancy) as the DNS to my networked machines/devices. Then for upstream DNS, I have those two piholes pointed at a dedicated technitium dns box – it’s it’s an authoritative dns server, not just a recursive one like unbound. As I said in my previous comment, there are probably better or fancier setups but this one, for my needs, is sufficient.