Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    a bit help for security concept

    Cache/Proxy
    1
    1
    130
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pooperman
      last edited by

      Hi all,

      I would like to get some ideas on how to increase/ maintain my security concept.

      As of Today:
      I have an ESXi machine with pfSense running. On pfSense an OpenVPN server is running, so that I can access my LAN from phone. for VPN I use port 443 (TCP)

      future:
      I would like to host a website and other services, reachable from the WWW without the vpn connection.

      a maybe solution:
      I red a bit about reverse proxy, that they can decrease the attack surface. So I was thinking to create a DMZ network. all incomming traffic on port 80 and 443 will be redirected to the DMZ network. within the DMZ network is a reverse proxy, that will "route" the traffic to the correct entity. so in my case there should be the openvpn server and a webpage on port 443 and 80.

      first question, I assume the port from openvpn and the ssl port from the webserver might clash, correct?
      2nd question. is there any easy setup within pfsense, to configure a reverse proxy and to tell the openvpn package that it shall listen to the reverse proxy?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.