Jump to content

fl0at

Members
  • Content Count

    30
  • Joined

  • Last visited

Community Reputation

0 Neutral

About fl0at

  • Rank
    Advanced Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I was able to manually join to my unRaid VM hosted AD after a power failure today by starting up the VM, and then going to terminal and just typing: net join -U Administrator Where Administrator is your domain admin username. It pulls the info out of the samba config that should be set in the SMB portion of your settings inside the unRaid web GUI. It'll join, maybe complain about DNS depending on how your DNS settings are set in Network settings. (Mine are set to VM static IP in position 1, primary domain IP in position 2, then my DNS resolver in position 3). And the GUI will show that it isn't joined... but it works, and I'm able to browse my shares using the VM AD as the AD server. Didn't need to start the Dell server. Very happy.
  2. I just jumped in this boat. I was running my secondary AD on unRaid VM, so I could power down my primary, because it is an annoyingly loud Dell retread server off eBay. I messed up a secondary DNS record and auth stopped working. I updated unRaid and rebooted. Guess I'm firing the jet engine server back up so I can get unRaid re-joined.
  3. I think I've got this solved. Will test on larger VM tonight, but I made a temp Debian 10 VM of relatively no size. VM settings in unRaid were RAW so I used raw to vdi conversion: qemu-img convert -f raw vdisk1.img -O vdi vdisk1.vdi Created a new VirtualBox vm, and used the vdisk1.vdi as the harddisk. If you boot this, you'll get a FATAL non-bootable medium error (if using UEFI), so go to settings in VB, and check EFI boot. When it boots, it'll look like it failed, showing the startup screen, but need to find your disk (my single disk was FS0) and then find the boot file, so, inside of the booted VM: > FS0: (or whatever the drive is) FSO> ls (shows dir) FSO> cd EFI\boot\ (or something similar) FSO\EFI\boot> grub64.efi (or whatever the boot file is called) It might lock up on the first boot. I resetted, executed again, chose Advanced boot and went from there, and was able to boot my test image.
  4. I have tried those before posting. I'm looking for experience, not top search returns. But thanks. If nobody has any experience, then I'll just spin up a VM of unRaid in virtualbox, instead of converting. Let me edit to say I did not do Hyper-V (microsoft link) because I'm not running HyperV, but the conversion to VDI is a fail. As both use qemu-img convert, those links are the same thing, just different toggles.
  5. This isn't exactly an Unraid KVM question, but maybe someone has had a need and can tell me how to proceed. I need to pull a VM off Unraid, and run it as a VM on my laptop. My laptop is currently running Windows 10. I was hoping there was a quick way to migrate to virtual box. I need to stay in Windows, because I need to run visual studio simultaneously. If the hest way to do this is VirtualBox->Unraid->Target VM then I can do that, but if direct VirtualBox->Target VN is feasible that would be preferred. It also doesn't have to be VirtualBox, it just needs to run in windows, so...
  6. I just did a Windows 10 1903 VM on 6.7.2, and using noVNC through the web gui am even able to achieve 1920x1080 by going to Device Manager, and updating the Windows Basic Driver to virtio-win-0.1.1\qxldod\w10\amd64\ My display adapter is now Red Hat QXL controller. What issue are you having?
  7. I haven't ever seen port blocking from within a router as a practice. Because to defeat the block, you'd just change routers. Comcast on non-business blocks 80 at a level before the connection to the home. I would assume they would continue that practice for other ports they want blocked. Connecting once and then not again sounds like a configuration issue, not an adaptive and learning process within the router (which is what it would have to be to allow once, and then decide to block.)
  8. If it is a Comcast thing you should still be able to do that same port scan behind pfSense, using the same methodology as the other ports. If not, it's a configuration issue.
  9. If you set your rules in pfSense to block inbound LAN except on the ports you want open, you'll block his inbound (like Chromecast) even if on the same network.
  10. It seems like you've got pretty open control on landlord's router, so why not disable pfsense's DHCP, and get IPs from the landlord's router? Static your IPs, and create your rules in pfsense using LAN as source and destination. You'll remove your double NAT, and still get your protection.
  11. Can you upload a picture of your firewall rules? Because you shouldn't be port forwarding in pfSense, but allowing through on the firewall tab. So my rules are like: Allow IPv4 UDP 1194 WAN Block IPv4+6 WAN Allow IPv4+6 LAN So I block all incoming to WAN, except OpenVPN, and that rule needs to be above my block incoming. And then I allow everything from LAN out. That's a basic configuration. Can you also look at your routes: Should be System->Routing. Your new router could be sending IPv6 downstream, and you aren't picking it up or including it in your firewall rules.
  12. I think it's just your double NAT getting the final target port all out of wack, and would just stick with DMZ and block all inbound, and open ports as needed in pfSense. The double NAT already complicates things, I wouldn't add an additional complication if not needed.
  13. Just for testing, are you allowed to set your pfsense box as the DMZ IP on your landlord's router? That at least would throw everything at you, and you could go from there.
  14. Can you explain your setup? His Router (DHCP) -> His devices -> vLan -> pfSense (your DHCP) -> switch and wireless ap -> your devices Something like that?
  15. The drive started with a rufus wipe, using non-bootable as selection, FAT32 with 8192 bytes. Another attempt, I used disk management inside Windows 10 and did non quick format on the drive before one of the installs. So I don't think it was that. But I can't know without more testing.