Hello,
While I'm running Qubes for a few years now, I also have to work with
Windows 10 according to company standards.
So far I had problems setting up Windows 10 on Qubes (which I tried ~1,5y
ago) and then decided to work in a dual boot setup, which is ok for me, as
I am running Coreboot and my /boot is fingerprinted and I can compare all
files after booting into Qubes.
On windows I have a setup where my NICsnare "Auto-Bridged" to a virtual
pfSense Firewall VM (running in VMware Workstation) and the Laptop her's no
IP-adresses from this NICs but from a virtual ("Host-only") adapter which
has a connection to the virtual LAN interface of the pfSense Router.
This allows to filter very detailed what should leave the laptop and I can
work with Aliases etc.
The pfSense is also configured as OpenVPN Client and connects to a VPN
Provider.
Using the detailed firewall rules in pfSense (tagging/Policy Based Routing)
I am able to decide which traffic should go into the VPN and what should
pass the Firewall via the WAN Interface.
Using the Firewall Logs in the GUI I have been able to make sure that no
packages leave my laptops into the wrong direction.
If the VPN connection breaks no traffic which is tagged to go through the
VPN will pass the WAN gateway.
Long story cut short, I really (!) would love to have that much control and
also easy configuration on Qubes.
Currently I my setup involves using mirage-firewall and different VPN-VMs
and sys-firewall for Qubes dom0 and template updates, but it is a bit
painful to administrate everything via CLI and I also like the GUI for
looking/searching through firewall logs.
Is there any way to use pfSense as HVM firewall which will then work as
central routing/firewall instance?
Or does someone has good recommendations adding management and/or Log
Analyzer GUIs for sys-firewall?
[one7two99]
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/CAJ3yz2tYF-8g%3DEyayyxUS1GfPaNjqpRk%3DCGwKJYr0LHDftH3nw%40mail.gmail.com.
