Very good video, thank you. Vry timely with myown projects and I appreciate it getting in to proxmox too!
@brouettebredouille83207 күн бұрын
Thank you, very informative, well organized, and still relevant for a r730
@peanlim72738 күн бұрын
Works great for me with an R710 with H700 running Proxmox VE 8.1-2. Thank you so much! At 2:38 you say login with iDRAC user name and password, but i logged in to OMSA using my Proxmox ssh password for root?
@tonysteele380516 күн бұрын
You win the award for the most complicated network ever!
@dirkbernhard423216 күн бұрын
that is very interesting, but is it also intended for new Dell servers or only for old servers? I have a Dell poweredge R450
@paulgreen929819 күн бұрын
Hi, Would this work iso work with a T710?
@jonomoss18 күн бұрын
Hi, I'm not too sure if it will work for the T710, you could try it. It will only install updates if it finds supported hardware. So you won't hurt your server. However, I would rather suggest you check out the following video: kzbin.info/www/bejne/oZqaaXVqdsSLoas Allen Sampsell goes through how to create a bootable ISO with all the updates for a specific server. That way you can get the exact updates you will need for your T710. I hope this helps.
@paulgreen929815 күн бұрын
@@jonomoss Thanks - That will be a big help
@paulgreen929819 күн бұрын
Hi, The update CD for the r710 will this work on the T710 ?
@jonomoss18 күн бұрын
Hi, I'm not too sure if it will work for the T710, you could try it. It will only install updates if it finds supported hardware. So you won't hurt your server. However, I would rather suggest you check out the following video: kzbin.info/www/bejne/oZqaaXVqdsSLoas Allen Sampsell goes through how to create a bootable ISO with all the updates for a specific server. That way you can get the exact updates you will need for your T710. I hope this helps.
@kenneencail20 күн бұрын
what application are you using for your net diagram
@jonomoss20 күн бұрын
Hi, I use draw.io. The offline version can be downloaded from: www.drawio.com/
@tomkimes21 күн бұрын
Thanks for covering this topic and especially how to to recover from losing 2FA access. Lot's of videos show how to enable a configuration but not many show how to restore a configuration.
@jonomoss20 күн бұрын
Thank you very much, I'm glad you found it helpful.
@sprakata513827 күн бұрын
great video! followed all the steps. got it working. i hope you will create a video for opndns.
@jonomoss20 күн бұрын
Thank you, I can look into doing that for you, I have a few planned videos I want to do. But I will definitely add OpnDNS. to the "todo" list
@jeffreyooi1971Ай бұрын
Thank you for sharing. Please continue making this OPNsense series. Can you make a video on OPNsense site to site IPsec VPN? And also recommend which site to site VPN to use and why, thank you very much....👍👍👍👍👍
@jonomoss20 күн бұрын
Thank you, I will be making videos / guides on this very soon.
@Labo3DАй бұрын
Hi, Nice tutorial, Tho i've got a weird-ish behavior, i can access the OMSA interface with my PAM user, but if i try to launch via CLI omreport -? it gives "Error! User has insufficient privileges to run command." Any Idea?
@jonomossАй бұрын
Hi, when using the CLI, the PAM user has to have root permissions (be in the root group). However If you want to change that / give your user access to it. You can see the following guide: www.dell.com/support/manuals/en-us/openmanage-server-administrator-v10.0.1/omsa_10.0.1_users_guide_pub/editing-server-administrator-user-privileges-on-linux-operating-systems?guid=guid-167f8744-21ed-4399-82aa-eabb7a706a23&lang=en-us I hope that helps you.
@Labo3DАй бұрын
Aye! Thanks! Meanwhile I found a jankier solution by using docker directly on the machine. The problem was that the user I was using in Pam it's root
@OsvalGamer102Ай бұрын
Thank you
@jonomossАй бұрын
I'm glad it helped.
@jeffreyooi1971Ай бұрын
Can you share how to obtain the certificate data? Does this method work for other VPNs like NordVPN?
@jonomossАй бұрын
Hi there, Yes this will work for any OpenVPN connection type, which NordVPN supports. You can follow their User guide here on how to get it to work on OpnSense: support.nordvpn.com/hc/en-us/articles/20397569418129-OPNsense-21-setup-with-NordVPN The above support article has the Certificate Data for NordVPN. If you want to know how to find the certificate data / where it comes from, You can get the Certificate Data from their OpenVPN Configuration files: nordvpn.com/ovpn/ So for example, You can download and open the Configuration file for the "ad1.nordvpn.com" file: downloads.nordcdn.com/configs/files/ovpn_legacy/servers/ad1.nordvpn.com.udp1194.ovpn Then if you open the ovpn file in a text editor, you will find the certificates Data under the <tls-auth> section if you look in the videos description box, I have a link there where to find SurfSharks Certificate Data. The link is: support.surfshark.com/hc/en-us/articles/12434921071890-How-to-set-up-Surfshark-on-an-OPNsense-router I hope this helps you.
@jeffreyooi1971Ай бұрын
@@jonomoss Thank you very much for the reply and those links. Will definitely go through those links and test it out...👍👍👍👍👍👍
@thuan19101984Ай бұрын
Thank you
@jonomossАй бұрын
You're welcome, I'm glad it helped.
@hyp3rimagАй бұрын
Can you make some beginner friendly best practice guides for ZenArmor? Like what we should initially be blocking besides all the toggle switches and what applications and protocols we should block? How to interpret some of the logs in there so we know what to do with some of that information? Its hard to find something clear and concise like your tutorial for that!
@jonomossАй бұрын
Hi there, Sorry I don't see myself doing a ZenArmor guide any time soon. I tried ZenArmor in the passed and was never a fan of it. PS I'm not saying ZenArmor is bad, each to their own, however I personally prefer using the mix of "IPS/IDS (Suricata)", "Unbound Block lists" and custom firewall rules. Doing it this way, in a sense has "taught" me a lot more and I feel that I have more control over my network. Where with ZenArmor, I never felt like I had "Control" over my network.
@jonomoss2 ай бұрын
PS. just as an update. I do see that forum.allenscloud.com is not online anymore which is a shame. I have however uploaded the ISO to archive.org/details/r-710-bootable So hopefully that helps you.
@FearArtificialIntelligence2 ай бұрын
Very nice tutorial, i have a question, in the second 352, the menu doesnt have Management, only wan, lan and loopback, im doing something wrong or the menu changed?
@jonomoss2 ай бұрын
Hi there, Thank you so much for your kind words. Nope, you are not doing anything wrong. In the previous video of the series kzbin.info/www/bejne/mnS1mXaopNCYidE I created a new "management" network. If you don't want / need a "management" network, having just LAN, WAN and Loopback is correct.
@davemck1936Ай бұрын
@@jonomoss I just watched that video and I didn't see any instructions on setting up the "management" network (source) Do you have another video on that? Stuck at 6:18 as I can't select multiple interfaces. Looks like I'm adding an Alias but not sure as to what I'm adding to the alias. Just port 53 on WAN, LAN, Loop & VPN's?
@jonomossАй бұрын
Hi @davemck1936 Sorry my mistake, I have edited that comment, if you see this video from kzbin.info/www/bejne/mnS1mXaopNCYidE I renamed the default LAN network to "Management". If you are not worried about having a separate "Management" network, you will have a single "LAN" network. With regards to the "Portforwarding" section you are stuck on, If I understand your question correctly, you will only forward "Local" networks DNS, so for example if you have "WAN, LAN, VPN" networks, you will only use the "LAN" interface and "VPN" interface, that is if you want to also block websites / DNS on the VPN. You don't do it on the WAN. So you will then create two separate "Portforwarding" rules. One for "LAN" interface and one for "VPN" using port 53, you don't select multiple interfaces on one rule. I hope this make sense.
@mandeepmails2 ай бұрын
Exactly what I was looking for. You made my day 🤞
@jonomoss2 ай бұрын
Nice, I'm glad it helped you.
@jonomoss2 ай бұрын
@mandeepmails I saw you asked about getting the R70 update ISO, but for some odd reason I cant find that comment any more. I do see that forum.allenscloud.com is not online anymore which is a shame. I have however uploaded the ISO to archive.org/details/r-710-bootable So hopefully that helps you.
@mandeepmails2 ай бұрын
@@jonomossthanks Jon. Literally I tried a lot on my own but couldn’t reach anywhere. Yeah KZbin was acting weird, I felt like I I’m on targeted to some canary release 😂rofl
@mandeepmailsАй бұрын
confirming everything works great. for the first time i can feel peace with the fans controlled. you're a life saver. before finding this channel i saw people are ordering noctua fans, playing with wires, compaining about connectors and now i'm just laughing out loud that i didn't follow that route. i used ubuntu mate, my bios and everydriver is updated with your help. you're a star ⭐
@jonomossАй бұрын
Thank you very much for the kind words, and I am extremely happy that you got it all working in the end, 😂 I agree that it is definitely a better method then having to worry about buying Noctua fans and trying to get them to fit correctly.
@coolricksanchez2 ай бұрын
Hi Jonathan, thanks for the video. I was trying to find a solution for my T630 and couldn't find something useful with Google at first. So, it really helped me. Your script worked for my T630, so I modified it to have different levels of fan speeds. Also I figured out that there is another unsupported workaround: disabling the default fan behavior. I've added all information to one Github page ( still private repo as I am ironing out some design issues of the readme ) so maybe more people can benefit of it. Btw. your link to the webpage seems to not be working anymore. Was your script reliable in the past months? I'm thinking about adding user reports to my written guide whether the script and commands seemed to be working for their specific models and configuration. I haven't tested yet my setup excessively, as I am still waiting for some drive caddy's.
@jonomoss2 ай бұрын
Hi @coolricksanchez, that is awesome I'm glad it guided you. I'm very excited to see your final script, what you are doing is very cool and definitely will be a huge contribution to others. Yeah my script still works perfect for me. I have had no issues at all with it. It has honestly been a set and forget script. Thank you for the heads up about the link not working any more, I have updated it to the correct link now. I do appreciate that.
@konstantinsavic2 ай бұрын
Give this man a raise! .Btw, If you have a problem with installing impitool just use the command "apt install ipmitool"
@konstantinsavic2 ай бұрын
It also works for newer servers, the only different step is in idrac setup
@jonomoss2 ай бұрын
Thank you for the kind words, I'm really glad it helped.
@user-kn8wv2gj5r2 ай бұрын
Hi @jonomoss, Thank you for the tutorials but i could not get the vpn to work with this guide. I could not browse afterwards but after using the last bit of the SurfShark guide, i was able to browse, however, the connection status for the vpn was "reconnecting". Any idea?
@jonomoss2 ай бұрын
Hi there, you will have to check the "Log File" to see what it is doing. So under VPN->OpenVPN->Log File. That will give you an idea of what is happening. Usually the "reconnecting" status is if there is a credential (user name / password or certificate) that is incorrect, or if the "Encryption algorithm" is incorrect. But I would start by seeing what the logs say. With regards to not being able to browse, that is usually due to the NAT outbound rules being incorrect or having issues. I also created a video: kzbin.info/www/bejne/aGjTgH54etR9eLc Where an old bug on OpnSense has returned and NAT Outbound rules do not get generated. So you can maybe see if that is your issue. I hope this helps you out with finding why yours is not working.
@EduardoKabello3 ай бұрын
Can I install Dell OpenManage with iDrac off on Bios?
@jonomoss3 ай бұрын
Hi, yes you can.
@EduardoKabello3 ай бұрын
@@jonomoss Do I need an iDRAC Enterprise license? Because mine has expired
@jonomoss2 ай бұрын
Hi there, no it is not required. However some features will not work. I did a quick google search just to make sure and found the following: www.dell.com/support/manuals/en-us/dell-openmanage-enterprise/ome_p_310_users_guide_drop2/licensing?guid=guid-615a018a-ebd8-4352-92e0-f7b532dbfa7f&lang=en-us
@kevinkohorst89903 ай бұрын
Your tutorial and script worked perfectly. Thanks!
@jonomoss3 ай бұрын
Thank you very much, you are welcome!
@anand-nb4bb3 ай бұрын
Hi Bro I need your help with Pfsense-OpenVPN. on my server split tunnelling is configured as required for people to work simultaneously without disconnecting the VPN & use their local system to browse the internet I have an Ubuntu 18.04 system where OpenVN client related configuration is done, I have some remote system configuration in my openvpn client which should allow me to simultaneously browse internet on my local machine as well as also connect to my remote machine, but whenever I connect to the VPN client my local system disconnects from the internet, but I can connect to my remote system. I know this works on other systems. Can you please suggest how to fix this issue. These 2 lines/parameters are added to my vpn client configuration file at the end I think this allows it to work using split tunnel. but it does not work for me. Please help route-nopull route <IP of Remote System> 255.255.255.255
@jonomoss3 ай бұрын
Hi, sorry for the late reply, KZbin had your comment marked as spam for some reason. If I understand you correctly, you need to tell the client to not use the VPN as a gateway. So something like this: pull-filter ignore "redirect-gateway" //dosn not consider the server redirect-gateway in order to avoid all traffic through VPN Gateway route 192.168.1.0 255.255.255.0 vpn_gateway //re-add the first network you need to reach from client through VPN Gateway You can try go through the following support / forum post on the OpenVPN site: forums.openvpn.net/viewtopic.php?t=27618 The other option is to uncheck the "Redirect IPv4 Gateway" option in the "OpenVPN Server" settings on PFSense. Here is the PFSense documents page for more info about the Redirect IPv4 Gateway: docs.netgate.com/pfsense/en/latest/vpn/openvpn/configure-server-tunnel.html Hopefully this guides you in the right direction.
@InsaiyanTech3 ай бұрын
dang you do nordvpn next they just have the fastest connection from other vpns only reason why i stay with them
@jonomoss3 ай бұрын
Hi there. So it is basically the same setup as Surfshark, the main difference will be the certificates and remote server host. NordVPN also uses OpenVPN for its connection, so it is the same settings. Here is a link to NordVPN's help guide with the certificate details / data: support.nordvpn.com/hc/en-us/articles/20382523899281-pfSense-2-5-Setup-with-NordVPN Unfortunately I see a lot of people complaining about struggling to get a refund when they just wanted to test it out / trial. So I don't feel to comfortable creating an account with them at the moment. You can let me know if you have issues with using their guide. If so I can probably get a one month subscription to help you out. I will however only be able to do that next month.
@InsaiyanTech3 ай бұрын
@@jonomoss understanble there costumer supp is pretty amazing been from my end at least but ya if you do get it trust me the speeds you get over it won’t disappoint that I can definitly say
@patricklogan60893 ай бұрын
Good stuff!
@jonomoss3 ай бұрын
Thank you, I'm glad you liked it.
@richmaliz3 ай бұрын
Thanks for the excellent explanation on how to setup Unbound DNS. Very concise and easy to follow.
@jonomoss3 ай бұрын
Thank you for the kind words, I'm really glad it helped.
@InsaiyanTech3 ай бұрын
when you plug into the laptop does it matter if thats already connected to the internet?
@jonomoss3 ай бұрын
Hi there, no it is fine if it is already connected to the internet.
@InsaiyanTech3 ай бұрын
@@jonomoss also just wondering can I use this as a direct router plugged into my ont from fios
@jonomoss3 ай бұрын
Hi, yes you can, I use a similar setup as my main network, so ONT goes straight into OPNSense. So Fiber -> ONT, then ONT Ethernet (CAT 6) straight into OPNSense. The ONT that my ISP provided hands out a single IP via DHCP. So it was "plug and play" for me. I Hope that answered your question.
@InsaiyanTech3 ай бұрын
your amazing yes thats what ima do today but ima try it with a virtualize opnsense so i can consolidate stuff now my next question if i wanted to run 2 opnsense firewalls in HA with 1 switch would this still be possible im trying to follow a youtubers guide on how to do this but hes using the isp router in modem only mode to make this happen i cant find a answer if its posible.
@InsaiyanTech3 ай бұрын
@@jonomoss awesom last question I promise 😆 if I virtualize my router like you did I can follow that setup to fiber-ont-proxmox virtualized opnsense or does it have to be a baremetal opnsense
@mikehartman98093 ай бұрын
Thank you!
@jonomoss3 ай бұрын
Always a pleasure, I'm glad it helped.
@metal-beard4 ай бұрын
Thanks for this informative series mate. Loads of content and very well explained.
@jonomoss4 ай бұрын
Thank you very much for your kind words, I really do appreciate it.
@tristanalexander68254 ай бұрын
How many more years could one expect from this server? Factoring EOL and no more updates
@jonomoss4 ай бұрын
In my opinion and for me personally, if you are using it for personal and home lab purposes (Media server, backup server, hypervisor, router, SQL server, security server etc). I can see it working for another 5 - 7 years, it is still very powerful hardware that will be able to run 90% of the workloads you would want to run. Spare parts (depending where you live) can also be relatively not too difficult to get (of course the parts will be second hand as well). The only issue would be the operating systems themselves, for example if windows requires new CPU instructions that the old CPUs don't have, then you will have issues. But I am sure OS's in the Linux/unix/BSSD family will still work perfectly and be updated for many years to come (Proxmox, BSD, Debian etc). For production use, 0 years. With it being EOL the security implications is not worth the risk. But at the end of the day, always do as much research as possible before buying older hardware. I myself am still very happy using this server for many years to come.
@ExploreFL20225 ай бұрын
I just ordered 5 additional HDDs to add to my R710 already using the H700 Raid controller and based on research I should be able to have a standalone HDD just for my OS excluding its from my intended RAID array which will be 5 separate HDDs designated for storage purposes. My question for you is achieving RAID 10 or 1+0 array. I am a novice to RAID configuration and wondering if essentially is that what you did was RAID 10? Also I am not using Proxmox. Any input helps. Thanks!
@jonomoss5 ай бұрын
Hi, so overall no, I only use RAID 0 in my home lab. I don't really do any work on it that will require RAID 1 (mirroring) as I don't require redundancy. I prefer to use the disks individually, RAID 0 (So on my server that is 6 ) and rather have backups on external drives if needed. This allows me to separator virtual machines and containers on their own drives. Since I test and change software so often, RAID is not something I really use / rely on. What you can do: It will be beneficial for you to have your main OS installed on a RAID 1 Virtual Disk, this will give you redundancy so if one disk fails, your server carries on running and you can replace the failed disk without downtime. And if the data you will be storing on your new drives are important, I would recommend running them in RAID 10, if you like. Two Set up examples: 1. So for example you can setup 3x RAID 1 Virtual Disks. So you can use 1x RAID 1 for your OS, and then you can have 2x RAID 1 Virtual Disks you can use for storage. 2. Or you could create 1x RAID 1 for your OS, and use the last 4 HDD's to create a RAID 10 Virtual Disk. I hope this makes sense and helps you.
@ExploreFL20225 ай бұрын
@@jonomoss I appreciate the feedback. I should add some clarification, I will have total of 6 drives, the 5 on the way are in addition to my 1 drive I have in my server now. I am not worried about my drive failing with the OS on it, that's an easy fix for me in a lab environment. The reason being is I want to keep my storage data separate (movies, music, photos etc) on the RAID10 array, so if I ever decide to move it over to a potential QNAP NAS I would like to swap the physical drives over to that easy if that is achievable without having to format the drives to a QNAP format partion as it may not use NTFS
@albertothaddeus35915 ай бұрын
☺️ 'promosm'
@alco7855 ай бұрын
anyone know how to expand an existing virtual drive ? I have a VD in raid 0 and want to add new drives to expand the storage capacity but cant figure out how to do so.
@jonomoss5 ай бұрын
Hi, I had a quick go at it and I think I have managed to do it correctly. I just want to do a few more test as I expanded a single RAID 0 disk with 3 extra disks. However I want to test if data is destroyed when the expansion happens, So give me a few hours to test it a little more then I will create a quick blog post on how to do it for you.
@alco7855 ай бұрын
thank you sooooo much ! @@jonomoss
@jonomoss5 ай бұрын
Hi, thank you for your patience, I have created a quick guide of how to do it here: jono-moss.github.io/post/h700-raid-controller-how-to-expand-a-raid-0/ I will try make a video of the process as well, I will try work on it this weekend and upload it ASAP. Hopefully this helps you.
@StephenEFyffe6 ай бұрын
Did you replace your ISP provided router with OPNSense?
@jonomoss5 ай бұрын
Hi, yes I did.
@Robsx226 күн бұрын
@@jonomoss Did you have to register the OPNSense port MacAddress with your ISP? If not, how are you getting the Internet into OPNsense? I'm new to all this, so please excuse my ignorance. Thanks.
@pavithrank58416 ай бұрын
Thanks man ! Looking forward to the series, I want to follow along and put this as a project on my resume.
@cutritehobbies6 ай бұрын
can this be used for dell r720 server ?
@jonomoss6 ай бұрын
Hi, sorry unfortunately I don't have a Dell R720 to test it on, so I don't really know. the Dell R720 uses iDRAC7 so it is possible that the values you get from IPMI could be different. I would recommend breaking the script down and see if you get the correct values back from each step. So for example run: ipmitool -I lanplus -H <ip> -U <user> -P <pass> -y <enc> sdr type temperature if you get an "Ambient Temp" value in the table that is returned from the above command. Then I would say that the script will also work on the R720. But that is what my advice would be, test the script line my line and if all the commands work, then you can use the entire script. But hopefully you come right with it.
@philiparmstrong32865 ай бұрын
I want to know how you got idrac to work on a web browser! It's a real struggle with everyone running idrac6.
@jonomoss5 ай бұрын
Hi @philiparmstrong3286 , So iDRAC 6 web UI still works fine in the web browser, but I am assuming you are talking about the "Virtual Console" function that requires old java run times to work. For that I have used this docker image in the past: github.com/DomiStyle/docker-idrac6 It works very well if you want to use the "Virtual Console" functionality. I hope I understood your question properly and that this helped. If you need me to create a video on how to create and use the docker image, you can let me know.
@mikekane97344 ай бұрын
@@jonomoss thank you! I think what really matters is ipmi, idrac enterprise and actually any machine can control it using this way! I do not think why itr won't help me on T630.... the only thing is, my idrac wont allow me speeds below 10% in the web interface. can you confirm what is your effective fan speed range in idrac settings? can you set a value below10%?
@steinarsther53832 ай бұрын
You can use this for R-Tx20 + R-Tx30 series but with 40/50/60 series ipmi will not work longer. They have shut down this option in IDrac
@verminfate70746 ай бұрын
I spent hours trying to get this installed and your script worked perfectly, thank you for making it so simple!!!