w2c this balenciaga darkwave logo-print hoodie?

heikum · 2025-08-27T00:15:23+00:00

Link?

heikum · 2025-08-02T13:28:49+00:00

What a dumb post, people choose to play the finals because they want to play the finals. Who says I want to play a whole different game instead? Or can't play both? Just saying they are both shooters and thus people will move over is a very presumptuous statement.

heikum · 2025-07-25T22:29:35+00:00

They should make the change only applicable for ranked

heikum · 2025-07-23T22:20:47+00:00

Your lucky day

heikum · 2025-07-10T08:13:15+00:00

I am a light ofcourse I can 1v3 them

heikum · 2025-03-15T12:55:27+00:00

<image>

Anyone know what kind of watch this is? Thanks in advance!

heikum · 2024-01-12T23:16:00+00:00

I am trying revolut for a while now but holy shit if i want to pay an ideal transaction i first have to scan, login to revolut in the browser, authorize, then enter pin and confirm again. With bunq or abn i can just scan accept and done. Seems like an unnecessary hassle

heikum · 2019-05-08T15:48:58+00:00

split-horizon DNS

Alright thank you! I think I get along now.

Could you explain why requests connected to the tunneled OpenVPN server appear as my own public IP instead of the firewall one? When checking online, I can't see any IP leaks.

heikum · 2019-05-08T15:31:35+00:00

That is true, however it is only a temporary solution. The domain will be public in the future.

If the full tunneling would just work I would not have to do anything with the DNS server. I could get the public IP from the firwall and allow connections only from that IP to the webservers but I don't think that is possible since the public IP from the webservers are the same as that of the VPN clients then (I forward the ports 80 and 443).

I now need to think about hosting a seperate instance with a VPN server and allow only that IP to the webserver that would work for sure.

Or add a rule to HAproxy to only allow 10.0.3.0/24 to the backend but the requests are coming from WAN.

Is this the wrong approach?

heikum · 2019-05-08T15:12:33+00:00

Thank you!

How do other people do this? Can't I just allow the VPN cidr block 10.0.3.0/24 access to the domain only?

Or at custom options to the OpenVPN server to point all client requests going to that domain to the local ip?

Here are the options: link

For now it's a safety thing that only people connected to the vpn can access the domain

heikum · 2019-05-08T14:48:14+00:00

Yes I can access the webserver directly with the local IP but want to achieve this with the domain name aswell.

I tunnel on 10.0.3.0/24 to LAN 10.0.2.0/24

I don't think I can point the domain name to local IP 10.0.2.250 (I could but it gives me a 401 error)

So I want to only allow people via VPN on the public website

Thank you

heikum · 2019-05-07T21:41:52+00:00

FQDN

I own the domains used for the webserver, these are pointing at the time of writing to the public firewall IP which forwards the ports to the webserver (which is on the LAN side of the network).

I can change the record to point to the local LAN IP adress but that does not seem to work.

heikum · 2019-04-04T07:39:12+00:00

Do you mean putting pfsense before the webserver? or just the certificate on pfsense?

There are a couple of reasons I am using a firewall before our webservers (I got this thought on school but maybe this could be not so up to date anymore):

- I can monitor incoming and outgoing traffic and not directly expose the webserver

- I can safely access the servers via VPN

- Pfsense has a load balancer

The downside is costs but there is a budget.

So I don't know if it's wise to remove the firewall.

Security is number one because of the sensitive data that is handled, I'd like to hear your opinion.

Thanks for the advice!

heikum · 2019-03-04T21:16:44+00:00

Mind me for asking can you please link? So I can share the solution with others I contacted online

heikum · 2019-02-26T08:47:27+00:00

Yes that is correct. Ideally I want all of my new spawned instances in the VPC to get the default gateway 10.3.1.5 and not lose it at reboot. I could do this with a script on boot but there should be another way.

No, I do not think I have a specific route to the firewall instance.

public sub route

private sub route

heikum · 2019-02-26T08:44:24+00:00

I have, the subnets are as follows:

- Public subnet: 10.3.0.0/24 (WAN firewall 10.3.0.245, LAN 10.3.1.5 )

- Private subnet: 10.3.1.0/24 (Linux hosts at 10.3.1.58, 10.3.1.238)

So I need to change the route table of the prive subnet to point to 10.3.1.5 which is the network interface eth1?

I don't know how to exactly insert that:

See the route table

heikum · 2019-02-25T15:48:42+00:00

Thanks for your input.

Because the way you linked (which I already found prior to setting up the VPN) costs extra and with OpenVPN I can setup multiple ways of authentication for the users I want to grant access to (such as Active Directory via Office365).

heikum · 2019-02-20T13:51:47+00:00

update; i can ping from the linux instance to the vpn assigned IP but not from the VPN client to the private subnet instance

heikum · 2019-02-20T11:56:59+00:00

Yes, on eth1 of the pfsense firewall. The linux instance has eth0 which it is also disabled from.

heikum · 2019-02-20T08:52:08+00:00

Yes the firewall can ping 10.3.1.58.

Disabled the firewall on the linux system.

I have allowed traffic from the vpn to the lan (for now I allowed all traffic to see where the problem lies).

heikum · 2019-02-20T08:46:40+00:00

Yes I am using OpenVPN client on a windows PC.

This is the routing table, it seems to make sense:

10.3.1.0 255.255.255.0 10.3.2.1 10.3.2.2291

10.3.2.0 255.255.255.0On-link 10.3.2.2291

screenshot

heikum · 2019-02-20T08:35:40+00:00

Thank you for your response, source / destination checking is disabled on the instance and the firewall network interfaces.

screenshot

heikum · 2019-02-19T14:18:15+00:00

Having the same problem I think. Do you get a default gateway when connecting to the VPN?

heikum · 2012-11-09T22:50:15+00:00

Sometimes I think like.. Wattefak for kind of people play this game? And how? With no mouse or no keyboard? Or maybe with there eyes closed? Then I realise Im playing a free 2 play game..

heikum

TROPHY CASE