Stefcho's Tech Blog - Page 2 of 7 - Software Development, Cloud, DevOps and PfSense

Microsoft Certified: Azure Solutions Architect Expert

Posted on 15/02/2019 - 15/02/2019 by Stefan

I would like to share with you my learning path achieving this certification. In order to achieve Microsoft Certified: Azure Solutions Architect Expert, you have to pass two exams: AZ-300 and AZ-301.

AZ-300 Microsoft Azure Architect Technologies
A great way to start is with Scott Duffy’s course on Udemy: AZ-300 Azure Architecture Technologies Certification Exam

Now is time to dig deeper in to each topic. For the purpose you can either go through this list: Updated: Study resources for the AZ-300 Microsoft Azure Architect Technologies exam or this one Azure Architect AZ-300 Exam. The latter is much more detailed.

AZ-301 Microsoft Azure Architect Design
Soon there will be a video course from Scott Duffy for this course too. Until than you can start with this list: Updated: Study resources for the AZ-301 Microsoft Azure Architect Design exam.

If you have PluralSight subscription there is a large collection of courses Here.

Before going to exam you absolutely have to do practice! Working with the real production technology has no substitutes. So hit the labs. My favorites are on the new Microsoft Learn platform. Check this list of learning paths specially tailored for Azure Architects. I’ve done them all and could say the are well written and the hands on labs are pretty good.
Microsoft Learn – Solution Architect

As alternative to Learn you can check these two locations for other Labs:
Azure Citadel
Microsoft Hands-On Labs

.NET Design Patterns

Posted on 12/10/2018 - 28/10/2018 by Stefan

Design Patterns are interesting and important topic. On this site I’ve found very well presentation and summary for each pattern information.

.NET Design Patterns Tutorial – For Beginners & Professionals

Learn Git Branching

Posted on 06/10/2018 - 28/10/2018 by Stefan

Found a great site to learn git.

It is a collection of interactive exercises. By my humble opinion the best way to learn something it by doing it in combination with reading.

So If you want to check your git skills to https://learngitbranching.js.org/

Windows Subsystem for Linux – Ubuntu

Posted on 05/10/2018 - 28/10/2018 by Stefan

If you are on Windows 10, you should probably give a try to Windows Subsystem for Linux. Getting a bash shell under Windows was not a trivial task back in the day.

Now you just head to the Microsoft Store and install one. There are variety of distributions to choose from ranging Debian, Ubuntu, Open SUSE and even Kali.

My preference is Ubuntu but wait there are 3 of them! This is quite confusing isn’t it?

Well I’ve finally found a reasonable explanation in this article: There Are Now Three Versions of Ubuntu in the Microsoft Store, Here’s Why

So if you need the latest and greatest LTS version simply install Ubuntu. For the moment my choice lays with Ubuntu 16.04 because of some application compatibility that is missing in 18.04 with weasel-pageant.

pfSense 2.4.4 Released

Posted on 04/10/2018 - 28/10/2018 by Stefan

Hello everyone,

The new version 2.4.4 if finally here. You can check what’s new here.

The pfSense Book, now for free!

Posted on 30/08/2018 - 28/10/2018 by Stefan

Good news everyone!

The pfSense Book is now free and available on this address:

The pfSense Book

I still remember when I got my hard-copy of the original one. 🙂

Sharing a Port with OpenVPN and a Web Server

Posted on 04/03/2016 - 28/10/2018 by Stefan

Sharing a Port with OpenVPN and a Web Server

Routing your entire internet traffic over VPN when away from home is almost a must. Especially when using public WiFi hotspots or hotel internet.

Hello all, long time no see. I have a lot of other engagements lately and can’t reach to our beloved topic of pfSense. The fact that I don’t write new posts does not mean that I have abandoned it. Sometimes you have to put priorities to things in your life that are not as pleasant as other, but are just as much if not more important.

Enough said about that. Let’s get to the topic.

Recently I was visiting Asian country. As you probably know there are some places that some sites are restricted for access. It was a strange experience to not be able to open pages that you usually use every day. On other hand I would prefer to route all traffic over my Internet connection back at home when in a foreign country. Just as a protection.

So for test purposes I’ve setup an OpenVPN instance to check if I’m able to route all my traffic back home.

During my research I’ve came across very interesting article on the pfSense documentation. The article is: “Sharing a Port with OpenVPN and a Web Server”

It works and the only modification that has to be made to the OpenVPN server configuration are as follows:

Set the protocol to TCP in the General Information section
Don’t forget to tick in the Tunnel Settings > Redirect Gateway

(Force all client generated traffic through the tunnel.)

In Advanced configuration section in Advanced field put the following:

port-share localhost 443

The old OpenVPN configuration instructions you can find here:

pfSense 2.0 RC1 configuration of OpenVPN Server for Road Warrior with TLS and User Authentication

Now you can connect to your pfSense / OpenVPN server on HTTPS and hopefully it would appear much like you are opening a page over SSL.

Have fun and as usual I don’t take any kind of responsibly for the way you use this setup, or any legal actions or consequences for that matter or related to it.

pfSense on Azure, Teaser

Posted on 01/04/2015 - 28/10/2018 by Stefan

Could it be,

What is we can run our beloved pfSense in Azure?

As it’s written here:

Running FreeBSD in Azure

It is, but is it really?

Potential DNS Rebind attack detected, workaround

Posted on 22/03/2015 - 28/10/2018 by Stefan

If you publish sites to the Internet behind pfSense device, and then try to open the Internet address you will receive the following error message:

Potential DNS Rebind attack detected, see http://en.wikipedia.org/wiki/DNS_rebinding

Try accessing the router by IP address instead of by hostname.

This will appear on your browser.

Recently I’ve hit this issue.

The workaround the problem that I’ve found is as follows.

You set for the network behind the pfSense device a static DNS record for the site, pointing to the internal IP address. In this way you bypass the security checks.

The solution is as follows:

Go you the Web GUI of the pfSense, select

Services > DNS Forwarder

There at the bottom of the page, is the section Host Overrides.

Clock on the “+” sign in this section

Here for the site that you want to open fill in the following:

Let’s say for example you published the site:

Something.anything.com

In the Host field enter: Something

In the Domain field enter: anything.com

In the IP Address field: enter the internal IP address of the server hosting the site

In the Description: fill something useful, so half a year later, you can remind yourself that this exception was for 😉

Click on Save.