I'm enjoying playing around with my new 'toy' (a PC Engines firewall where I've installed OPNsense) and I was hoping for some help about two topics:
1) When I enable the IPS, what is the correct configuration for the interfaces ?
a) Only LAN ?
b) Only WAN ?
c) Both LAN and WAN ?
1.1) Also not clear whether or not I should add the WAN IP address in Home networks ?
2) Trying to configure DoT with Unbound and I've found three different settings to insert in the custom options field, very similar, just slightly different, so which one is the correct one, SSL or TLS ?
2.1)
server:
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: 9.9.9.9@853
forward-addr: 149.112.112.112@853
2.2)
server:
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 9.9.9.9@853
forward-addr: 149.112.112.112@853
2.3)
server:
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 9.9.9.9@853#dns.quad9.net
forward-addr: 149.112.112.112@853#dns.quad9.net