Privacy concern

[pchevall]

I have just noticed that on interfaces I have a LAN ip address and a ipv6 public address. I'm able to access my TrueNas directly from the internet with that address, is that supposed to happen?

 

[Ericloewe]

Definitely not. You need to fix your firewall and have it block (nearly) all incoming connections.

 

[pchevall]

I tried the next setting on my router’s firewall but it blocks all ports and I have a web server running that looses access. Im new to this, what are my options?

 

[Ericloewe]

Well, your option is to allow through only ports 80 and 443 - or whatever the server needs - to the specific server.

 

[ChrisRJ]

My main concern would not be about privacy but security overall. Having any port open to "the world" these days is a tremendous risk, unless you know exactly what you are doing.

I don't want to appear patronizing, but my recommendation would be to block all access and spend at least a couple of weeks time on security. For comparison, I have two firewalls in sequence and only dare to open a VPN.

 

[pchevall]

I've been struggling with this for a while, when I put my router on the highest level of firewall I can't access neither the web server nor TrueNAS but when I allow the connection to the web server via IPV6 filtering both of them are exposed. There's not much documentation on how to set up my router, if I can't make this work which firewall would you recommend? I'm on a pretty tight budget btw

 

[ChrisRJ]

I would recommend pfSense.

On the other hand, this seems(!) to be a pretty standard scenario. So it's worth spending some time with the current router.

 

[Ericloewe]

I've been struggling with this for a while, when I put my router on the highest level of firewall I can't access neither the web server nor TrueNAS

Surely you can open specific ports?

 

[da_da]

Why not disable IPv6.

I would recommend OPNsense firewall. :)