Zonemaster is a great tool to verify that you have set up your domainservers correctly. You can test it out on https://zonemaster.iis.se/en/
I want my icinga server to this automaticly so i will get a warning as soon something changes, so lets do that. First thing you need to now is that Zonemaster is a tool and is freely available on Github. you can download it and run it on your own machine.
Adding device in another subnet
If your controller is not in the same subnet as the device you want to add, you must use a computer in this subnet as a 3rd party.
- Install Ubiquiti Device Discovery Tool in Chrome
- Press the UNIFI FAMILY button in the right top corner to se UniFi devices in the network.
- Press ACTION on the device you want to add
- Change the Inform URL to match your controller url is http://yourcontroller:8080/inform. Username and password is for the device, default is ubnt/ubnt
- Go to you Unifi Controller, Access the first/top site, list devices and ADOPT your device.
- Return to Ubiquiti Device Discovery Tool press action and send another Set Inform while the controller is adopting. Your device should be provisioned
Your Device should now be provisioned
Before reseting device, make sure you forget the device in the UniFi controller first.
To restore an UniFi product press and hold the reset button for five seconds. just pressing the reset button will restart the unit.
If you are using NFSv4 (which is likely) you only need to open one port in your firewall port 2049/TCP. The examples below are done on an OpenMediaVault/Debian server to allow NFS access but nothing else from network 192.168.64.144/28 and 192.168.64.192/26.
This is an example of an network configuration on my OpenMediaVault server. It takes two network interfaces (eth3 and rename3) and bonds them together using LACP. On top off this bond i have created three bridges. br1 witch is for untagged traffic and. br641 and 642 for vlan tagged traffic on vlan 641 and 642 respectively. br1/br641/br642 are all attached to the host and is configured for dhcp. they can also be attached to virtual machines.
These steeps will show you how to use OpenDNS instead of your ISPs DNS in pfSense, and how to setup a free home account at OpenDNS to start filtering DNS request, and by that blocking unwanted traffic.