I plan to use the Turris directly as a dial-in router soon. At the moment a router from the provider is still connected before the Turris Omnia. This router is doing the dial in to the internet. The Turris therefore uses this router to access the Internet.
I have activated Sentinel and am currently wondering whether Sentinel still works in this constellation or does it only work if the Turris is directly connected to the Internet?
1 Like
I run TurrisOmnia also behind another router and this without any problems.
Sentinel activated, with WiFi and in some days also with a modem too.
Thank you for your message. I was just wondering because I never see anything from Sentinel on my âMy Devicesâ page. No incidents but thatâs actually a good thing 
uhm, if you have âno incidentsâ on all 4 sentinel pots, it is not working me think?
For example, most cable users have a cable modem, but you have to put in âbridge modeâ so you let the TO do all the basic firewall work?
1 Like
Sentinel as a distributed firewall works in any network configuration. It just protects the WAN port of Omnia, not caring about what is on the other end (internet, modem, another firewall etc.).
What youâll (or rather weâll) lose when youâre not connected directly to the internet is reporting of illegal connection attempts back to the distributed database so that other users could benefit from your reports. It will also be the reason why you see no incidents. Once youâll get connected directly, the incidents will start appearing.
1 Like
Ok I understand that I will probably never see any incidents even if there are any? My internal network behind the Turris is still protected, but unfortunately my Turris does not report back to the community?
Definitely a reason to connect my Turris directly soon, but unfortunately that will take some time.
You might check if your router provides an option DMZ DMZ (computing) - Wikipedia. Those options can somethimes provide a Exposed Host - which might be something to consider. Be aware of some risks that this might lead to - eg. I would definitly recommend to use an public encrypted DNS.
Vienna
Ok, but that sounds like a great solution, doesnât it? So the Turris would be like being directly connected to the Internet?
However, @peci1 said that everything is actually correct in my constellation and the only problem is that nothing is reported back.
Yes, but there are sometimes differences in implementation eg. when your provider uses VOIP this still will be filtered. But try and share what you get. Looking forward to see if this is working for you - after 24 hours might be a good idea to check sentinel.
Vienna
I havenât done anything yet and have just checked again. I now actually see exactly one incident from 1.6.2024 at 9 pm from DE. But then everything seems to fit now, doesnât it?
Actually I don´t think so - do you get a public IP for the ISP router? Can you get in touch with your ISP if they can provide a Bridge Mode on their router?
Vienna