[Efw-user] Gw2Gw OpenVPN disconnects overnight
I have a Gw2Gw Endian VPN setup; both sides are Endian. They are setup using OpenVPN. This works great throughout the day but when I come back in the morning I have to kill the connection and reconnect it via the firewall. Once it reconnects it works fine. In the mornning, it shows the connection as active when I check it but I cannot access anything on the other side of the FW. Anyone have any ideas? -- View this message in context: http://www.nabble.com/Gw2Gw-OpenVPN-disconnects-overnight-tp22374382p22374382.html Sent from the efw-user mailing list archive at Nabble.com. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Local hostnames - DHCP
Shaun Skillin (home) wrote: Hi Phil, Can you confirm if DNS is handled by the EFW box? In the DHCP scope, do you tell the clients to point to the EFW for DNS resolution, or to some other DNS server? Someone please correct my limited info on this one... I use other DNS servers in my implementations. From what I can see, EFW will act as a DNS *proxy*, even transparently, but it does not run BIND or something else, so cannot be authoritative for any zones, even private internal zones. In this case, it would not accept DDNS registrations from clients, so... no name resolution for those client host names. In sites where EFW is doing the DHCP work, I still point the clients to another internal server running a DNS daemon. Bash away, but MS's DNS does good stuff with Windows clients and DDNS registrations. It's almost a requirement, if you're talking about a Windows AD domain, to have the AD workstations use the domain controller's DNS for registration and resolution. I hope that doesn't muddy things too much, Phil... Shaun -Original Message- From: Philip Trickett (List) [mailto:phil...@techworks.ie] Sent: Wednesday, March 04, 2009 10:59 AM To: AJ Weber; efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Local hostnames - DHCP Hi AJ, No, there is still no resolution of names on the network for hosts that have DHCP assigned addresses. This is strange, as in the logs I see the following: Mar 4 15:46:19 dhcpd DHCPREQUEST for 192.168.5.194 from 00:16:42:21:8f:b2 (tiny) via br0 where tiny is the name of the host. I can't quite work out why this is not working, as from the sounds of it, it should pretty much work 'out of the box' Phil On Mon, 2009-03-02 at 12:11 -0500, AJ Weber wrote: Did you try adding your domain-name after the hostname? If that works, then you might have to add (probably uncomment) a line in the dnsmasq.conf file to auto-append it. I think you can do that on a windows client as well by setting the dns search order (Append these suffixes...) in TCP settings. Maybe that helps. -AJ - Original Message - From: Philip Trickett (List) phil...@techworks.ie To: efw-user@lists.sourceforge.net Sent: Monday, March 02, 2009 6:42 AM Subject: [Efw-user] Local hostnames - DHCP Hi, I was just wondering if it is possible to have resolving local hostnames for machines that get the IP addresses from DHCP? e.g. If I connect a laptop (laptop1) to the network, and then try to ping it on the network: ping laptop1 I get: ping: unknown host laptop1 I can see the host names in the DHCP part of the services tab. I upgraded to endian from IPCop, and under IPCop all local hostnames would resolve correctly. Could this be due to the way it has been configured? Thanks, Phil -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to
[Efw-user] EFW 2.2-RC3 [bridge mode]
Can someone please confirm whether, using two network interfaces (RED and GREEN), can Endian can operate in transparent/bridge mode? Regards, Andres -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW 2.2-RC3 [bridge mode]
If you mean the proxy in transparent mode, then yes. -- Rafael Fonseca www.nunca.com.br On 7/03/2009, at 10:18 AM, Andres Gonzalez wrote: Can someone please confirm whether, using two network interfaces (RED and GREEN), can Endian can operate in transparent/bridge mode? Regards, Andres -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Gw2Gw OpenVPN disconnects overnight
on 3-6-2009 7:14 AM defrag4 spake the following: I have a Gw2Gw Endian VPN setup; both sides are Endian. They are setup using OpenVPN. This works great throughout the day but when I come back in the morning I have to kill the connection and reconnect it via the firewall. Once it reconnects it works fine. In the mornning, it shows the connection as active when I check it but I cannot access anything on the other side of the FW. Anyone have any ideas? A quick fix would be to run a cron job to ping across the tunnel. This would act like a keepalive. Just a short ping every 15 minutes or so would probably work. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Gw2Gw OpenVPN disconnects overnight
What sort of broadband connection is it? -Original Message- From: Scott Silva [mailto:ssi...@sgvwater.com] Sent: Friday, March 06, 2009 4:22 PM To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Gw2Gw OpenVPN disconnects overnight on 3-6-2009 7:14 AM defrag4 spake the following: I have a Gw2Gw Endian VPN setup; both sides are Endian. They are setup using OpenVPN. This works great throughout the day but when I come back in the morning I have to kill the connection and reconnect it via the firewall. Once it reconnects it works fine. In the mornning, it shows the connection as active when I check it but I cannot access anything on the other side of the FW. Anyone have any ideas? -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Gw2Gw OpenVPN disconnects overnight
CAble on one side, datacenter connection on the other On Mar 6, 2009, at 6:32 PM, compdoc comp...@hotrodpc.com wrote: What sort of broadband connection is it? -Original Message- From: Scott Silva [mailto:ssi...@sgvwater.com] Sent: Friday, March 06, 2009 4:22 PM To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Gw2Gw OpenVPN disconnects overnight on 3-6-2009 7:14 AM defrag4 spake the following: I have a Gw2Gw Endian VPN setup; both sides are Endian. They are setup using OpenVPN. This works great throughout the day but when I come back in the morning I have to kill the connection and reconnect it via the firewall. Once it reconnects it works fine. In the mornning, it shows the connection as active when I check it but I cannot access anything on the other side of the FW. Anyone have any ideas? --- --- --- - Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Gw2Gw OpenVPN disconnects overnight
Do both sides of the vpn use static ip addresses? What versions of efw? I have several efw firewalls linked in a hub arrangement, server to server, with all servers being located either across the state, or out of state. They rarely lose connection, but since most are running v2.1.2 and using the virus scanners, they do tend to require rebooting every few weeks. v2.2rc3 doesn't have that problem. Unless you've installed some additional software or service that wasn't included with efw, it might be best to start looking at your red connections first - routers, modems, or anything that's in between the two ewf boxes. -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
