RE: [pfSense Support] Outgoing Load Balancing mini-howto
And does CARP have to be running? I think the answer to 6 would be something like a DNS box on the ISP's network .. or perhaps even something like www.microsoft.com ? -Original Message- From: Rajkumar S [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 9:59 AM To: support@pfsense.com Subject: [pfSense Support] Outgoing Load Balancing mini-howto Hi, I have some clarifications about the Outgoing Load Balancing mini-howto. I assume this is about sharing two internet links so that outbound traffic flows to both of them. 1. visit services - load balancer 2. delete any pools that are there that do not work 3. add a new pool and call it loadbalancetowans or something descriptive 4. set the description to load balancing from lan - internet or something descriptive 5. set the type to gateway 6. in the monitor ip box, set a box upstream from this router that can be polled (via tcp socket) to ensure link is up What is this monitor ip? If I have two internet connections, which ip can I specify here? 7. in the ip box type in the 1st router gateway ip I assume this to be the gateway of first internet connection. 8. repeat for the second gateway Gateway of second internet connection and so on... raj - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Outgoing Load Balancing mini-howto
Frimmel, Ivan (ISS South Africa) wrote: And does CARP have to be running? I am not having CARP in mind, as CARP and link sharing are two different things. If CARP has to be running then this may not be what I want. Specifically I am looking at http://lartc.org/howto/lartc.rpdb.multiple-links.html This Linux command is working well for me. ip route add default scope global nexthop via $P1 dev $IF1 weight 1 \ nexthop via $P2 dev $IF2 weight 1 I think the answer to 6 would be something like a DNS box on the ISP's network .. or perhaps even something like www.microsoft.com ? This is exactly what I have done. More Queries as I am going through the steps: Create NAT-Rules for your WAN-POOL 1. visit firewallNATOutbound 2. enable advanced outbound nat 3. check the automatically created rules. 4. create rules for all your internal networks to map to OPT interfaces.. (one rule for each internal network to each opt-interface in the pool) I could not understand this? Which OPT interface? each internal network ? I have only one. 5. Apply the changes Policy based balancing 1. Edit a firewall rule on the LAN or Optional interfaces. * NOTE! We do not recommend editing the default pass all rule! Create a new rule before the default rule for your policy. 2. Set the gateway to the newly created pool Done!. It seems the loadbalancer is working. I am able to tcpdump the second gateway and see some packets. But when I traceroute from the lan, all packets goes via the first gateway. Also can I specify the priority of each gateway. ie I have an 1mbps link and a 256kbps, out of 5 packets 4 must go through 1mbps link and one via 256 kbps. Also in the wish list is to specify one gateway for some ips. ie dns and smtp server for first isp should always be routed via first isp and vice versa. raj -Original Message- From: Rajkumar S [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 9:59 AM To: support@pfsense.com Subject: [pfSense Support] Outgoing Load Balancing mini-howto Hi, I have some clarifications about the Outgoing Load Balancing mini-howto. I assume this is about sharing two internet links so that outbound traffic flows to both of them. 1. visit services - load balancer 2. delete any pools that are there that do not work 3. add a new pool and call it loadbalancetowans or something descriptive 4. set the description to load balancing from lan - internet or something descriptive 5. set the type to gateway 6. in the monitor ip box, set a box upstream from this router that can be polled (via tcp socket) to ensure link is up What is this monitor ip? If I have two internet connections, which ip can I specify here? 7. in the ip box type in the 1st router gateway ip I assume this to be the gateway of first internet connection. 8. repeat for the second gateway Gateway of second internet connection and so on... raj - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Packet size
On 10/13/05, Thomas Booms [EMAIL PROTECTED] wrote: I want to know the packet size in bytes. I've upgraded 2 weeks ago to version 0.85.6. Check the MTU setting in the interface tab. It defaults to 1500 AFAIK. -- Jeroen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Packet size
Jeroen Geusebroek wrote: On 10/13/05, Thomas Booms [EMAIL PROTECTED] wrote: I want to know the packet size in bytes. I've upgraded 2 weeks ago to version 0.85.6. Check the MTU setting in the interface tab. It defaults to 1500 AFAIK. -- Jeroen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Why do the developers wrote this note in the last version? *Note: In/out counters will wrap at 32bit (4 Gigabyte) ! * I have these values currently: In/out packets 75222048/70844380 (282.08 MB/3.65 GB). If I take a pocket calculator, i simply divide the incoming packets / 1500 and this result by 1024. I get then 48.97 GB. I dont understand, why it should not be possible to get this value viewed in the Interface Status site. If the counter wraps, so far i see it, the amount of packets must be 423120 instead of the above shown. Thomas -- Booms EDV - hosting more - Herrenstrasse 10 D-59073 Hamm www.booms-edv.de [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Packet size
On 10/13/05, Thomas Booms [EMAIL PROTECTED] wrote: Why do the developers wrote this note in the last version? *Note: In/out counters will wrap at 32bit (4 Gigabyte) ! * I have these values currently: In/out packets 75222048/70844380 (282.08 MB/3.65 GB). If I take a pocket calculator, i simply divide the incoming packets / 1500 and this result by 1024. I get then 48.97 GB. I dont understand, why it should not be possible to get this value viewed in the Interface Status site. If the counter wraps, so far i see it, the amount of packets must be 423120 instead of the above shown. Packets vary in sizes. Not all packets are 1500, this is the maximum packet size for this network architecture. -- Jeroen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Outgoing Load Balancing mini-howto
On 10/13/05, Rajkumar S [EMAIL PROTECTED] wrote: Hi, I have some clarifications about the Outgoing Load Balancing mini-howto. I assume this is about sharing two internet links so that outbound traffic flows to both of them. 1. visit services - load balancer 2. delete any pools that are there that do not work 3. add a new pool and call it loadbalancetowans or something descriptive 4. set the description to load balancing from lan - internet or something descriptive 5. set the type to gateway 6. in the monitor ip box, set a box upstream from this router that can be polled (via tcp socket) to ensure link is up What is this monitor ip? If I have two internet connections, which ip can I specify here? When we get this working, it'll be ICMP monitoring and you'll need to provide the IP address of something on the other end of your WAN link to ping to determine link availability. 7. in the ip box type in the 1st router gateway ip I assume this to be the gateway of first internet connection. yes. 8. repeat for the second gateway Gateway of second internet connection and so on... yes. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] pfSense on WRAP
Is there any non-flash tutorial that explains how to install pfSense on a PCEngines WRAP? Thanks, -- walter pelissero http://www.pelissero.de - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Outgoing Load Balancing mini-howto
On 10/13/05, Frimmel, Ivan (ISS South Africa) [EMAIL PROTECTED] wrote: And does CARP have to be running? Nothing to do with CARP :) --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Outgoing Load Balancing mini-howto
On 10/13/05, Rajkumar S [EMAIL PROTECTED] wrote: Create NAT-Rules for your WAN-POOL 1. visit firewallNATOutbound 2. enable advanced outbound nat 3. check the automatically created rules. 4. create rules for all your internal networks to map to OPT interfaces.. (one rule for each internal network to each opt-interface in the pool) I could not understand this? Which OPT interface? each internal network ? I have only one. This is mainly a confirmation that the source addresses for your internal network(s) will be presented to the internet correctly. If it looks right, don't do anything. Policy based balancing 1. Edit a firewall rule on the LAN or Optional interfaces. * NOTE! We do not recommend editing the default pass all rule! Create a new rulebefore the default rule for your policy. 2. Set the gateway to the newly created pool Done!. It seems the loadbalancer is working. I am able to tcpdump the second gateway and see some good :) packets. But when I traceroute from the lan, all packets goes via the first gateway. Also State tables. Wait a while try again. Eventually you'll get on the other side of your new 50-50 logic as to which link a new IP flow will go down. can I specify the priority of each gateway. ie I have an 1mbps link and a 256kbps, out of 5 packets 4 must go through 1mbps link and one via 256 kbps. Also in the wish list is to Not today. I think I have this locked out right now, but you can do ratio based load balancing...put the 1Mbit link in the gateway pool 4 times and the 256K link once - that would have the same effect. Again, I believe this isn't currently possible in the UI, if you're willing to test it, I'll open it up (I have a MUCH larger discrepency at home 8Mbit and 384Kbit, so I don't load balance, I send targeted traffic out each link). specify one gateway for some ips. ie dns and smtp server for first isp should always be routed via first isp and vice versa. Policy based routing. Create a rule for each item you'd like to direct over a given link. Remember, we're a first match system, just place the more specific rules first in your list and it'll match. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] UDP consistent translation
On 10/12/05, Kevin Wolf [EMAIL PROTECTED] wrote: I'm sorry, your solution actually worked. I forgot to move the new rule above the default, so it had priority! D'oh!!! Good to hear...I was actually about to suggest that you double check that ;) Thank you for the help, it was much appreciated :) Glad to help. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] question ?
it is possible that pfsense it integrates configurations predefined in the installation like smoothwall or ipcop thk pd:anyone can speak spanish ? -- .::Cristian Menghi::. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] question ?
that not can importat configurations of ipcop, I want to know if can pfsense come with configurations by defect like Ipcop 2005/10/13, Marcin Jessa [EMAIL PROTECTED]: On Thu, 13 Oct 2005 11:23:02 -0300 Cristian Menghi [EMAIL PROTECTED] wrote: it is possible that pfsense it integrates configurations predefined in the installation like smoothwall or ipcop No, you cannot export configuration from your existing IPcop setup. pd:anyone can speak spanish ? It's an english mailing list. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- .::Cristian Menghi::. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version
Hi, I just bought pcengine and installed with 0.70.4. I would like to upgrade to the latest version. I found pfSense-Wrap-Update-0.84.tgz. This is the latest version that I can find. After I uploaded the image file. I got this error This image is not digitally signed. This means that the image you uploaded is not an official/supported image and may lead to unexpected behavior or security compromises. Only install images that come from sources that you trust, and make sure that the image has not been tampered with. Please note that we do not sign alpha and or beta images. Do you want to install this image anyway (on your own risk)? I forced to yes. After rebooted the image is still using the old version, 0.70.4. any idea how to upgrade my wrap box ? Thanks in advance -santo-
Re: [pfSense Support] question ?
On Thu, 13 Oct 2005 11:48:32 -0300 Cristian Menghi [EMAIL PROTECTED] wrote: that not can importat configurations of ipcop, I want to know if can pfsense come with configurations by defect like Ipcop I am not sure what you mean. What IPcop functions do you need ? From what I know IPcop is some kind of firewall which can stop users at MAC-address level and shape their IPs. It can also work as DHCP server and such. 2005/10/13, Marcin Jessa [EMAIL PROTECTED]: On Thu, 13 Oct 2005 11:23:02 -0300 Cristian Menghi [EMAIL PROTECTED] wrote: it is possible that pfsense it integrates configurations predefined in the installation like smoothwall or ipcop No, you cannot export configuration from your existing IPcop setup. pd:anyone can speak spanish ? It's an english mailing list. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- .::Cristian Menghi::. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense on WRAP
No, not at this time. What's wrong with the flash tutorial? On 10/13/05, Walter C. Pelissero [EMAIL PROTECTED] wrote: Is there any non-flash tutorial that explains how to install pfSense on a PCEngines WRAP? Thanks, -- walter pelissero http://www.pelissero.de - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version
On 10/13/05, Susanto Leman [EMAIL PROTECTED] wrote: Hi, So do you mean that 0.70.4 is unable to upgrade to later version. Yes. Which image is that ? May I know the url ? I only found one image for WRAP. Thanks ftp://reflection.ncsa.uiuc.edu/pub/pfSense/downloads/pfSense-Embedded-0.86.4.bin.gz - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version
Hi, Thanks for your reply. The image is with embedded. Because according to the tutorial in flash, the image should be with wrap. Will it work with my wrap box ? just need to confirm. ;-) -santo- -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 11:12 PM To: support@pfsense.com Subject: Re: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version On 10/13/05, Susanto Leman [EMAIL PROTECTED] wrote: Hi, So do you mean that 0.70.4 is unable to upgrade to later version. Yes. Which image is that ? May I know the url ? I only found one image for WRAP. Thanks ftp://reflection.ncsa.uiuc.edu/pub/pfSense/downloads/pfSense-Embedded-0.86.4 .bin.gz - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version
Yes, it works with all embedded devices. On 10/13/05, Susanto Leman [EMAIL PROTECTED] wrote: Hi, Thanks for your reply. The image is with embedded. Because according to the tutorial in flash, the image should be with wrap. Will it work with my wrap box ? just need to confirm. ;-) -santo- -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 11:12 PM To: support@pfsense.com Subject: Re: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version On 10/13/05, Susanto Leman [EMAIL PROTECTED] wrote: Hi, So do you mean that 0.70.4 is unable to upgrade to later version. Yes. Which image is that ? May I know the url ? I only found one image for WRAP. Thanks ftp://reflection.ncsa.uiuc.edu/pub/pfSense/downloads/pfSense-Embedded-0.86.4 .bin.gz - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version
Hi, Thank you ver much Regards Santo -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 11:16 PM To: support@pfsense.com Subject: Re: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version Yes, it works with all embedded devices. On 10/13/05, Susanto Leman [EMAIL PROTECTED] wrote: Hi, Thanks for your reply. The image is with embedded. Because according to the tutorial in flash, the image should be with wrap. Will it work with my wrap box ? just need to confirm. ;-) -santo- -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 11:12 PM To: support@pfsense.com Subject: Re: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version On 10/13/05, Susanto Leman [EMAIL PROTECTED] wrote: Hi, So do you mean that 0.70.4 is unable to upgrade to later version. Yes. Which image is that ? May I know the url ? I only found one image for WRAP. Thanks ftp://reflection.ncsa.uiuc.edu/pub/pfSense/downloads/pfSense-Embedded-0.86.4 .bin.gz - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] RE: Wrap upgrading from 0.70.4 to latest version
On 10/13/05, Susanto Leman [EMAIL PROTECTED] wrote: Hi, Thanks for your reply. The image is with embedded. Because according to the tutorial in flash, the image should be with wrap. Will it work with my wrap box ? just need to confirm. ;-) -santo- The tutorial is probably a hair out of date by now. At the point it was created we were still under heavy development and stuff was changing daily. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Multiplan WAN IPs on same interface via DHCP
Hi All My cable ISP allows me to obtain up to 5 IP addresses via DHCP (nope, no static addresses here, they cost a fortune). For the sake of having more control over NAT and port mappings, I'd like to be able to use more than the single IP address obtained by pfSense out of the box. Here's what I was thinking: - Is it possible to define multiple "virtual" interfaces (not VLANs) one one physical one, each with its own (spoofed) MAC address? They'd then be configured as DHCP-Interfaces in pfSense and get their own (different IPs). - If so, would it be possible (OK, now I'm asking a bit much here) to get DynDNS for each of them? Thanks for your advice Thomas
Re: [pfSense Support] Multiplan WAN IPs on same interface via DHCP
On 10/13/05, Thomas [EMAIL PROTECTED] wrote: My cable ISP allows me to obtain up to 5 IP addresses via DHCP (nope, no static addresses here, they cost a fortune). For the sake of having more control over NAT and port mappings, I'd like to be able to use more than the single IP address obtained by pfSense out of the box. By chance have you tried this? It's not really supported at the moment but I have been reviewing some freebsd archives and it may be possible if I do some tweaks to dhclient-script. I need to setup a testing environement to verify. If you have set this up can you send me your dhclient logs from the system logs area? Here's what I was thinking: - Is it possible to define multiple virtual interfaces (not VLANs) one one physical one, each with its own (spoofed) MAC address? They'd then be configured as DHCP-Interfaces in pfSense and get their own (different IPs). That would be ideal, but I don't think the interfaces are clonable. - If so, would it be possible (OK, now I'm asking a bit much here) to get DynDNS for each of them? This for sure will not work. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] failover ipsec
Just a general question. Would like to know if people think that this would work. Internet real | Datacentre (IPSECEND) | | |-- | | | | | | | Internet 1 internet2 | | -- | | | Wan opt1 | IPSEC1__IPSECFAIL | | | | | PFSENSE BOX Opt2 | Public ip block | -
Re: [pfSense Support] failover ipsec
On 10/13/05, alan walters [EMAIL PROTECTED] wrote: Just a general question. Would like to know if people think that this would work. Internet real | Datacentre (IPSECEND) | | |-- | | | | | | | Internet 1 internet2 | | -- | | | Wan opt1 | IPSEC1__IPSECFAIL| | | | | PFSENSE BOX Opt2 | Public ip block | - Should work A-OK. However SASYNCD is not completely finished so failover time will be about 2 seconds from what I experience on my home ipsec line. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] failover ipsec
Cool you guys are great. This solves a long running problem. Time to get testing I guess. thanks -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: 13 October 2005 22:05 To: support@pfsense.com Subject: Re: [pfSense Support] failover ipsec On 10/13/05, alan walters [EMAIL PROTECTED] wrote: Just a general question. Would like to know if people think that this would work. Internet real | Datacentre (IPSECEND) | | |-- | | | | | | | Internet 1 internet2 | | -- | | | Wan opt1 | IPSEC1__IPSECFAIL| | | | | PFSENSE BOX Opt2 | Public ip block | - Should work A-OK. However SASYNCD is not completely finished so failover time will be about 2 seconds from what I experience on my home ipsec line. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Multiplan WAN IPs on same interface via DHCP
Didn't dare try this yet, as I was looking for a way to request multiple leases using different MAC addresses (coming from the Wintel world, I've yet so see a DHCP server that issues more than one lease for the same MAC). If you can point me in the right direction (the archives you looked at suggesting it may be possible), I'll be happy to have a go. Thomas -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Donnerstag, 13. Oktober 2005 18:45 To: support@pfsense.com Subject: Re: [pfSense Support] Multiplan WAN IPs on same interface via DHCP On 10/13/05, Thomas [EMAIL PROTECTED] wrote: My cable ISP allows me to obtain up to 5 IP addresses via DHCP (nope, no static addresses here, they cost a fortune). For the sake of having more control over NAT and port mappings, I'd like to be able to use more than the single IP address obtained by pfSense out of the box. By chance have you tried this? It's not really supported at the moment but I have been reviewing some freebsd archives and it may be possible if I do some tweaks to dhclient-script. I need to setup a testing environement to verify. If you have set this up can you send me your dhclient logs from the system logs area? Here's what I was thinking: - Is it possible to define multiple virtual interfaces (not VLANs) one one physical one, each with its own (spoofed) MAC address? They'd then be configured as DHCP-Interfaces in pfSense and get their own (different IPs). That would be ideal, but I don't think the interfaces are clonable. - If so, would it be possible (OK, now I'm asking a bit much here) to get DynDNS for each of them? This for sure will not work. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] kern.ipc
Do this from the shell: update_file.sh /etc/sysctl.conf Then reboot. Scott On 10/13/05, John Cianfarani [EMAIL PROTECTED] wrote: Hey all, Posted this before but it's happened again with the version: 84.6 Will try to upgrade it this week and report if it happens again. Has been up for maybe 2 days. Getting an error on the console repeating kern.ipc.maxpipekva exceeded; see tuning (7) Unable to get in via SSH/Console/Web Gui. FW is still passing traffic. Thanks John - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Asterisk behind pfSense
Hi, I am having problem for remote user to register my asterisk. Initially, It was working fine. I read from the support email. Someone installed siproxd. And its working. How to install on my wrap ? using shell to install ? I notice that the feature Install Package is removed from my WRAP. I saw that feature in the earlier version. Is that so ? -santo-
RE: [pfSense Support] kern.ipc
Sorry did an upgrade already to 86.4 since I wanted to try to add some other packages. Will let you know if it comes back. John -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 9:14 PM To: support@pfsense.com Subject: Re: [pfSense Support] kern.ipc Do this from the shell: update_file.sh /etc/sysctl.conf Then reboot. Scott On 10/13/05, John Cianfarani [EMAIL PROTECTED] wrote: Hey all, Posted this before but it's happened again with the version: 84.6 Will try to upgrade it this week and report if it happens again. Has been up for maybe 2 days. Getting an error on the console repeating kern.ipc.maxpipekva exceeded; see tuning (7) Unable to get in via SSH/Console/Web Gui. FW is still passing traffic. Thanks John - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Resize Wrap image
Is there a way to resize/expand the size of partition used on the wrap? I have a 512 Meg card and Id like to try to add some other packages onto it like perl and nagios plugins to monitor but with only 14meg free its kinda tough. Ive tried putting in a machine with a few different partition software qtparted on Knoppix, Paragon HD Manager, and one off Ultimate Boot CD 3.3. Most either dont recognize the partition type or dont see the usb drive. Any help is appreciated. Thanks John
Re: [pfSense Support] Asterisk behind pfSense
Also, in addition to John's great suggestions if this still doesn't work, try sipproxd in the packages section (if you are not running on a embedded platform). Scott On 10/13/05, John Cianfarani [EMAIL PROTECTED] wrote: What protocol SIP or IAX? If it's IAX (recommended for clients dealing with nat) you need to forward port UDP 4569 to your asterisk box. If it's SIP you need to forward port TCP 5060 and UDP 16384-32767 to your asterisk box. Also make sure nat=yes and quality=yes are enabled for that extension in the sip.conf Just so you know gettings clients to work behind NAT can be very tricky. http://www.voip-info.org has a wealth of knowledge on the topic. Someone here can probably give you better info for installing the package but this is what I think would work. SSH/console in. /etc/rc.conf_mount_rw pkg_add http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-6-current/All/siproxd-0.5.11.tbz /etc/rc.conf_mount_ro Not sure if you would be able to configure through the gui or if you have to edit conf files. Hope that helps John From: Susanto Leman [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 9:19 PM To: support@pfsense.com Subject: [pfSense Support] Asterisk behind pfSense Hi, I am having problem for remote user to register my asterisk. Initially, It was working fine. I read from the support email. Someone installed siproxd. And its working. How to install on my wrap ? using shell to install ? I notice that the feature Install Package is removed from my WRAP. I saw that feature in the earlier version. Is that so ? -santo- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Resize Wrap image
Use the LiveCD with http://wiki.pfsense.com/wikka.php?wakka=FlashHowTo to resize. Scott On 10/13/05, John Cianfarani [EMAIL PROTECTED] wrote: Is there a way to resize/expand the size of partition used on the wrap? I have a 512 Meg card and I'd like to try to add some other packages onto it like perl and nagios plugins to monitor but with only 14meg free it's kinda tough. I've tried putting in a machine with a few different partition software qtparted on Knoppix, Paragon HD Manager, and one off Ultimate Boot CD 3.3. Most either don't recognize the partition type or don't see the usb drive. Any help is appreciated. Thanks John - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Resize Wrap image
Should have looked there first. Will try that now. Thanks John -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thursday, October 13, 2005 9:54 PM To: support@pfsense.com Subject: Re: [pfSense Support] Resize Wrap image Use the LiveCD with http://wiki.pfsense.com/wikka.php?wakka=FlashHowTo to resize. Scott On 10/13/05, John Cianfarani [EMAIL PROTECTED] wrote: Is there a way to resize/expand the size of partition used on the wrap? I have a 512 Meg card and I'd like to try to add some other packages onto it like perl and nagios plugins to monitor but with only 14meg free it's kinda tough. I've tried putting in a machine with a few different partition software qtparted on Knoppix, Paragon HD Manager, and one off Ultimate Boot CD 3.3. Most either don't recognize the partition type or don't see the usb drive. Any help is appreciated. Thanks John - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]