You should use postscreen/blacklist to block spam?
Eero
pe 18. toukok. 2018 klo 17.43 Alberto José García Fumero <
albe...@ettpartagas.co.cu> kirjoitti:
> Hi all.
>
> I use PfSense 2.2.1. Of course I know it would very convenient to
> upgrade, but right now it isn't possible.
>
> Im trying to
Well. You should use VLANs to segment IoT devices into different network.
Anyway... some commercial vendor might provide a bit better protection ;)
You can replace you apple timemachine with unifi aps.
https://www.ubnt.com/unifi/unifi-ap/
Eero
On Sun, May 13, 2018 at 10:44 PM Richard A. Relph
ernet.
>
> I think it has to do with/ ntp sync.
>
> On Thu, Apr 19, 2018, 5:38 PM Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
> > so, what is the main issue?
> >
> > Eero
> >
> > pe 20. huhtik. 2018 klo 0.35 Bryan Hemedinger <bry...@esg
so, what is the main issue?
Eero
pe 20. huhtik. 2018 klo 0.35 Bryan Hemedinger kirjoitti:
> I received the Netgate unit SG-4860 and need help setting it up
>
>
> Bryan Hemedinger D.O.P.
> 954-722-2223
> Photography Dept.
> ___
>
fix is in reddit thread ..
Someone should fix this on pfsense default config..
Eero
On Thu, Apr 19, 2018 at 11:53 AM, mayak wrote:
> On 04/19/2018 10:33 AM, Fabian Bosch wrote:
>
>> Same here on v*2.3.3 *and even after update to v*2.4.3
>> *Any news on this?*
>> *
>>
>>
Sounds like a bug:
https://www.reddit.com/r/PFSENSE/comments/88ry96/there_were_errors_loading_the_rules/
Eero
On Thu, Apr 19, 2018 at 11:33 AM, Fabian Bosch
wrote:
> Same here on v*2.3.3 *and even after update to v*2.4.3
> *Any news on this?*
> *
>
> regards,
>
> Fabian
Maybe. I think that hardware can still do full gigabit nat and firewalling.
--
Eero
On Mon, Feb 19, 2018 at 7:12 PM, Moshe Katz <mo...@ymkatz.net> wrote:
> On Mon, Feb 19, 2018 at 10:42 AM, Paul Mather <p...@gromit.dlib.vt.edu>
> wrote:
>
> > On Feb 19, 2018,
Thanks. that worked. It was a bit hard without console :)
Eero
On Fri, Feb 16, 2018 at 9:00 PM, Melvin <mel...@sleepydragon.net> wrote:
> I've had good luck in similar cases by installing on a generic machine
> then putting the media in the target box.
>
> On Feb 16, 2018, 13:
le.com/search?q=VGA+header+to+15-pin+ribbon;
> source=lnms=shop=X=0ahUKEwiwybq2ma3ZAhVI2oMKHf9zBWwQ_AUICigB <
> https://www.google.com/search?q=VGA+header+to+15-pin+
> ribbon=lnms=shop=X=0ahUKEwiwybq2ma3ZAhVI2oMKHf9zB
> WwQ_AUICigB>
>
> > On Feb 17, 2018, at 3:29 AM,
Hi List,
Does anyone know where I can buy this cable:
https://store.netgate.com/Hamakua-VGA-Cable-P350.aspx
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
good luck in similar cases by installing on a generic machine
> then
> putting the media in the target box.
>
> >>On Feb 16, 2018, 13:40, at 13:40, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
> >>Hi List,
> >>
> >>I need to install pf
Thanks. that sounds like a good idea.
Eero
16.2.2018 21.02 "Melvin" <mel...@sleepydragon.net> kirjoitti:
> I've had good luck in similar cases by installing on a generic machine
> then putting the media in the target box.
>
> On Feb 16, 2018, 13:40, at 13:40,
Hi List,
I need to install pfsense 2.4 on watchguard xtm 810. there is issue as it
does not boot from usb stick, only from cf or sata.
Any idea how to install pfsense on it? it works with 2.3 nano-vga image,
but such is not available for pfsense 2.4
--
Eero
y. I shouldn't have to replace my hardware to support a
> > feature I will not use...
> >
> > I shame Netgate for such an artificial limitation...
> >
> > Thank you for the information.
> >
> > On 02/15/2018 12:20 PM, Eero Volotinen wrote:
> > > Well:
&g
> I believe I read somewhere that the new version that requires aes-ni will
> be 3.x, and they plan to continue the 2.x line alongside it, as 3.x will be
> a major rewrite
>
>
> -Ed
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eer
> saying "AES-NI CPU Crypto: No".
>
> On 02/15/2018 11:55 AM, Eero Volotinen wrote:
> > Please note that next pfsense will not install hardware that is not
> > supporting aes-ni?
> >
> > Eero
> >
> > On Thu, Feb 15, 2018 at 6:37 PM, Kyle Mar
Please note that next pfsense will not install hardware that is not
supporting aes-ni?
Eero
On Thu, Feb 15, 2018 at 6:37 PM, Kyle Marek wrote:
> This board does round-up gigabit (something like 976 Mb/s) in both
> directions on all 4 interfaces:
Hi,
This hardware can do gigabit (wirespeed) NAT/FW
https://www.amazon.com/gp/product/B016VHBA7C (tested on my home, using
symmetric gigabit line...)
but, I we use NetGate SG-8860 on our main offices:
cannot expose the LAN ip address
> to the tunnel (192.168.110.130), I need to use the public IP...
>
> thanks again
>
>
> On 8 February 2018 at 23:51, Eero Volotinen <eero.voloti...@iki.fi> wrote:
>
> > Well. Maybe You need to hire pfsense consultant with NDA, so
and@greentree.systems>
wrote:
> On 8 February 2018 at 20:40, Eero Volotinen <eero.voloti...@iki.fi> wrote:
>
> > how about not masking ip addresses?
> >
>
> I'm not allowed to show the ip addresses (by my client), hence the
> masking...
>
> I thought I need NAT, b
how about not masking ip addresses?
do you really need nat in phase 2 ? why?
Eero
8.2.2018 18.17 "Roland Giesler" kirjoitti:
> I'm trying to find a solution and know there are quite a few pfSense users
> here, so here goes...
>
> We've set up some IPSec tunnels and
from pfSense, but how do I have
> to remove the config files ???
>
> Thanks a lot, regards !!!
>
> 2018-01-03 13:30 GMT-03:00 Eero Volotinen <eero.voloti...@iki.fi>:
> > Fix:https://forum.pfsense.org/index.php?topic=110155.0
> >
> > remove squid+config file &
Hi List,
Is there way to configure pfsense as ipsec initiator only? (on some ipsec
connections)
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
See: http://lists.pfsense.org/pipermail/list/2018-January/011620.html
--
Eero
2018-01-05 15:33 GMT+02:00 Roberto Carna :
> Dear, I've moved from pfSEnse 2.4.0 with Squid 0.4.42 to pfSEnse
> 2.4.42 with Squid 0.4.42_1. After the update, the Squid service
> crashes and
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
is there patch soon available on pfsense kernel?
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
Fix:https://forum.pfsense.org/index.php?topic=110155.0
remove squid+config file & reinstall squid..
3.1.2018 17.55 "Roberto Carna" kirjoitti:
> Dear, I have updated Squid on pfSense to 0.4.42_1 version on pfSense
> 2.4.2-RELEASE-p1 (amd64). But after start the service
Did you tried also update from ssh shell? or only from web-gui?
Eero
2017-12-27 6:10 GMT+02:00 David C. Jenner :
> I updated successfully to 2.4.
>
> Then I tried to update to 2.4.2. It took many minutes for
> System/Update/System Update to get to the point of asking me to
Hi List.
Is there easy way to loadbalance openvpn on multiple cores? like using
loadbalancer on pfsense?
looks like it is not threaded and only running single core?
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support
you are missing something like ca certificate that is used to verify remote
endpoint
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Dec 24 00:53:16 openvpn 10563 VERIFY ERROR: depth=0,
error=unable to
get local issuer certificate: C=VG, ST=BVI, O=ExpressVPN,
Hi,
Check out firewall / rules / interface_name
Eero
2017-12-23 6:25 GMT+02:00 Antonio :
> Hi,
>
> I'm not sure how you move traffic between the above interfaces. I was
> under the impression that all you needed was a "Default allow LAN to any
> rule" and job done. Yet i'm
Well,
Just plug pfsense to ADSL and buy managed switch and some unifi wlan aps.
You can install proxy on pfsense box also..
Eero
22.12.2017 23.57 "Antonio" kirjoitti:
Hello,
I'm trying to design an optimal network setting for my home and was
wondering what people's thoughts
this long standing issue: https://redmine.pfsense.org/issues/4310
:(
Eero
2017-12-18 10:07 GMT+02:00 Eero Volotinen <eero.voloti...@iki.fi>:
> looks like turning pfsync from on to off resolved this issue.
>
> --
> Eero
>
> 2017-12-17 20:11 GMT+02:00 Joseph L. Casale &l
looks like turning pfsync from on to off resolved this issue.
--
Eero
2017-12-17 20:11 GMT+02:00 Joseph L. Casale <jcas...@activenetwerx.com>:
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: Sunday, Decem
ok. I might be able to use screen to save output from firewall :) good idea.
Eero
2017-12-17 20:11 GMT+02:00 Joseph L. Casale <jcas...@activenetwerx.com>:
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: S
Need to test that tomorrow. Just wondering how to attach remote debugger or
similar to get root cause of crash.
Eero
17.12.2017 19.57 "Joseph L. Casale" <jcas...@activenetwerx.com> kirjoitti:
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.
Hi List,
After updating and restoring config to my SG-8860, it goes to endless boot
- reboot - crash loop.
Any idea how to test if this is hardware or software issue?
--
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
is this install image available in net? for netgate devices.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
e
> > gateway on a device on the LAN should be .1 (the "CARP" LAN IP).
> >
> > Are you getting packet loss if you ping the .1 address? The .7 address?
> > Or just out to the Internet?
> >
> > --
> >
> > Steve Yates
> > ITS, Inc.
> >
; gateway on a device on the LAN should be .1 (the "CARP" LAN IP).
>
> Are you getting packet loss if you ping the .1 address? The .7 address?
> Or just out to the Internet?
>
> --
>
> Steve Yates
> ITS, Inc.
>
> -Original Message-
> From: List [mailto:list
Hi,
installed pfsense ha system on office. it works, but experiencing about 25%
packet loss. any idea why? switch issue? failover works fine.
VIP lan gw ip is .1 but looks like traffic is going to .7 ip (normal ip of
fw) even dhcp offers .1 as gw. is this normal?
Eero
job ;)
Eero
4.12.2017 19.16 "Chris L" <c...@viptalk.net> kirjoitti:
>
>
> > On Dec 4, 2017, at 9:07 AM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
> >
> > well. my plan was to add first carp vip addresses to old configuration
> with
> >
well. Just thinking site to site ipsec :)
anyway. not happy with meraki aes speed, but that might be problem on
meraki device..
Eero
10.12.2017 19.06 "Vick Khera" kirjoitti:
> If you're going to use IPSec mobile client with an iPhone, it does not seem
> to propose the GCM
Hi,
What is the best ipsec ciphers for aes-ni ipsec acceleration?
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
well. take backup of config and ask operator to reinstall box from usb
stick & restore backup?
Eero
5.12.2017 11.53 "Pete Boyd" kirjoitti:
> It was available to login to again after power cycling.
>
> From the log - General:
>
> check_reload_status
well. ssh into box and cat /etc/resolv.conf to see nameserver addresses. if
it contains 127.0.0.1 entry, then it is using dnsmasq/unbound or similar
dns cache.
I think it is under services tab..
Eero
4.12.2017 23.56 "Pete Boyd" kirjoitti:
> I'm not sure where to
well. for temporary fix, try hardcoding needed hostnames in /etc/hosts and
check also that your firewall rules allow access to dns server 53/udp and
tcp.
Eero
4.12.2017 22.41 "Pete Boyd" kirjoitti:
> On 04/12/2017 20:39, Adam Thompson wrote:
> > Do you have
is dns (nameresolution) working correctly?
Eero
4.12.2017 22.29 "Pete Boyd" kirjoitti:
> On 04/12/2017 20:11, Steve Yates wrote:
> > If you ssh to the device and pick the option to update from its console
> menu, does it update there?
>
> No, those package
It might be possible to transfer static version of strace to box via ssh.
this might a bit tricky, but ..
--
Eero
2017-12-04 22:11 GMT+02:00 Pete Boyd :
> strace isn't installed, no packages are installed.
>
> Ideally I'd like to recover this to 2.3.5 or 2.4.2 if
I got similar problems on my device :) reinstalled it with 2.4.2 and did
restore from backup.
Anyway, do you have strace or similar tools installed in the box?
Eero
2017-12-04 21:57 GMT+02:00 Pete Boyd <petes-li...@thegoldenear.org>:
> On 04/12/2017 19:52, Eero Volotinen wrote:
> &
Can you ssh into device and drop to shell?
Eero
2017-12-04 21:19 GMT+02:00 Pete Boyd :
> Hi. I upgraded a production SG-2440 running pfSense 64-bit 2.3.5 to
> 2.4.2 using the web GUI. There were no packages installed. It appeared
> to update OK, and rebooted
t;c...@viptalk.net>:
> On Dec 4, 2017, at 8:11 AM, Eero Volotinen <eero.voloti...@iki.fi> wrote:
> >
> > Well. is that really so hard?
> >
> > thinking to add carp ip addresses and switching them to main addresses by
> > editing xml backup and then restoring
s in order to
> sync firewall states (em0 to igb0 won't sync).
>
> --
>
> Steve Yates
> ITS, Inc.
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: Saturday, December 2, 2017 11:04 AM
> To: p
Hi List,
I just bought two pieces of sg-8860 netgate devices and planning to convert
old unit to ha solution.
Is there simple way to convert units to ha with a bit editing xml backup?
--
Eero
___
pfSense mailing list
n stick with latter u can test
> 2.4.2 upgrade.
>
>
> On Sun, Nov 26, 2017 at 4:04 AM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
> > just planning to upgrade my sg-8860 from pfsense 2.3 to 2.4. is there any
> > known issues?
> >
> > it's
ges for "major" version upgrades but (per my past thread
> here ) I would think point versions are minor upgrades.
> >
> > --
> >
> > Steve Yates
> > ITS, Inc.
> >
> > -Original Message-
> > From: List [mailto:list-boun...@lists.p
Well. I have similar issue on my sg-8860. it complains about missing ssl
and php libraries :)
well. at least it boots from usb .. so I can do full reinstall + config
restore..
Eero
2017-11-23 18:59 GMT+02:00 Ryan Coleman :
> There’s likely a package you added to your
rewalls all without any problems.
>
>
>
> Am 26.11.17, 13:04 schrieb "List im Auftrag von Eero Volotinen" <
> list-boun...@lists.pfsense.org im Auftrag von eero.voloti...@iki.fi>:
>
> just planning to upgrade my sg-8860 from pfsense 2.3 to 2.4. is there
> any
&
an do, as indicated, is to run the “MTU” up such that
> the (OpenVPN) packet size increases, which reduces the overhead of both the
> TUN/TAP interface, as well as some of the overhead of handing relatively
> short packets to OpenSSL for encryption/decryption.
>
> Jim
>
just planning to upgrade my sg-8860 from pfsense 2.3 to 2.4. is there any
known issues?
it's not so complex setup, but running as our hq main firewall. so, some
ipsec and openvpn connections are running against it.
Eero
___
pfSense mailing list
rough the NetGate and it can not
> handle the load.
> >
> >
> > In other words, based on the limited info you provided, you have not
> provided proof that it's a problem with the NetGate.
> >
> >
> > Lyle Giese
> >
> >> On 11/25/17 06:34, Eero
thanks for links. looks like it might be wise to upgrade pfsense 2.4 and
enable --cipher AES-256-GCM on openvpn?
Eero
2017-11-25 20:01 GMT+02:00 Joseph L. Casale <jcas...@activenetwerx.com>:
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Be
traffic through the NetGate and it can not
> handle the load.
>
>
> In other words, based on the limited info you provided, you have not
> provided proof that it's a problem with the NetGate.
>
>
> Lyle Giese
>
>
> On 11/25/17 06:34, Eero Volotinen wrote:
>
>
Hi list,
We are running pfsense 2.3 on netgate sg-8860.
Device is connected to internet with gigabit link, but openvpn speed is
very slow (about 50Mbit/s). Any idea how to get more speed to vpn clients?
Eero
___
pfSense mailing list
from usb stick?
Eero
23.11.2017 23.25 "Elijah Savage" <esav...@digitalrage.org> kirjoitti:
> Can't get it to boot on any image.
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: T
reinstall with factory factory image from usb stick?
23.11.2017 18.09 "Elijah Savage" kirjoitti:
> I know it is an older model but after my attempt to upgrade my APU4 it
> would
> not reboot. I let it sit for 24 hours as it was still passing traffic but
> no
> reboot.
Take look of this how to:
https://doc.pfsense.org/index.php/Routing_internet_traffic_through_a_site-to-site_IPsec_tunnel
adding site is simple, just replicate site A with different lan addressing.
Eero
2017-11-23 8:19 GMT+02:00 Eero Volotinen <eero.voloti...@iki.fi>:
> Hi Ryan,
Hi Ryan,
Ipsec is the way you want to go. We have multiple sites connecting our HQ
running sg-8860 with similar setup.
Please note that you need different ip ranges on each site. (for example
site1: 192.168.2.0/24, site2: 192.168.3.0/24 and hq site with 192.168.4.0/24
)
--
Eero
2017-11-22
ftrag von st...@teamits.com>:
>
> Starting at the top level, do you have a firewall rule allowing ICMP
> for IPv6?
>
> --
>
> Steve Yates
> ITS, Inc.
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On B
Hi List,
Running ipv6 with dhcpv6 from isp and it works on my laptop without pfsense,
but on pfsense shell, I cannot even ping other network addresses that gw:
ping6 fe80::208:20ff:fe4e:1c1b
PING6(56=40+8+8 bytes) fe80::ae1f:6bff:fe43:a993%igb3 -->
fe80::208:20ff:fe4e:1c1b
16 bytes from
well. you cannot import config to different device without manually editing
the xml configuration
Eero
2017-10-24 14:03 GMT+03:00 Adrian Zaugg :
>
> Hi
>
> When loading a configuration file from a different device (with other
> NICs) to a freshly installed pfSense, it
so sad. how to downgrade to 2.3?
Eero
2017-10-17 17:57 GMT+03:00 :
> Am 2017-10-17 16:54, schrieb Ivo Tonev:
>
>> Even if your vlan dont bright up you can capture traffic on physical
>> interfaces with tcpdump.
>> See what you can capture before any other move.
>>
>
>
So, you mean that it is not working?
Eero
2017-10-17 17:32 GMT+03:00 <rai...@ultra-secure.de>:
> Am 2017-10-17 16:28, schrieb Eero Volotinen:
>
>> It's netgate pfsense SG-4860 running 2.4 final release
>>
>
>
> So, these are intel nics?
>
> Can you loo
It's netgate pfsense SG-4860 running 2.4 final release
Eero
2017-10-17 17:23 GMT+03:00 <rai...@ultra-secure.de>:
> Am 2017-10-17 15:36, schrieb Eero Volotinen:
>
>> Hi All,
>>
>> Tried to configure lagg0 interface with vlans. Looks like traffic is not
>>
Hi All,
Tried to configure lagg0 interface with vlans. Looks like traffic is not
passing in the interface.
Any ideas? It works fine, if I just configure interface with vlan, but not
with lagg interface
Setup is like this:
-> Lagg0 with two interfaces in failover mode and vlan tagging top of
en two VMs running on the
> same hypervisor, more recently at a different ISP.
> Use iperf or something (anything!) better to make more accurate
> measurements before questioning pfSense, IMHO.
> -Adam
>
> On September 3, 2017 3:59:24 AM CDT, Eero Volotinen <eero.voloti...@iki.f
over 800Mbit/s, why it cannot upload at same speed?
(tester is speedtest-cli)
Eero
2017-09-03 13:52 GMT+03:00 Alexandre Paradis <alexandre.para...@gmail.com>:
> it might be your desktop cpu that is too weak.
>
> not enough info here.
>
> On Sun, Sep 3, 2017 at 4:
Hi,
Is there any setting to optimize pfsense nat speed?
Tried with speedtest and upload speed is abit slow?
Retrieving speedtest.net configuration...
Testing from Suomi Communications (77.246.193.181)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by
ok. that sounds really bad: http://dilbert.com/strip/1998-08-24
Eero
30.3.2017 5.40 ip. "Claudio M." kirjoitti:
> In data mercoledì 29 marzo 2017 10:13:36, WebDawg ha scritto:
> > You can do two different subnets on one network, but it is not the way to
> > do things.
How about using vlan tagging?
Eero
2017-03-29 13:55 GMT+03:00 Claudio M. :
> Hi
> I've migrated a linux firewall to a 2.3.3-RELEASE-p1 pfsense.
> The old configuration was with 2 interfaces connected to adsl routers and
> an
> interface for the lan. Was configurated also a
http/https, vpn, torrent and 4k streaming :)
28.3.2017 7.50 ip. "Matthew Hall" <mh...@mhcomputing.net> kirjoitti:
> On Tue, Mar 28, 2017 at 09:59:05AM +0300, Eero Volotinen wrote:
> > Hi List,
> >
> > Looking for pfsense hardware that can handle 1000M/1
Well, I don't know PPS values :) This is just home gigabit connection for
.. surfing/movies/4K streaming :)
Eero
2017-03-28 15:13 GMT+03:00 Vick Khera <vi...@khera.org>:
> On Tue, Mar 28, 2017 at 2:59 AM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
> > L
gt; I have a SG-2220, which is silent and adequate for most needs. Most are
> silent/fanless!
>
> Regards,
>
> Ian Jacobs
>
>
> > On 28 Mar 2017, at 07:59, Eero Volotinen <eero.voloti...@iki.fi> wrote:
> >
> > Hi List,
> >
> > Looking for pfsens
Hi List,
Looking for pfsense hardware that can handle 1000M/1000M internet
connection with NAT.
Any recommendations? It must be silent..
--
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold!
maybe you need something like this
https://doc.pfsense.org/index.php/Siproxd_package
Eero
20.3.2017 11.56 ap. "Martin Fuchs" kirjoitti:
> Hi !
>
> I have a Fritz!Box (router) connected to the internet (no other
> possibility).
>
> In i have NATted ESP, GRE, 4500, 500,
for some reason my pfsense crashed & corrupted fs during upgrade :(
Eero
23.2.2017 2.57 ap. "Dave Warren" <da...@hireahit.com> kirjoitti:
> On Wed, Feb 22, 2017, at 10:23, Eero Volotinen wrote:
> > The process will require 14 MiB more space.
> >
> >
The process will require 14 MiB more space.
73 MiB to be downloaded.
Fetching php56-5.6.30.txz: .. done
pkg: php56-5.6.30 failed checksum from repository
something wrong with the packages?
--
Eero
___
pfSense mailing list
it depends on ipsec configuration.
Eero
4.2.2017 12.16 ip. "Chris" kirjoitti:
> WebDawg wrote:
> > On Sun, Jan 15, 2017 at 7:57 AM, Chris wrote:
> >
> >> is a client able to change his assigned OpenVPN or IPSec IP?
> >>
> >> Are packets still
how about disabling pfs?
Eero
2017-02-03 13:25 GMT+02:00 Roland Giesler <roland@greentree.systems>:
> On Fri, Feb 3, 2017 at 1:19 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
>> It's a bit antique selection of ciphers.
>>
>
> It is indeed.
It's a bit antique selection of ciphers.
Problem is in DH group. try enabling same DH also in pfsense.
--
Eero
2017-02-03 13:17 GMT+02:00 Roland Giesler <roland@greentree.systems>:
> On Tue, Jan 24, 2017 at 8:16 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
>
What hardware is other side running? Why you are trying to use 3des?
Eero
2017-01-17 16:36 GMT+02:00 Roland Giesler :
> We've battled all afternoon to establish an IPSec site-to-site connection.
> Here's what happens:
>
> TimeProcessPIDMessage
> Jan 17 15:58:53
Just configure radius with two factor authentication and point
authentication server to it:
sample how to configure two factor radius under linux:
http://www.supertechguy.com/help/security/freeradius-google-auth
I am using it with minor modifications for vpn and console+gui
authentication..
--
I think it is possible to use lagg interface for workaround with interface
naming?
Eero
2016-11-16 7:14 GMT+02:00 Chris L <c...@viptalk.net>:
> > On Nov 15, 2016, at 1:50 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
> >
> > same ports? you mean tha
ok. does it also sync all settings like ipsec and openvpn keys?
Eero
16.11.2016 7.14 ap. "Chris L" <c...@viptalk.net> kirjoitti:
> > On Nov 15, 2016, at 1:50 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
> >
> > same ports? you mean that same por
ility
> Sync/Configuration Synchronization Settings (XMLRPC Sync)" there is a
> "Remote System Username" field. That field is ignored, and "admin" is
> always used.
>
> --
>
> Steve Yates
> ITS, Inc.
>
> -----Original Message-
> From: Lis
Hi List,
What are requirements for pfsense ha clustering? does any of x86 hardware
work with ha? does hardware need to be identical?
--
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold!
how to configure this kind of setup to pfsense?
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
fixed problems by reinstalling whole system with 2.3 release.
eero
2.11.2016 8.51 ip. "Eero Volotinen" <eero.voloti...@iki.fi> kirjoitti:
> Nanobsd on 2GB cf card.
>
> Eero
>
> 2016-11-02 20:18 GMT+02:00 Renato Botelho <ga...@freebsd.org>:
>
&g
Nanobsd on 2GB cf card.
Eero
2016-11-02 20:18 GMT+02:00 Renato Botelho <ga...@freebsd.org>:
> On 2 Nov 2016, at 15:40, Eero Volotinen <eero.voloti...@iki.fi> wrote:
>
> Well, it just don't find any updates. (from console or from webgui)
>
>
> What is your pla
Well, it just don't find any updates. (from console or from webgui)
Eero
2016-11-02 19:29 GMT+02:00 Renato Botelho <ga...@freebsd.org>:
> > On 2 Nov 2016, at 14:59, Eero Volotinen <eero.voloti...@iki.fi> wrote:
> >
> > thanks.
> >
> > Any idea why I
Hi All,
Is there nowdays 32bit version of pfsense 2.3.x available?
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
1 - 100 of 112 matches
Mail list logo