Thanks Bill!
It seems that if i get some free time I'll attempt to fix that
function to be recursive, and I'll let you know.
Meanwhile the config the wizard generates is a pretty good start for everything.
On 10/9/05, Bill Marquette [EMAIL PROTECTED] wrote:
On 10/9/05, Szasz Revai Endre [EMAIL
We have a wrap board that runs on failover system.
There are about 25 VIP addresses on this system and 8 vlans.
We are having problems with snmpd.
It does not respond to a snmpwalk. Netstat says it is
listening on all ports
Top says that it is running. There are no blocks in the
hi,
i would like to know how to enable passive ftp transfers thru pfsense
because opening 21/tcp and 20/tcp|20/udp seems not to be enough (what
about the dynamically open ports to allow such type of connection?)
TIA,
Rgds,
jonathan
Hi,
i think the information on the web do not reflect my inquiry but of
course i may be wrong. I would like to know how to upgrade my platform
from 0.86.2 to 0.86.4.
I would appreciate a link or a quick how-to.
TIA,
Rgds,
jonathan
On 10/10/05, Jonathan Gonzalez [EMAIL PROTECTED] wrote:
Hi,
i think the information on the web do not reflect my inquiry but of
course i may be wrong. I would like to know how to upgrade my platform
from 0.86.2 to 0.86.4.
Download the full update from the website.
Login to the web-gui and
1. Download the latest full upgradefile from a mirror near you (like
ftp://reflection.ncsa.uiuc.edu/pub/pfSense/updates/pfSense-Full-Update-0.86.4.tgz
). You find the mirrors selection at our page under Downloads/Upgrades.
2. Go in your WebGui to generalfirmware and go to tab manual upgrade
3.
Thanks a lot Holger ;)
jonathan
On 10/10/05, Holger Bauer [EMAIL PROTECTED] wrote:
1. Download the latest full upgradefile from a mirror near you (like
ftp://reflection.ncsa.uiuc.edu/pub/pfSense/updates/pfSense-Full-Update-0.86.4.tgz
). You find the mirrors selection at our page under
Hi,
I've got passive ftp going, here's the relevant rules. I'm trying to get
active working and that is not.
Thanks.
Dave.
rules
ext_if = rl0
int_if = xl0
int_net=$int_if:network
tcp_state=flags S/SA modulate state
# translate lan client addresses to that of the external interface
nat on
Hi Dave [hi all],
when i said passive ftp i was thinking in allow passive ftp to work
from external clients to my server, which is hosted behind pfsense.
I understand that your comment only applies to internal to external
connections, isn't it?
TIA,
Rgds,
jonathan
On 10/10/05, Dave [EMAIL
As of 0.86.4 there should be a automatic ftp helper that is launched
for internet - lan ftp redirections. Make sure you're on the latest
version.
Scott
On 10/10/05, Jonathan Gonzalez [EMAIL PROTECTED] wrote:
Hi Dave [hi all],
when i said passive ftp i was thinking in allow passive ftp to
At 11:13 AM 10/10/2005, you wrote:
As of 0.86.4 there should be a automatic ftp helper that is launched
for internet - lan ftp redirections. Make sure you're on the latest
version.
Hmmm, I'm on 0.86.4 now, and it doesn't work for me. I went to an
external linux server and ftp'ed back in to
No route to host seems a little odd. Where did you start the ftp from
and where was it going to (lan - dmz)?
-Original Message-
From: Dan Swartzendruber [mailto:[EMAIL PROTECTED]
Sent: Monday, October 10, 2005 10:24 AM
To: support@pfsense.com
Subject: Re: [pfSense Support] passive ftp
Oh sorry I didn't read this very well. I'm guessing the problem has to
do with the ftp proxy (pftpx) saying the data channel is on 10.0.0.2.
227 Entering Passive Mode (10,0,0,2,191,87) - 10,0,0,2
-Original Message-
From: Dan Swartzendruber [mailto:[EMAIL PROTECTED]
Sent: Monday, October
I have just updated from 0.82.4 0.86.4 and find
that the webConfigurator (custom) username is
still not being used (still uses admin). I found
this to be the case in the 0.86 version also.
Though upon looking at the config it clearly shown
the username change in the config file.
Bug. http://cvstrac.pfsense.com/tktview?tn=598,6
Scott
On 10/10/05, David Strout [EMAIL PROTECTED] wrote:
I have just updated from 0.82.4 0.86.4 and find
that the webConfigurator (custom) username is
still not being used (still uses admin). I found
this to be the case in the 0.86 version
At 11:46 AM 10/10/2005, you wrote:
Oh sorry I didn't read this very well. I'm guessing the problem has to
do with the ftp proxy (pftpx) saying the data channel is on 10.0.0.2.
227 Entering Passive Mode (10,0,0,2,191,87) - 10,0,0,2
ah, yeah, i didn't notice that either. not enough coffee, i
Bug.
http://cvstrac.pfsense.com/tktview?tn=598,6
So, is there a manual edit I can do to fix this,
as the CVS track shows?
Scott
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL
Hi,
Yes, my comment was internal connections to external servers.
Dave.
- Original Message -
From: Jonathan Gonzalez [EMAIL PROTECTED]
To: support@pfsense.com
Sent: Monday, October 10, 2005 10:59 AM
Subject: Re: [pfSense Support] passive ftp
Hi Dave [hi all],
when i said passive ftp
Not as of yet.
On 10/10/05, David Strout [EMAIL PROTECTED] wrote:
Bug.
http://cvstrac.pfsense.com/tktview?tn=598,6
So, is there a manual edit I can do to fix this,
as the CVS track shows?
Scott
-
To unsubscribe,
Hi,
I've created a site-to-site IPSec tunnel between my home and office.
At home I'm using the latest pfsense, 0.86.4, and at work, m0n0wall.
I used the basic instructions in the tutorial.
The home network is 10.53.x.x/24, the work network is 192.168.x.x/24.
Both are NAT'ed.
At home I have a
Hmm do you have any telnet servers you could try to connect to thought
the tunnel? I'm wondering if you're running into a MSS/no fragmentation
issue.
It might be nice to see a
tcpdump -ni $lan-if -w output.pcap 'host $your_client_ip'
from the firewall. Let it capture for 5 mins while you try the
Are you querying the machine via a virtual ip or via its real ip?
On 10/10/05, alan walters [EMAIL PROTECTED] wrote:
We have a wrap board that runs on failover system.
There are about 25 VIP addresses on this system and 8 vlans.
We are having problems with snmpd.
It does not respond
Please refer to the m0n0wall documentation conerning OpenVPN.
This may be helpful:
http://m0n0.ch/wall/list/showmsg.php?id=103/47
Scott
On 10/9/05, jonathan gonzalez [EMAIL PROTECTED] wrote:
hi,
i've activated developer menu options to get access to openvpn. i'd need
to create the certs,
Fleming, John (ZeroChaos) wrote:
I'm guessing we might need to do some mss fixup for ipsec tunnels.
and you'd be right. I'm not sure where it breaks down, but PMTUD is
b0rk over IPsec tunnels. Has always been an issue in m0n0wall. I've
looked at it some, but wasn't able to determine
Yes, that would be outstanding. Feel free to mark it up on wiki.pfsense.com
Thanks!!
On 10/10/05, jonathan gonzalez [EMAIL PROTECTED] wrote:
Hi Scott,
i will try to do it tomorrow. Are you (the group) interested in have in
the wiki a page describing the process, so there's no need to
I'll try the suggestions when I get home tonight.
Thanks for the help.
Jason
On 10/10/05, Bill Marquette [EMAIL PROTECTED] wrote:
I don't have a box in front of me right now, but from memory, try setting
the MTU in the WAN screen - if I remember right, that'll force PF to do MSS
fixups.
and if you (or anyone else) don't know how to use the wiki, it's really
very simple once you know a few basic things. Just take a minute and
read through the HowToWiki entry I wrote yesterday.
http://wiki.pfsense.com/wikka.php?wakka=HowToWiki
Scott Ullrich wrote:
Yes, that would be
At 12:44 PM 10/10/2005, you wrote:
This is what the man page says for the -f switch.
-f address
Fixed server address. The proxy will always connect to the
same
server, regardless of where the client wanted to connect to
(before it was redirected). Use
At 04:38 PM 10/10/2005, you wrote:
Well I'm not sure to tell you the truth. I wonder if binding it to the
inet facing ip would fix it. The only this is this would remove the need
for nat as you would have the proxy handle all the hand offs. :/
Try this. Kill pftpx (only the one with the -c 21
File a ticket on cvstrac and I will change the behavior to start the
ftp helper using:
/usr/local/sbin/pftpx -b $inet-address -c 21 -f 10.0.0.2 -g 21
Scott
On 10/10/05, Dan Swartzendruber [EMAIL PROTECTED] wrote:
At 04:38 PM 10/10/2005, you wrote:
Well I'm not sure to tell you the truth. I
At 05:04 PM 10/10/2005, you wrote:
File a ticket on cvstrac and I will change the behavior to start the
ftp helper using:
/usr/local/sbin/pftpx -b $inet-address -c 21 -f 10.0.0.2 -g 21
Roger. Thx!
-
To unsubscribe,
Running PPPoE as the client on Wan?On 10/10/05, Jason Landry [EMAIL PROTECTED] wrote:
I tried setting the MTU on the WAN interface in pfsense to 1400 butthat didn't work.I set the MTU on my desktop machine to 1400...and everything works now- sql remote desktop.Thanks for the help!
JasonOn
On 10/10/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Hello,
I've been struggling trying to install pfSense on my
system for several days now. My system only has 1 IDE channel. I am
planning on running off of a Compact Flash through an IDE adapter. This
way, my system will have
Well, here's an interesting side effect.
I can no longer access the m0n0wall through the LAN address through the tunnel.
At home, I'm at 10.53.64.110
The m0n0wall at work is at 192.168.1.1
Before changing the MTU to 1400 on my client machine, I could simply
go to 192.168.1.1 in my browser, and
On 10/8/05, Szasz Revai Endre [EMAIL PROTECTED] wrote:
1) Is it possible, in the traffic shaper - to create another parent queue (parent to HFSC) - and to add some rules to this queue, so that traffic coming andgoing from specific ip adresses would go through this queue (which
wouldhave separate
On 10/10/05, Bill Marquette [EMAIL PROTECTED] wrote:
I've been thinking a little more about this. Is the MAN part of
your local subnet? IE, if the pfSense WAN interface was on
24.0.0.0/8 is the MAN the same subnet, or is it just something you have
to go through? I think I can make an easy change
Bill Marquette wrote:
Probably cause it's impossible to buy a HD that is too small for
pfSense? CF isn't HD even if it might look like that to the PC - nor
do you want to use a CF as a HD (read the archives for reasons).
or the FAQ, I added an entry on this tonight per someone's suggested
37 matches
Mail list logo