[pfSense] Access Point Recommendations?
We are having a number of issues with Engenius Access Points... they seems to have the features we need but for some reason, connectivity is not reliable (seems Mac related). As much time as I would like to spend debugging it, it would be cheaper to replace. Does anyone have any recommendations for small office access points? Regards, Chuck ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
Probably get flamed for this but my experience has been positive. Purchase a router that is capable of running Tomato, preferably Toastman or Shibby. I still use a $15 ebay Linksys WRT54GL that is rock solid and with Tomato it includes built in OpenVPN software to connect to pfsense at the office. Paul On Jul 17, 2015, at 10:45 AM, Chuck Mariotti cmario...@xunity.com wrote: We are having a number of issues with Engenius Access Points... they seems to have the features we need but for some reason, connectivity is not reliable (seems Mac related). As much time as I would like to spend debugging it, it would be cheaper to replace. Does anyone have any recommendations for small office access points? ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
Ubiquiti Unifi. I switched to them from Engenuis for several clients. Price point is similar to Engenuis and they use a software based controller (you need to have that installed on some PC in the enviromment.) Signal quality is good. On Jul 17, 2015 9:45 AM, Chuck Mariotti cmario...@xunity.com wrote: We are having a number of issues with Engenius Access Points... they seems to have the features we need but for some reason, connectivity is not reliable (seems Mac related). As much time as I would like to spend debugging it, it would be cheaper to replace. Does anyone have any recommendations for small office access points? Regards, Chuck ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
I guess I should mention, the internet connections are usually 150Mbit+ ... so would need something in the n or a/c range preferably. Lots of devices, laptops (hooked up to Ethernet but still wifi active when walking around). -Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Paul Galati Sent: July-17-15 10:50 AM To: pfSense Support and Discussion Mailing List list@lists.pfsense.org Subject: Re: [pfSense] Access Point Recommendations? Probably get flamed for this but my experience has been positive. Purchase a router that is capable of running Tomato, preferably Toastman or Shibby. I still use a $15 ebay Linksys WRT54GL that is rock solid and with Tomato it includes built in OpenVPN software to connect to pfsense at the office. Paul On Jul 17, 2015, at 10:45 AM, Chuck Mariotti cmario...@xunity.com wrote: We are having a number of issues with Engenius Access Points... they seems to have the features we need but for some reason, connectivity is not reliable (seems Mac related). As much time as I would like to spend debugging it, it would be cheaper to replace. Does anyone have any recommendations for small office access points? ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
On Fri, Jul 17, 2015 at 8:45 AM, Chuck Mariotti cmario...@xunity.com wrote: We are having a number of issues with Engenius Access Points... they seems to have the features we need but for some reason, connectivity is not reliable (seems Mac related). As much time as I would like to spend debugging it, it would be cheaper to replace. Does anyone have any recommendations for small office access points? I second both of the previous replies. I use Unifi and Tomato exclusively for wireless. For budget installs with plenty of features, try Shibby's Tomato on the ASUS RT-N12 or RT-AC66U. For POE, top aesthetics or mass deployment and central management, spend a little more on the Unifi. db ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Any update on 2.2.4?
On Thu, Jul 16, 2015 at 4:22 PM, Ryan Coleman ryan.cole...@cwis.biz wrote: For those of us with IPsec needs: is there an update on the release of 2.2.4? I’m avoiding upgrading my secondary firewall because I cannot afford to lose some basic VPN functionality. Right now we're working through some of the last IPsec test scenarios to verify functionality. A few other things still target 2.2.4, most of which are either fixed and awaiting testing completion, or can be pushed out. Looking to release by end of month. If you're in an affected IPsec circumstance, I'd run a 2.2.4 snapshot at this point. Or just replace /etc/inc/vpn.inc with the latest. https://github.com/pfsense/pfsense/blob/RELENG_2_2/etc/inc/vpn.inc Then hit Save under VPNIPsec and it'll be applied. Might want to stop/start IPsec service (not restart) after doing so to make sure changes are applied and everything previous is definitely gone. — Ryan ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
Another vote for Ubiquiti Unifi APs. Just be aware that the Pro models use standard PoE, but the non-Pro use 24v, so you will need to use the included PoE adapter even if you plug it into a PoE switch. As for the controller software, you only need to have it running while doing config, updates, or looking at stats. If you want stats over time, you will need to leave it running. I just fire it up when setting up new units, then quit the software and let the APs do their thing. Peace, Todd Russell Director of IT and Webmaster Saint Joseph Abbey and Seminary College 985-867-2266 985-789-4319 http://saintjosephabbey.com For IT Requests, please submit a ticket at: https://docs.google.com/forms/d/1e3PCRvnEVNU5-rVFolf9zivA9-m41Nj07eDjjCtFwpI/viewform?usp=send_form#start=invite On Fri, Jul 17, 2015 at 9:45 AM, Chuck Mariotti cmario...@xunity.com wrote: We are having a number of issues with Engenius Access Points... they seems to have the features we need but for some reason, connectivity is not reliable (seems Mac related). As much time as I would like to spend debugging it, it would be cheaper to replace. Does anyone have any recommendations for small office access points? Regards, Chuck ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] multi wan and source nat
I have two wan connections (earthlink[OPT1] and Comcast[WAN]) and one lan. The Comcast is the default WAN/gateway. I need to setup a source NAT so that all outbound traffic from a specific IP address is routed OUT the OPT1 wan connection. I setup an outbound nat but that does not work - it still goes out the default route WAN ISP. I do have a SNAT working for one of my WAS virtual IP's but just not the OPT1 snat setup. Is there a way to route all traffic from a single internal IP address out the OPT1 interface? Vernon ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
Be aware, though, the UAP-AC is missing some banner UniFi features. No Zero-Handoff No Wireless Backhaul I can't tell if any of the UniFi indoor stuff does the UNII-2e/DFS stuff. The AC's certainly don't. On 7/17/15 08:29, David Burgess wrote: On Fri, Jul 17, 2015 at 8:45 AM, Chuck Mariotti cmario...@xunity.com wrote: We are having a number of issues with Engenius Access Points... they seems to have the features we need but for some reason, connectivity is not reliable (seems Mac related). As much time as I would like to spend debugging it, it would be cheaper to replace. Does anyone have any recommendations for small office access points? I second both of the previous replies. I use Unifi and Tomato exclusively for wireless. For budget installs with plenty of features, try Shibby's Tomato on the ASUS RT-N12 or RT-AC66U. For POE, top aesthetics or mass deployment and central management, spend a little more on the Unifi. db ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Issue with Layer 7
Thanks a lot... On Wed, Jul 15, 2015 at 3:07 AM, Chris Buechler c...@pfsense.com wrote: On Tue, Jul 14, 2015 at 5:20 AM, Joy pj.netfil...@gmail.com wrote: Hi, i am using latest version of pfsense 2.2.3 after upgrade from 2.1.5. In 2.1.5 my layer 7 filtration was working perfectly while enabling the same in 2.2.3 not allowing traffic to go outside. Please let me know what could be the solution for the same. It has issues on 2.2.x versions. https://redmine.pfsense.org/issues/4276 ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] multi wan ipsec OPT1
I have two VPN which are established on the OPT1 ip address. The WAN is the default and a different ISP. The VPN (IPSEC) shows the tunnel is up and receiving traffic but no traffic is routing OUT the tunnel. When I do a traceroute from an internal host, it shows the traffic going out the wrong interface. Vernon ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
UniFi has several models, AC included. You can have the controller running on a Raspberry Pi or VM. Best regards Kostas Sent from my iPhone On 17 Ιουλ 2015, at 18:16, Chuck Mariotti cmario...@xunity.com wrote: I guess I should mention, the internet connections are usually 150Mbit+ ... so would need something in the n or a/c range preferably. Lots of devices, laptops (hooked up to Ethernet but still wifi active when walking around). -Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Paul Galati Sent: July-17-15 10:50 AM To: pfSense Support and Discussion Mailing List list@lists.pfsense.org Subject: Re: [pfSense] Access Point Recommendations? Probably get flamed for this but my experience has been positive. Purchase a router that is capable of running Tomato, preferably Toastman or Shibby. I still use a $15 ebay Linksys WRT54GL that is rock solid and with Tomato it includes built in OpenVPN software to connect to pfsense at the office. Paul On Jul 17, 2015, at 10:45 AM, Chuck Mariotti cmario...@xunity.com wrote: We are having a number of issues with Engenius Access Points... they seems to have the features we need but for some reason, connectivity is not reliable (seems Mac related). As much time as I would like to spend debugging it, it would be cheaper to replace. Does anyone have any recommendations for small office access points? ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
Does anyone have any recommendations for small office access points? I use a Zyxel WAP3205 v1, which was fairly inexpensive. I use pfSense to provide DHCP and rules for the clients, and have the features in the WAP that are said to be easy to hack disabled. (like WPA Compatible, and WPS) So, it's basically used as a dumb 802.11 b/g/n radio. However, I do use the mac filter in the WAP. This is more work for me to add a device, but I only have a couple of devices that use it. Range is great, and I actually set the Output Power to 50% so it can't be seen as far away. Newer versions are about $45 on amazon. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
We've gone all-in with AC in challenging environments (crowded, congested etc). UniFi AP-AC to be exact. It's awesome. One trick with UniFi AP-AC (vs AP-PRO) is that UniFi AP-AC *needs* 802.3at PoE PSE. It will APPEAR to work with 802.3af PoE PSE, but it will choke under even light load. Literally it will become power-starved and it will malfunction or reset. We've seen stability with Juniper's 802.3af+ 'PoE-Plus' firmware update which gets you up to ~18w per PD. Without it, the voltage will sag under load and reboot. -K On 7/17/2015 4:11 PM, Chris Bagnall wrote: On 17 Jul 2015, at 15:50, Jim Spaloss jspal...@gmail.com wrote: Ubiquiti Unifi. +1 would recommend - with caveats. The AC model is… flaky - or at least, it was when I tried it at the end of 2014. Only about 50% of client devices would connect at a time - seemingly random - restart the AP and some different ones would connect. Performance was great for those that were connected, but I’d be hesitant about installing it at a paying customer’s premises. As Todd says, the basic UAP is 24v passive PoE, not 48v 802.11af. There is, however, an adapter for around £12 that converts 802.11af into 24v passive PoE, which works well. You don’t need to use the provided AC adapter unless you want to. The UAP Pro is excellent. Standard PoE from any 802.11af switch, good coverage, decent performance, and no problems with dozens of devices connected to it. If you don’t need 5Ghz and you aren’t bothered about the non-standard PoE, then the UAP is cheap-as-chips (around £50 at last check). Otherwise go with the UAP Pro. Kind regards, Chris ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Access Point Recommendations?
On 17 Jul 2015, at 15:50, Jim Spaloss jspal...@gmail.com wrote: Ubiquiti Unifi. +1 would recommend - with caveats. The AC model is… flaky - or at least, it was when I tried it at the end of 2014. Only about 50% of client devices would connect at a time - seemingly random - restart the AP and some different ones would connect. Performance was great for those that were connected, but I’d be hesitant about installing it at a paying customer’s premises. As Todd says, the basic UAP is 24v passive PoE, not 48v 802.11af. There is, however, an adapter for around £12 that converts 802.11af into 24v passive PoE, which works well. You don’t need to use the provided AC adapter unless you want to. The UAP Pro is excellent. Standard PoE from any 802.11af switch, good coverage, decent performance, and no problems with dozens of devices connected to it. If you don’t need 5Ghz and you aren’t bothered about the non-standard PoE, then the UAP is cheap-as-chips (around £50 at last check). Otherwise go with the UAP Pro. Kind regards, Chris -- C.M. Bagnall This email is made from 100% recycled electrons ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
