Re: [pfSense] Problem with a second pfSense in LAN
> That's the behavior of dhcp6c if you configure it to obtain a prefix > delegation, and the DHCP6 server doesn't offer one. Set the PD size to > "none" if you're not handing out PDs. using just pfsense for both RA and DHCP seem to have fixed the issue, I'll stay this way. thanks -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Problem with a second pfSense in LAN
:46:42 dharma dhclient: XMT: Confirm on wlan0, interval 1030ms. Aug 6 13:46:42 dharma dhclient: RCV: Reply message on wlan0 from fe80::5054:ff:fecb:dd27. Aug 6 13:46:42 dharma dhclient: message status code Success: "all addresses still on link" Aug 6 13:46:42 dharma NetworkManager[885]: (wlan0): DHCPv6 state changed preinit6 -> bound6 Aug 6 13:46:42 dharma NetworkManager[885]:valid_lft 7500 Aug 6 13:46:42 dharma NetworkManager[885]:preferred_lft 7200 Aug 6 13:46:42 dharma NetworkManager[885]:address 2001:1:2:858b::ff2f Aug 6 13:46:42 dharma NetworkManager[885]:nameserver '2001:1:2:858b::190' -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] OpenVPN - nat - IPSec tunnel
Right now I have: LAN: 10.1.1.0/24 IPSEC remote: 10.99.99.0/24 OpenVPN: 172.16.12.0/24 Since I cannot change the IPSec network I'd like to NAT the OpenVPN net to the tunnel. I added a second phase2 entry, with the OpenVPN network in the upper part, and the LAN net in the second local network area, where it mentions NATting, but it's not working. I added a new phase2 entry with the OpenVPN subnet, NATted to the LAN one, and it works! -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] OpenVPN - nat - IPSec tunnel
Hi. I've a working IPSec tunnel to another endpoint. I'd like to be able to access this tunnel from OpenVPN. Right now I have: LAN: 10.1.1.0/24 IPSEC remote: 10.99.99.0/24 OpenVPN: 172.16.12.0/24 Since I cannot change the IPSec network I'd like to NAT the OpenVPN net to the tunnel. I added a second phase2 entry, with the OpenVPN network in the upper part, and the LAN net in the second local network area, where it mentions NATting, but it's not working. I have no blocking rules on OpenVPN firewall, and very few in IPSec. Is this solution working? Is the approach corect? Any help is welcome. ciao -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] QoS for fairness usage
Hi I found this [1] nice and quick howto which explains how to set up pfSense QoS to obtain fair usage between clients, so that one will not suck all the available bandwidth. Has anyone tried it? is it working for you? I made a quick check and doesn't really seem to, I started a download on my laptop and then on the server and the latter was going nearly full speed, leaving less than 100kB/s to my client. [1] http://www.gridstorm.net/pfsense-traffic-limiting-fair-share/ -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] [2.2] IPSec and default route
aparently the VPN is not routing any traffic, not even if I manually add the route on the client. - Messaggio originale - Da: Lorenzo Milesi max...@ufficyo.com A: list list@lists.pfsense.org Inviato: Lunedì, 26 gennaio 2015 9:11:12 Oggetto: [pfSense] [2.2] IPSec and default route Hi. Over the weekend I upgraded to 2.2 and the process went fine. Now I'm connecting from remote using mobile clients setup and I see I cannot use the VPN anymore as default route. I see in my client's syslog: Jan 26 08:48:54 dharma NetworkManager[979]: info VPN connection 'YO' (IP4 Config Get) reply received from old-style plugin. Jan 26 08:48:54 dharma NetworkManager[979]: info VPN Gateway: 5.2.3.1 Jan 26 08:48:54 dharma NetworkManager[979]: info Tunnel Device: tun0 Jan 26 08:48:54 dharma NetworkManager[979]: info IPv4 configuration: Jan 26 08:48:54 dharma NetworkManager[979]: info Internal Address: 10.22.124.1 Jan 26 08:48:54 dharma NetworkManager[979]: info Internal Prefix: 24 Jan 26 08:48:54 dharma NetworkManager[979]: info Internal Point-to-Point Address: 10.22.124.1 Jan 26 08:48:54 dharma NetworkManager[979]: info Maximum Segment Size (MSS): 0 Jan 26 08:48:54 dharma NetworkManager[979]: info Static Route: 10.10.122.0/24 Next Hop: 10.10.122.0 Jan 26 08:48:54 dharma NetworkManager[979]: info Forbid Default Route: yes Jan 26 08:48:54 dharma NetworkManager[979]: info Internal DNS: 10.10.122.10 Jan 26 08:48:54 dharma NetworkManager[979]: info DNS Domain: '(none)' Why strongSwan introduced that Forbid default route: yes? I didn't find any option to re-enable it in pfSense UI. I used this [1] guide to set up Mobile VPN on 2.1. thanks [1] https://doc.pfsense.org/index.php/IPsec_Road_Warrior/Mobile_Client_How-To -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] [2.2] IPSec and default route
aparently the VPN is not routing any traffic, not even if I manually add the route on the client. racoon accepted misconfiguration: https://doc.pfsense.org/index.php/Upgrade_Guide#IPsec_Changes | Behavior changes where an incorrect configuration that worked before no longer will – There may be things that worked with racoon which were | technically not configured correctly, but still worked. The only instance of this we’ve seen is for mobile IPsec clients, where Internet traffic | could pass in some circumstances without having specified 0.0.0.0/0 as the local network in the mobile phase 2 configuration. | If your mobile IPsec clients need to access the Internet via IPsec, your mobile phase 2 must specify 0.0.0.0/0 as the local network. -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] [2.2] IPSec and default route
Hi. Over the weekend I upgraded to 2.2 and the process went fine. Now I'm connecting from remote using mobile clients setup and I see I cannot use the VPN anymore as default route. I see in my client's syslog: Jan 26 08:48:54 dharma NetworkManager[979]: info VPN connection 'YO' (IP4 Config Get) reply received from old-style plugin. Jan 26 08:48:54 dharma NetworkManager[979]: info VPN Gateway: 5.2.3.1 Jan 26 08:48:54 dharma NetworkManager[979]: info Tunnel Device: tun0 Jan 26 08:48:54 dharma NetworkManager[979]: info IPv4 configuration: Jan 26 08:48:54 dharma NetworkManager[979]: info Internal Address: 10.22.124.1 Jan 26 08:48:54 dharma NetworkManager[979]: info Internal Prefix: 24 Jan 26 08:48:54 dharma NetworkManager[979]: info Internal Point-to-Point Address: 10.22.124.1 Jan 26 08:48:54 dharma NetworkManager[979]: info Maximum Segment Size (MSS): 0 Jan 26 08:48:54 dharma NetworkManager[979]: info Static Route: 10.10.122.0/24 Next Hop: 10.10.122.0 Jan 26 08:48:54 dharma NetworkManager[979]: info Forbid Default Route: yes Jan 26 08:48:54 dharma NetworkManager[979]: info Internal DNS: 10.10.122.10 Jan 26 08:48:54 dharma NetworkManager[979]: info DNS Domain: '(none)' Why strongSwan introduced that Forbid default route: yes? I didn't find any option to re-enable it in pfSense UI. I used this [1] guide to set up Mobile VPN on 2.1. thanks [1] https://doc.pfsense.org/index.php/IPsec_Road_Warrior/Mobile_Client_How-To -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Route OpenVPN traffic to the available IPSec tunnels
Hi. Is it possible to route OpenVPN clients to the available IPSec routes? I currently have 3 IPSec tunnels on my pfSense, and seldomly I need to access those routes outiside my office. Is it possible to do so? In my firewall rules I have no restrictions, all traffic is allowed. I tried adding the route manually but apparently this is not enough because pfSense won't route my packets to the tunnel. Has this something to do with IPSec's phase2 entry? thanks -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] KVM virtualization: Fatal trap 9: general protection fault while in kernel mode
Hi. Thanks for your feedback. I have used the virtio drivers for nics, storage, and memory ballooning, but because of the steps you have to take to switch to virtio, I'm using e1000 and IDE emulation on this one to keep it simple. Did you ever had troubles with virtio drivers? I started using them but had some issues, so eventually stopped even if not sure that was the real issue. Also from discussions on the kvm ml I found out there's no big performance improvement compared to the e1000 emulation. What host OS are you using, and what hardware is it running on? (real cpu, ram, and storage) Intel(R) Xeon(R) CPU E5-2620 0 @ 2.00GHz, RAM DDR3 1333 MHz, disk MegaRAID SAS 2208. The host OS is Ubuntu 12, libvirt 0.9.8, qemu 1.0+noroms-0ubuntu14.15. Is it possible to see the results of virsh dumpxml for the guest? Here it is! domain type='kvm' id='11' namepfsense2_1/name uuid0dffd074-abc0-2654-22b4-789b1a99f25f/uuid memory2097152/memory currentMemory2097152/currentMemory vcpu2/vcpu os type arch='x86_64' machine='pc-1.0'hvm/type boot dev='hd'/ /os features acpi/ apic/ pae/ /features clock offset='utc'/ on_poweroffdestroy/on_poweroff on_rebootrestart/on_reboot on_crashrestart/on_crash devices emulator/usr/bin/kvm/emulator disk type='block' device='disk' driver name='qemu' type='raw'/ source dev='/dev/vgobs/pfsense2_1'/ target dev='vda' bus='virtio'/ alias name='virtio-disk0'/ address type='pci' domain='0x' bus='0x00' slot='0x06' function='0x0'/ /disk disk type='block' device='cdrom' driver name='qemu' type='raw'/ target dev='hdc' bus='ide'/ readonly/ alias name='ide0-1-0'/ address type='drive' controller='0' bus='1' unit='0'/ /disk controller type='ide' index='0' alias name='ide0'/ address type='pci' domain='0x' bus='0x00' slot='0x01' function='0x1'/ /controller interface type='bridge' mac address='52:54:00:fa:e1:61'/ source bridge='br0'/ target dev='vnet1'/ model type='e1000'/ alias name='net0'/ address type='pci' domain='0x' bus='0x00' slot='0x03' function='0x0'/ /interface interface type='bridge' mac address='52:54:00:75:80:bd'/ source bridge='br1'/ target dev='vnet2'/ model type='e1000'/ alias name='net1'/ address type='pci' domain='0x' bus='0x00' slot='0x04' function='0x0'/ /interface interface type='bridge' mac address='52:54:00:90:c7:64'/ source bridge='br3'/ target dev='vnet3'/ model type='e1000'/ alias name='net2'/ address type='pci' domain='0x' bus='0x00' slot='0x07' function='0x0'/ /interface serial type='pty' source path='/dev/pts/1'/ target port='0'/ alias name='serial0'/ /serial console type='pty' tty='/dev/pts/1' source path='/dev/pts/1'/ target type='serial' port='0'/ alias name='serial0'/ /console input type='mouse' bus='ps2'/ graphics type='vnc' port='5901' autoport='yes'/ video model type='cirrus' vram='9216' heads='1'/ alias name='video0'/ address type='pci' domain='0x' bus='0x00' slot='0x02' function='0x0'/ /video memballoon model='virtio' alias name='balloon0'/ address type='pci' domain='0x' bus='0x00' slot='0x05' function='0x0'/ /memballoon /devices seclabel type='dynamic' model='apparmor' relabel='yes' labellibvirt-0dffd074-abc0-2654-22b4-789b1a99f25f/label imagelabellibvirt-0dffd074-abc0-2654-22b4-789b1a99f25f/imagelabel /seclabel /domain -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] KVM virtualization: Fatal trap 9: general protection fault while in kernel mode
Hi. I'm reposting here a question I asked on the forum, hoping for a different audience. I'm running pfSense for some time now, since 2.0.something it has always been running without issues. With the latest 2.1 releases I'm very rarely running into crashes. Today I managet do catch one: Fatal trap 9: general protection fault while in kernel mode [...] Stopped at rn_match+0x25: cmpw $0,0x10(%r13) Here's a full screenshot of dump caught on console: https://dl.dropboxusercontent.com/u/706934/pfsense_crash.png The VM is configured with VirtIO disks, emulated e1000 network cards. Any hint on what it could be? Where to look at? thanks -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Doubt with remote access and multi wan
Hi. I've set up a multi wan configuration to a remote site. I configured three routing groups, one with balancing and two with failover, and from the LAN side everything seems to be fine. Problems come with remote access. I need SSH access from outside to an host in the LAN. I configured port forward on both WAN interfaces, and it works but randomly, because sometimes I get connection timeouts. I believe this happens for incorrect routing, but cannot figue out where's the configuration error. My LAN rules are pretty simple, I've just set some custom services with WAN1 or WAN2 priority, and everything else in load balancing. My outbound NAT mode is Manual, I duplicated every rule created automatically for WAN1 to WAN2. Could it be the load balancing which makes my ssh connections from outside timeout? Aren't connections coming from a specific WAN rerouted back to the same connection? thanks -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] IPSec to Cisco SRP527W not working: time up waiting for phase1
ended up being the crappy Cisco not correctly taking the settings. After creating a new IKE and IPSEC policy on the router with the correct settings it worked immediately! - Messaggio originale - Da: Lorenzo Milesi max...@ufficyo.com A: pfSense support and discussion list@lists.pfsense.org Inviato: Martedì, 4 marzo 2014 15:34:43 Oggetto: [pfSense] IPSec to Cisco SRP527W not working: time up waiting for phase1 Hi. I'm having troubles connecting a Cisco SRP527W to pfSense using an IPSec VPN. Well, to be honest I have problems with a single specific setup. The SRP527W is a DSL modem/router, and has public IP. pfSense is on a fixed IP DSL connection but NATted: there is a modem with the public ip, then a private lan (172.16.16.x) between the modem and the firewall, which has IP 172.16.16.2. pfSense fails to establish a connection apparently with the following error: racoon: [Casa Ste]: [87.14.119.1] ERROR: phase2 negotiation failed due to time up waiting for phase1 [Remote Side not responding]. ESP 87.14.119.1[0]-172.16.16.2[0] I checked settings of encryption, hash algorithm and DH key group and they match. Since the Cisco doesn't have a setting for phase1 lifetime I had to enable debug and go through the logs to understand what was the appropriate setting. After all this hassle the VPN still won't connect. NAT-T is enabled on both sides. I don't know what else to look for. The only problem I can think of are the local/remote identifier fields. I tried setting defaults on pfSense (my ip address/peer ip address) but no way. I tried using the public hostname of pfSense as identifier for the firewall end, but still no way. As a check I configured my office's pfSense, which has a public IP address, to connect to the SRP and works great. Then I configured another VPN from my office to the other pfSense and works great. So the only configuration not working is between the SRP and the NATted pfSense! I don't know what else to check. Any hint is really welcome. Thanks P.S. here's part of the racoon log Mar 4 15:32:07 pfsense racoon: DEBUG: evaluating sainfo: loc='192.168.55.0/24', rmt='10.22.22.0/24', peer='ANY', id=2 Mar 4 15:32:07 pfsense racoon: DEBUG: remoteid mismatch: 2 != 3 Mar 4 15:32:07 pfsense racoon: DEBUG: evaluating sainfo: loc='192.168.55.0/24', rmt='192.168.15.0/24', peer='ANY', id=3 Mar 4 15:32:07 pfsense racoon: DEBUG: check and compare ids : values matched (IPv4_subnet) Mar 4 15:32:07 pfsense racoon: DEBUG: cmpid target: '192.168.55.0/24' Mar 4 15:32:07 pfsense racoon: DEBUG: cmpid source: '192.168.55.0/24' Mar 4 15:32:07 pfsense racoon: DEBUG: check and compare ids : values matched (IPv4_subnet) Mar 4 15:32:07 pfsense racoon: DEBUG: cmpid target: '192.168.15.0/24' Mar 4 15:32:07 pfsense racoon: DEBUG: cmpid source: '192.168.15.0/24' Mar 4 15:32:07 pfsense racoon: DEBUG: selected sainfo: loc='192.168.55.0/24', rmt='192.168.15.0/24', peer='ANY', id=3 Mar 4 15:32:07 pfsense racoon: DEBUG: (proto_id=ESP spisize=4 spi= spi_p= encmode=Tunnel reqid=16574:16573) Mar 4 15:32:07 pfsense racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-md5) Mar 4 15:32:07 pfsense racoon: DEBUG: (trns_id=3DES encklen=0 authtype=hmac-sha) Mar 4 15:32:07 pfsense racoon: DEBUG: in post_acquire Mar 4 15:32:07 pfsense racoon: [87.14.119.1] DEBUG: configuration 87.14.119.1[500] selected. Mar 4 15:32:07 pfsense racoon: INFO: IPsec-SA request for 87.14.119.1 queued due to no phase1 found. Mar 4 15:32:07 pfsense racoon: DEBUG: === Mar 4 15:32:07 pfsense racoon: INFO: initiate new phase 1 negotiation: 172.16.16.2[500]=87.14.119.1[500] Mar 4 15:32:07 pfsense racoon: INFO: begin Aggressive mode. Mar 4 15:32:07 pfsense racoon: DEBUG: new cookie: d33f0047a727df6d Mar 4 15:32:07 pfsense racoon: DEBUG: use ID type of FQDN Mar 4 15:32:07 pfsense racoon: DEBUG: compute DH's private. Mar 4 15:32:07 pfsense racoon: DEBUG: 74acd334 0866d0a7 89800e3b ca36aa43 9eb23b83 6d3fffd1 9bf7d897 1d6a2054 e1f4deea 16994abd 3c831de0 e8dd8a23 2725c8ba 8a3703db f3469d78 882866aa 5250f4f4 d4b04a06 2f9ebeac b01183c1 3af66506 fd1abd5d ed955ef5 679a8cb1 506a82e0 29c2c8b8 0647e976 805492ff 42734137 367b9169 b5a03605 6344ab4b Mar 4 15:32:07 pfsense racoon: DEBUG: compute DH's public. Mar 4 15:32:07 pfsense racoon: DEBUG: 9c35f255 04e204c6 9651dd05 751d7fc9 668e79dd 8163ed73 1a398cf1 28c78ec8 f9b0330e e9c63c99 e9724127 590eb6e0 439426c8 efbd5d74 33021dd7 dcc61148 a4353741 ea4386fb 112384f0 79b5debc 470dd6b2 b1433fae 0fc12a6f 992d8b89 bbe51a24 a7128c97 c2578d03 3fc49499 9ee628cd f29c8b93 d43540b4 3bf989fa Mar 4 15:32:07 pfsense racoon: DEBUG: authmethod is pre-shared key Mar 4 15:32:07 pfsense racoon: DEBUG: add payload of len 52, next type 4 Mar 4 15:32:07 pfsense racoon: DEBUG: add payload of len 128, next type 10 Mar 4 15:32:07 pfsense racoon: DEBUG: add payload of len 16, next type 5
[pfSense] IPSec to Cisco SRP527W not working: time up waiting for phase1
: DEBUG: send packet to 87.14.119.1[500] Mar 4 15:32:37 pfsense racoon: DEBUG: 1 times of 388 bytes message will be sent to 87.14.119.1[500] Mar 4 15:32:37 pfsense racoon: DEBUG: d33f0047 a727df6d 01100400 0184 0438 0001 0001 002c 01010001 0024 0101 800b0001 000c0004 00014c83 80010005 80030001 80020001 80040002 0a84 9c35f255 04e204c6 9651dd05 751d7fc9 668e79dd 8163ed73 1a398cf1 28c78ec8 f9b0330e e9c63c99 e9724127 590eb6e0 439426c8 efbd5d74 33021dd7 dcc61148 a4353741 ea4386fb 112384f0 79b5debc 470dd6b2 b1433fae 0fc12a6f 992d8b89 bbe51a24 a7128c97 c2578d03 3fc49499 9ee628cd f29c8b93 d43540b4 3bf989fa 0514 c7649af5 a3006135 aa508181 bf650b72 0d1c 0200 706f7374 612e7465 63686e69 6f6e7372 6c2e6974 0d18 4048b7d5 6ebce885 25e7de7f 00d6c2d3 8000 0d14 4a131c81 07035845 5c5728f2 0e95452f 0d14 cd604643 35df21f8 7cfdb2fc 68b6a448 0d14 90cb8091 3ebb696e 086381b5 ec427b1f 0d14 4485152d 18b6bbcd 0be8a846 9579ddcc 0014 afcad713 68a1f1c9 6b8696fc 77570100 Mar 4 15:32:37 pfsense racoon: DEBUG: resend phase1 packet d33f0047a727df6d: Mar 4 15:32:39 pfsense racoon: [87.14.119.1] ERROR: phase2 negotiation failed due to time up waiting for phase1. ESP 87.14.119.1[0]-172.16.16.2[0] Mar 4 15:32:39 pfsense racoon: INFO: delete phase 2 handler. Mar 4 15:32:45 pfsense racoon: DEBUG: KA: 172.16.16.2[4500]-93.149.11.106[4500] Mar 4 15:32:45 pfsense racoon: DEBUG: sockname 172.16.16.2[4500] Mar 4 15:32:45 pfsense racoon: DEBUG: send packet from 172.16.16.2[4500] Mar 4 15:32:45 pfsense racoon: DEBUG: send packet to 93.149.11.106[4500] Mar 4 15:32:45 pfsense racoon: DEBUG: 1 times of 1 bytes message will be sent to 93.149.11.106[4500] Mar 4 15:32:45 pfsense racoon: DEBUG: ff Mar 4 15:32:47 pfsense racoon: DEBUG: 388 bytes from 172.16.16.2[500] to 87.14.119.1[500] Mar 4 15:32:47 pfsense racoon: DEBUG: sockname 172.16.16.2[500] Mar 4 15:32:47 pfsense racoon: DEBUG: send packet from 172.16.16.2[500] Mar 4 15:32:47 pfsense racoon: DEBUG: send packet to 87.14.119.1[500] Mar 4 15:32:47 pfsense racoon: DEBUG: 1 times of 388 bytes message will be sent to 87.14.119.1[500] -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list