[pfSense Support] pfsense and relayd
the load balancing feature in pfsense is a little bit basic. is anyone working on a port/package of relayd, and if so, how well does it work? found some recent news about it in an openbsd blog http://www.bsdlover.cn/html/54/n-1154.html thanks - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] pfsense and relayd
Yes, its it 2.0 Paul Mansfield wrote: the load balancing feature in pfsense is a little bit basic. is anyone working on a port/package of relayd, and if so, how well does it work? found some recent news about it in an openbsd blog http://www.bsdlover.cn/html/54/n-1154.html thanks - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] what VPN to use
Hi, I'm intending to implement VPN into our network, from various windows machines at peopel's houses. Can anyone reccomend a product that will work well with pfsense - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] what VPN to use
OpenVPN! Secure, robust, and stable. What more could you ask? Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 - Nick Upson nick.up...@gmail.com wrote: Hi, I'm intending to implement VPN into our network, from various windows machines at peopel's houses. Can anyone reccomend a product that will work well with pfsense - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] what VPN to use
Hi Nick Upson wrote: Hi, I'm intending to implement VPN into our network, from various windows machines at peopel's houses. Can anyone reccomend a product that will work well with pfsense I recommend OpenVPN with pfSense. I've deployed it for various windows machines using version 2.0.9. As a helper I used the openvpn-gui-1.0.3.exe so that the user can control the connection. Oiver - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Multiple Users / Login
Chris Flugstad wrote: DOh! I searched, and I have over 10,000 emails from this list :-D, i searched, but thought someone had to have brought it up yes, but not to web interface. if you ensure you have ssh access, you can manually save a backup config file in case of dire problems. in the advanced functions 1/ enable ssh works - I'd advise setting it up on an alternative port as it helps stops scans and brute-force attacks (e.g. ) *** before changing the port, ensure you have added a rule to permit access from your remote IP (I wouldn't advise global access)!*** 2/ put your (and other admin's) key into the ssh authorized keys box (and save!) 3/ test carefully for bonus points, you could set up openvpn to remotely admin the box without exposing ssh. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] pfsense 1.2.3 checkip.dyndns.org reveals NAT address instead of WAN IP ?
I upgraded some days ago to 1.2.3 because of a problem between updates... I am quite sure, that 1.2.1RC1 did resolve to my WAN IP... but I am struggling with my FTP server here in my LAN ever since I upgraded to 1.2.3 So I was thinking about on how to solve this, checked out the FAQ about the ftp server... and my FTP server only has the option to resolve it's WAN IP automatically... so I am pretty sure, that this FTP server is announcing itself with it's LAN address... which won't work out at the end. I'm sure I messed something up... but I can't think of what I did wrong... I tried to disable the squid for my IP - but this doesn't change anything...
Re: [pfSense Support] what VPN to use
+1 for OpenVPN. Once you wrap your head around the certificate creation, it's quite easy and in each instance where I have both Cisco VPN and OpenVPN, performance is better for OpenVPN. Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com On Fri, Feb 6, 2009 at 11:04 AM, Hassan Manji hkma...@gmail.com wrote: Just to add my support for Open VPN We use open VPN between offices (using PFSense boxes) and the OpenVPN gui on windows machines direct to HQ PFSense box. Works sweet. Rgds Hassan On Fri, Feb 6, 2009 at 3:24 PM, Oliver von Bueren maill...@ovb.ch wrote: Hi Nick Upson wrote: Hi, I'm intending to implement VPN into our network, from various windows machines at peopel's houses. Can anyone reccomend a product that will work well with pfsense I recommend OpenVPN with pfSense. I've deployed it for various windows machines using version 2.0.9. As a helper I used the openvpn-gui-1.0.3.exe so that the user can control the connection. Oiver - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] what VPN to use
Replying to myself here. In the current version of pfSense, I do not believe it is possible to firewall/filter traffic on your OpenVPN interfaces. IIRC, this functionality is coming in 2.0. If you need filtering, you may want to look at IPSEC instead. Just please for the love of insert your favorite deity here, don't use PPTP. :-) Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 - Tim Nelson tnel...@rockbochs.com wrote: OpenVPN! Secure, robust, and stable. What more could you ask? Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 - Nick Upson nick.up...@gmail.com wrote: Hi, I'm intending to implement VPN into our network, from various windows machines at peopel's houses. Can anyone reccomend a product that will work well with pfsense - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] what VPN to use
But what if I want to VPN with my iPhone :) /kidding Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com On Fri, Feb 6, 2009 at 11:25 AM, Tim Nelson tnel...@rockbochs.com wrote: Replying to myself here. In the current version of pfSense, I do not believe it is possible to firewall/filter traffic on your OpenVPN interfaces. IIRC, this functionality is coming in 2.0. If you need filtering, you may want to look at IPSEC instead. Just please for the love of insert your favorite deity here, don't use PPTP. :-) Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 - Tim Nelson tnel...@rockbochs.com wrote: OpenVPN! Secure, robust, and stable. What more could you ask? Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 - Nick Upson nick.up...@gmail.com wrote: Hi, I'm intending to implement VPN into our network, from various windows machines at peopel's houses. Can anyone reccomend a product that will work well with pfsense - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Load balancer
Hello all, I'm using pfsense to firewall at the moment but pass all the http traffic to an internal load balancer (nginx). My question is, would it be possible to replace nginx with pfsense and how would the two compare in terms of performance? Many thanks, Josh.
Re: [pfSense Support] Load balancer
Hiren Joshi wrote: Hello all, I'm using pfsense to firewall at the moment but pass all the http traffic to an internal load balancer (nginx). My question is, would it be possible to replace nginx with pfsense and how would the two compare in terms of performance? Many thanks, Josh. We use pfSense to load balance 65 million requests daily to a cluster of HTTP servers on fairly minimal hardware. Performance for us has been excellent. I can't speak to nginx, never heard of it and I've not had reason to look past pfSense for our needs. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
AW: [pfSense Support] what VPN to use
Use OpenVPN We use it here with 10 sites and 100 road-warriors... Works like a charm :-) -Ursprüngliche Nachricht- Von: Nick Upson [mailto:nick.up...@gmail.com] Gesendet: Freitag, 6. Februar 2009 15:50 An: support@pfsense.com Betreff: [pfSense Support] what VPN to use Hi, I'm intending to implement VPN into our network, from various windows machines at peopel's houses. Can anyone reccomend a product that will work well with pfsense - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] help with port forwarding
Hello list, I seem to be having some problems with opening ports the correct way on my pfsense firewall. I have a client that is behind a pfsense firewall that needs to use ftp to download from from a provider (insurance company) Their tech docs tell me to open ports 20,21,80,443,7950-8079 for all of their ip addresses for the communication to work properly, They gave me a list of ip addresses, and i have created rules for each ip address to port forward the ports to the machine doing the downloading. let me take a step back. the default configuration for pfsense is to let all lan traffic pass to the WAN unrestricted. any computer on the lan can access any computer on the internet on any port, correct? There is a rule under the LAN that has that in it at least. Which is why its confusing me why this client cant use the download client for the provider, and all it does is open an FTP connection and download new policies to their system. they sent me a list of ip addresses of their servers, telling me that those the machine downloading the polcies needs to be able to connect on the ports above to their servers. and if the lan going out is unrestricted, then i dont understand why it isnt working. first i made rules stating that their ip address - on the ports specified - goes to the ip address of the local machine doing the download. that didnt work. So then i changed the rules to allow their ip address to ANY port on the local ip address doing the downloading and that didnt work either. i also added LAN rules to allow the local machine to connect to their ip address on the specified ports. didnt work either. the pfsense firewall replaced their SBS2003 machine as the firewall and it was working with that, there were no ports open on the SBS server to allow the access (which tells me how bad the SBS firewall actually was) but its creating a big problem for my client not being able to download new policies into their system. Is there something special im suppose to be doing to open ports for this kind of communication? it shouldnt be this complicated, all i need to do is make sure one machine on their local network can ftp into their machines using passive ftp to download information. what am i doing wrong? Also, does pfsense do ALG? I have another client that is doing Voip and is getting one way audio, which from what other people have told me and ive read on the internet is a firewall issue. Its like an issue of the pbx making a call, going out on one port and when it gets the packets back on another port it messes with the header of the packet and it doesnt know how to get back to the originating machine. i have all the nessesary ports for sip and voip open pointing to the pbx on the network. it all seems complicated and im having a heck of a time with getting pfsense to do the job i need done. ive read other post of people having problems with FTP an pfsense, but never found a real solution for the problem. any help on this subject would be greatly appreciated. Thanks for any and all help. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org