Re: [pfSense Support] 1:1 NAT - bind actual external IP to an optional interface?
- Original Message - From: Chris Buechler cbuech...@gmail.com To: support@pfsense.com Sent: Saturday, January 09, 2010 12:24 AM Subject: Re: [pfSense Support] 1:1 NAT - bind actual external IP to an optional interface? On Fri, Jan 8, 2010 at 5:27 PM, Karl Fife karlf...@gmail.com wrote: That's preciesely right. Inside: LAN, Outside: WAN. Is that the right setting for the shaper in this bridged configuration? (And again OPT2 is bridged to WAN, OPT1 is currently idle, Soekris 5501) Because of the limitations of the shaper in 1.2.x you'll end up with unusual results for anything other than the defined inside and outside interfaces. Pre-2.0 there isn't a way to effectively shape in that scenario. I see. I was hopeful about the 1.2.3 shaper when I noticed not compatible with bridging message (present in 1.2.2) had been removed. Is the 2.0 beta available for embedded? Thanks -Karl - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] 1:1 NAT - bind actual external IP to an optional interface?
On Sat, Jan 9, 2010 at 1:17 PM, Karl Fife karlf...@gmail.com wrote: I see. I was hopeful about the 1.2.3 shaper when I noticed not compatible with bridging message (present in 1.2.2) had been removed. That was never true actually (AFAIK, at least not in 1.2, 1.2.1 and 1.2.2, not completely sure on prior to that), I did nothing but remove that text, it does work properly with bridging. Is the 2.0 beta available for embedded? Yes but: http://forum.pfsense.org/index.php/topic,21606.0.html - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] VLAN Setup
Sawadeekap Question... I have currently a LAN with 2 VLANs (default and VLAN99 for a guest WLAN). Default uses pfSense with portforwarding etc., the VLAN99 uses a separate pfSense ALIX with its own LAN Subnet and WAN address. Would it be possible to run all this on the same pfSense box? Setup: VLAN1 (default) 172.22.0.0/16 - LAN Interface pfSense Box1 - WAN x.y.z.34 VLAN99 (guests) 192.168.x.0/24 - LAN Interface with VLAN99 pfSense Box2 - WAN x.y.z.35 Of course I want the VLAN99 to use another (VirtualIP?) for outgoing, because I don't want guests to make the public IP of VLAN1 dirty... Thanks for any suggestions. Fabian - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] VLAN Setup
- Original Message - From: Fabian Abplanalp fabian.abplan...@bug.ch To: support@pfsense.com Sent: Sunday, January 10, 2010 1:50 PM Subject: [pfSense Support] VLAN Setup Sawadeekap Question... I have currently a LAN with 2 VLANs (default and VLAN99 for a guest WLAN). Default uses pfSense with portforwarding etc., the VLAN99 uses a separate pfSense ALIX with its own LAN Subnet and WAN address. Would it be possible to run all this on the same pfSense box? Setup: VLAN1 (default) 172.22.0.0/16 - LAN Interface pfSense Box1 - WAN x.y.z.34 VLAN99 (guests) 192.168.x.0/24 - LAN Interface with VLAN99 pfSense Box2 - WAN x.y.z.35 Of course I want the VLAN99 to use another (VirtualIP?) for outgoing, because I don't want guests to make the public IP of VLAN1 dirty... Thanks for any suggestions. Fabian - I don't see a managed switch in here - is there one? I thought a managed switch was a pre-requisite for VLAN's, as is one pfSense box (or equivalent). The very helpful definitive guide to pfSense details VLAN setup, which to my reading would help you. To my mind it is really essential reading for most pfSense users, unless they have vast FreeBSD experience... - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] 1:1 NAT - bind actual external IP to an optional interface?
On Sat, Jan 9, 2010 at 5:39 PM, Chris Buechler cbuech...@gmail.com wrote: Yes but: http://forum.pfsense.org/index.php/topic,21606.0.html That and the fact that our snapshot server is up and down (currently DOWN) due to bad hardware. It will be swapped out in the next coming days. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] 1:1 NAT - bind actual external IP to an optional interface?
On Sat, Jan 9, 2010 at 8:47 PM, Scott Ullrich sullr...@gmail.com wrote: On Sat, Jan 9, 2010 at 5:39 PM, Chris Buechler cbuech...@gmail.com wrote: Yes but: http://forum.pfsense.org/index.php/topic,21606.0.html That and the fact that our snapshot server is up and down (currently DOWN) due to bad hardware. It will be swapped out in the next coming days. There is a mirror here that syncs hourly (when the primary is up and building snapshots). http://files.chi.pfsense.org/snapshots/ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] VLAN Setup
On 1/9/10 5:40 PM, Tortise wrote: I thought a managed switch was a pre-requisite for VLAN's, as is one pfSense box (or equivalent). Not necessarily. At least one box that can forward traffic among VLANs is the only requirement. In many network designs there's a 1:1 correspondence between VLANs and IP subnets, so that box is ... a router. pfSense is a router in the sense that it moves traffic between different IP subnets on different interfaces. (Routers also can run dynamic routing protocols such as OSPF but that's neither here nor there with regard to VLAN and subnet configuration.) VLANs are Ethernet constructs and subnets are IP constructs: - at layer 2, each VLAN is its own broadcast domain (and collision domain, if using 802.11 or old half-duplex Ethernet stuff) - at layer 3, each IP subnet is its own broadcast domain As for managed, that usually refers to whether a switch supports a network management protocol such as SNMP. Net management stuff is nice to have but isn't necessary for configuring VLANs and/or subnets. So, bottom line: One pfSense box *could* be enough if there are different VLANs/IP subnets defined on each interface and only one physical device per VLAN/subnet. OTOH if you want to have multiple devices in each VLAN, a switch hanging off each VLAN interface would be necessary. dn - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] please help me
hi dear i have installed new pfsense now working fine can ping any site from lan and hosts thanking you On Sun, Dec 27, 2009 at 11:12 PM, Evgeny Yurchenko evg.yu...@rogers.comwrote: chetan gohil wrote: i have not configured any rules in firewall all lan traffic can go to wan and all wan traffic can go to lan there is no any other configuration i did thanks Please do not top-post. You do not have to configure any rules to be able to ping Google's IP from pfSense itself. Thus if your internet connection is up and running then you have to be able to ping 209.85.225.104. Just go to Diagnostics-Ping choose WAN and ping it. Your tcpdump does not show any attempts to ping. Evgeny. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
