Re: [pfSense Support] How to add the WAN DHCP
Dear suresh, very simple go to wan interface and set to manually ip address. If ur modem ip is 192.168.1.1 set ur wan gateway this then ur clients will easily access internet. ThnxMohan 9826061122 On 8/20/11, suresh suresh suresh.notion...@gmail.com wrote: HI All, My internet connection service provider connection has been changed. They are not given the static ip. they are DHCP. please help me. how to configure the WAN DHCP. please help. i have attached my previous configuration files. where i need to be edit?.. please help me. Thank you, Regards, Suresh -- Sent from my mobile device - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Happy Birthday Chris
Many Many appy returns of the day.. On Wed, Aug 17, 2011 at 10:18 PM, Glenn Kelley gl...@typo3usa.com wrote: Happy Birthday Chris - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Upgrade from pfsense 1.2.3 to 2.0
I also have same problem. When shift to 2.0, port forwarding NAT or also not working openvpn... Pls guide if any have that solution... Thnx mohan 9826061122 On 8/15/11, Seth Mos seth@dds.nl wrote: Op 15-8-2011 12:21, Aymen Belkhiria schreef: Hi all, After upgrade to pfsense 2.0 RC3 I have a problem to manage the WAN interface. I have a port forward work fine with pfsense 1.2.3 but when I upgraded to 2.0, something block the traffic and I can't access to the application from outside. Please confirm that you have a allow firewall rule on the WAN interface from source any, port any to WAN IP port webgui port. It should just work. Kind regards, Seth - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Sent from my mobile device - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BGP support in 2.0
Anybody can help where i see live log for example : if any lan user access public ftp or http server pfsense can have that user live log if yes where i see that log.. . Thanks mohan rao On 8/11/11, Chris Buechler cbuech...@gmail.com wrote: On Tue, Aug 9, 2011 at 8:02 AM, Dan Candea dan.can...@quah.ro wrote: On 04.08.2011 00:11, Chris Buechler wrote: On Wed, Aug 3, 2011 at 7:43 AM, Adam Thompson athom...@athompso.net wrote: I've been accepting ~ 13k routes inbound advertising nothing. So that part works, too. Now you just need confirmation from someone who does both! I setup one that does both last week, gets full Internet routing table, ~360K routes each, from two providers. And advertises their AS. could you tell us the hardware configuration? Depends on how much bandwidth you're using, and how many routing tables you're getting. Two full Internet routing tables, a total of around 730K routes, was taking up somewhere around 400-500 MB RAM. The other hardware sizing factors are no different from any other install, see the hardware sizing guide on www.pfsense.org. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Sent from my mobile device - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] PPTP 2.0 RC3
pfsense NAT, Port forwarding or Openvpn is not working finally have lots struggle On Mon, Jul 25, 2011 at 6:54 AM, Dave Donovan donovan.da...@gmail.comwrote: On Fri, Jul 8, 2011 at 1:27 AM, Johan Hendriks j.hendr...@schavemaker.com wrote: Yesterday i decided to try PFSense 2.0 RC3 on our ADSL line. It all looked good, i could import the old config from the 1.2.3 version and it started up fine. The i get some phone calls, people good not load web pages, and some did load partially. I did some other test, and indeed, freshport.org, freshsource.org and freebsd.org all loaded well, but other sites, like nu.nl and mountainbike.nl did not load. I could ping those site's by the way, so ping www.nu.nl worked fine Hi Johan, Did you get this worked out? If not, try setting the MTU on your WAN interface to something like 1452. To confirm that this is the issue, try the following from a Windows command line: ping nu.nl -l 1500 ping nu.nl -l 1452 The first command confirms that it fails with a full size packet. The second command demonstrates that it works with a smaller packet. The short story on this is that the maximum packet size is 1500 but PPPOE (which is used on your ADSL connection) adds another 8 bytes. The reason it worked with your pings is that those packets are small (200 bytes) so that when PPPOE tacks on another 8 bytes, they're still below the max. The often recommended number for MTU is 1492 (1500 - 8) but I tried pinging that site with a 1492 byte packet and it failed. Maybe there are other PPOE links in between us and them and this adds more overhead? I'm not sure. Perhaps one of the wizards on this list has the answer. I'm not a guru at this stuff so I may be wrong. I hope this solves your problem, maybe you could reply to the list and let us know what setting fixes it. I hope this helps, Dave - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] open vpn
i tried help from you tube video help then do configure same. http://www.youtube.com/watch?v=odjviG-KDq8 On Wed, Jul 20, 2011 at 11:56 AM, George Neill geor...@neillnet.com wrote: Mohan, Not an expert here, just sharing my experience. I used the wizard and had just the one issue. I suspect you'll need to provide more details on your configuration before an expert could help. Later, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: yes but still not working i think it is bug because when i try nat or port forwarding also does not work... its only working captive portal acl or dhcp. On Wed, Jul 20, 2011 at 11:06 AM, George Neill geor...@neillnet.com wrote: Mohan, I suspect your using windows clients? I believe I ran in to the same issue. Make sure you 'Run as Administrator' the OpenVPN GUI. If you don't do this the route table on the client doesn't get updated. You can see errors in the log to confirm. HTH, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: unknown cause of limited throughput
open vpn not working On Fri, Jul 15, 2011 at 10:04 AM, David Burgess apt@gmail.com wrote: On Tue, Jul 5, 2011 at 11:52 PM, David Burgess apt@gmail.com wrote: I'll probably kick myself when I figure this one out And the answer is... traffic shaper. I'm so embarrassed. ::Off to kick self:: db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] open vpn
Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao
Re: [pfSense Support] open vpn
yes but still not working i think it is bug because when i try nat or port forwarding also does not work... its only working captive portal acl or dhcp. On Wed, Jul 20, 2011 at 11:06 AM, George Neill geor...@neillnet.com wrote: Mohan, I suspect your using windows clients? I believe I ran in to the same issue. Make sure you 'Run as Administrator' the OpenVPN GUI. If you don't do this the route table on the client doesn't get updated. You can see errors in the log to confirm. HTH, George On 7/20/11, A Mohan Rao mohanra...@gmail.com wrote: Dear all pfsense experts, i m tried open vpn on pfsense 2.0 its successfully configured but when user's r try to connect from client end its connected but not access our lan network i have to create a rule for that. but still its not working i had tried googled. kindly give any tips or help. Thanks Mohan Rao - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] OpenVPN
also same configuration but not working On Tue, Jun 21, 2011 at 11:04 PM, Younes EL AMRAOUI oun...@gmail.comwrote: Hi, Can you send for me your HowTo for configuring OpenVPN please, I will do the same in my company, and if it doesn't work I will give you a feedback. Thanks, Younes EL AMRAOUI, 2011/6/21 Erik Silva Sobral eriksob...@gmail.com Hi, I need to configure a OpenVPN and I have followed a howto but it's not working. Does anyone have a howto to send please? cheers, Erik -- Younes EL AMRAOUI *Engineering Student at ESIREM.* *Computer Science Engineering School.* *+33629153757* *Dijon ,FRANCE .*
Re: [pfSense Support] 2 squidguards, no filtering
port forwarding is not working any body provide step by step On Wed, Jun 15, 2011 at 9:37 PM, Carlos Vicente cjpvice...@gmail.comwrote: Luke, I had a similar problem. This was my workaround: if you have Groups ACL configured, the blocked sites on Common ACL don't work. So you must configure all the restrictions on each group created on Groups ACL. Hope it helps On Wed, Jun 15, 2011 at 4:39 PM, Luke Jaeger ad...@pvpa.org wrote: hi Jim / Chris, I noticed that sites weren't being blocked so I restarted squid squidguard from the GUI. They wouldn't restart so I rebooted the whole box. Now I see 2 instances of squidguard running, but it's still possible to connect to banned sites. Anything else I should try? Luke Jaeger | Technology Coordinator Pioneer Valley Performing Arts Charter Public School www.pvpa.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- *** *http://www.sebastiaoguerra.com* http://www.sebastiaoguerra.com *http://www.atelierdamoto.com* http://www.atelierdamoto.com *http://www.blocoa3.com* http://www.blocoa3.com/ -- Este e-mail e quaisquer ficheiros a ele anexados são confidenciais e destinados, exclusivamente, à pessoa ou entidade a quem foi endereçado. Se recebeu este e-mail por erro, por favor, contacte-nos. Obrigado. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify us. Antes de imprimir este e-mail pense se necessita mesmo de o fazer
Re: [pfSense Support] pfsense as a centralized antivirus update to multiple hosts
i need a antivirus for my* pfsense* *2.0-RC2 * (amd64) which is remove virus from my network and also coming virus from internet because i have directly connect my leased line to pfsense server and all client connects to pfsense server gateway. On Fri, Jun 3, 2011 at 4:17 AM, Joseph Rotan joseph.ro...@gmail.com wrote: Thank you Chris and Christian. So if that the case then will have to purchase the avast Internet anti virus solution for each host on the LAN as it will automatically updates once they are connected to the internet. Cheers Joseph. On Thu, Jun 2, 2011 at 6:49 PM, Christian Veith c...@veith-info.org wrote: Hi Joseph, in General it's not possible with pfsense. As Chris mentioned most Solutions will require a windows server machine for delivering updates to the Clients. Some Antivirus Solutions, such as Eset NOD32, could be configured to use an alternate http server for getting it's updates. It's possible to setup a squid package installation on the pfsense box and use it as a caching proxy. The signatures will be downloaded only once and then delivered from Cache. Other Products like Symantec Enterprise Protection offer the possibility of Global Update Provider Clients. These provide updates by peer to peer like functions, electing one Client as the bridgehead for signature updates. regards Christian Am 02.06.2011 02:24, schrieb Joseph Rotan: Hi, I would like to confirm if pfsense can act as a centralized PC to update anti-virus to multiple host PC's connected on the same LAN. In our setup we have ADSL , Lease-line and E1 connections that are used as a means of internet connectivity to our pfsense WAN interface whereas the LAN interface connect to HUB that redistribute connection to multiple host PC's. As a means of cutting down costs to purchase each licenses for each hosts our anti-virus supplier has provided us a solution with one exchange server or PC to many connected clients on a network, therefore the pfsense machine will automatically extract updates from the antivirus remote server and pfsense will redistribute it to the connected clients on a network. Thanks Joseph. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] pfsense as a centralized antivirus update to multiple hosts
anybody help how to check outgoing traffic. On Fri, Jun 3, 2011 at 12:35 PM, A Mohan Rao mohanra...@gmail.com wrote: i need a antivirus for my* pfsense* *2.0-RC2 * (amd64) which is remove virus from my network and also coming virus from internet because i have directly connect my leased line to pfsense server and all client connects to pfsense server gateway. On Fri, Jun 3, 2011 at 4:17 AM, Joseph Rotan joseph.ro...@gmail.comwrote: Thank you Chris and Christian. So if that the case then will have to purchase the avast Internet anti virus solution for each host on the LAN as it will automatically updates once they are connected to the internet. Cheers Joseph. On Thu, Jun 2, 2011 at 6:49 PM, Christian Veith c...@veith-info.orgwrote: Hi Joseph, in General it's not possible with pfsense. As Chris mentioned most Solutions will require a windows server machine for delivering updates to the Clients. Some Antivirus Solutions, such as Eset NOD32, could be configured to use an alternate http server for getting it's updates. It's possible to setup a squid package installation on the pfsense box and use it as a caching proxy. The signatures will be downloaded only once and then delivered from Cache. Other Products like Symantec Enterprise Protection offer the possibility of Global Update Provider Clients. These provide updates by peer to peer like functions, electing one Client as the bridgehead for signature updates. regards Christian Am 02.06.2011 02:24, schrieb Joseph Rotan: Hi, I would like to confirm if pfsense can act as a centralized PC to update anti-virus to multiple host PC's connected on the same LAN. In our setup we have ADSL , Lease-line and E1 connections that are used as a means of internet connectivity to our pfsense WAN interface whereas the LAN interface connect to HUB that redistribute connection to multiple host PC's. As a means of cutting down costs to purchase each licenses for each hosts our anti-virus supplier has provided us a solution with one exchange server or PC to many connected clients on a network, therefore the pfsense machine will automatically extract updates from the antivirus remote server and pfsense will redistribute it to the connected clients on a network. Thanks Joseph. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] RE: Snort and pfsense
i m using pfsense *2.0-BETA4 * (amd64)built on Mon Oct 18 16:52:40 UTC 2010 FreeBSD 8.1-RELEASE-p1 http://172.16.23.1/index.php# its working fine on my network within 600 computer user's with 2 firewall. but my port forwarding is not working properly anybody provide step step process. Thanks A Mohan Rao On Wed, May 25, 2011 at 10:40 AM, Martin Månsson m...@bib.sdu.dk wrote: Martin, From: Martin Månsson [mailto:m...@bib.sdu.dk] Sent: Tuesday, 24 May 2011 8:01 PM To: support@pfsense.com Subject: [pfSense Support] Snort and pfsense Im using PFsense 2.0 rc2 and have a question reguarding snort When snort generates a block is there any option to only block that one service, and not the host entirely ? I have enabled the p2p rules and block offenders, when I start bittorrent on a host, that host loses every connection to the outside world I just want that one service to be blocked. What you are looking to do is Layer 7 filtering, not intrusion detection (which is what Snort is designed for). You can do this in PFSense 2.0 under Firewall - Traffic Shaper - Layer 7. It's pretty self explanatory when you are adding an L7 rules group, just add the protocols you want to block and make sure the container is enabled, you then need to create a firewall rule to choose what traffic you would like the L7 rule to apply to. I have tried that but couldn't get anything to block with the p2p rules, ill have another go at it, do someone have any pointers? Best regards Martin Månsson Cheers, Daniel Davis Best reguards Martin Månsson - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] RE: Snort and pfsense
so what is use for this link. On Wed, May 25, 2011 at 12:54 PM, Chris Buechler cbuech...@gmail.comwrote: On Wed, May 25, 2011 at 3:12 AM, A Mohan Rao mohanra...@gmail.com hijacked yet another thread: You've been asked several times now, when you post, you must start a new message with a new subject. What you keep doing is called thread hijacking, you're sending a completely different question on someone else's thread. Any time you post, start a new email to support@pfsense.com. *Never* reply to someone else's email unless you're actually replying to that email, on any mailing list. Also never send file attachments to mailing lists. Some reading on proper mailing list etiquette would go a long way towards people's willingness to help you. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] IPsec, Multi-WAN Session Setup Problems. (2.0 RC1)
not able to do client side open vpn setup properly any body can help for which open vpn client i have to download and install run properly i have to do server side setup which is i have to attached video. Awaiting for positive response .! Thanks Mohan On Fri, May 20, 2011 at 1:12 PM, Seth Mos seth@dds.nl wrote: Op 20-5-2011 9:22, A Mohan Rao schreef: not able to do client side open vpn setup properly any body can help for which open vpn client i have to download and install run properly i have to do server side setup which is i have to attached video. Do not Hijack threads. Please don't send attachments to the list, post it somewhere on the internet. Awaiting for positive response .! Negative. Regards, Seth - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] OpenVPN - Server IP / Redundancy
right now i m using Endian firewall vpn server its working fine but its firewall and content filtering was not satisfactory working that's why i move to pfsense and i highly impress with pfsense 2.0 and 1.2.3, but its open vpn how works i m not able to find out any body can provide step step configuration and how to generate certificate is there any option or develop anybody like endian vpn vpn including vpn client software. Thanks Mohan On Thu, May 19, 2011 at 1:27 PM, Dominic dominic@gmail.com wrote: Hi, I'd like to query if there is a way to have multiple server addresses in an OpenVPN setup? I would like to add redundancy in the event of my provider going down, I can then connect to one of the other provider's IP's (I have 3 WAN interfaces on the OpenVPN server machine). Is this possible or would I need to use a DNS address with multiple records or DYNDNS type solution. Any advice would be welcomed. Thank you, Dominic. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Recommendation for 10Gb NIC on pfSense
anybody explain what is server side settings for open vpn on pfsense 2.0 On Thu, May 19, 2011 at 2:48 PM, Frank Richter rich...@mpia-hd.mpg.dewrote: Dear all, I need to build a firewall with 10Gbit NIC's for WAN and LAN. I experienced strange behavior with Intel 10Gb Server adapter on pfsense 2.0-RC1 (both i386/amd64) Snapshot from 5.5.2011. I have VLAN's configured on the LAN side and the system crashes with Fatal Trap 12 during boot or when the NIC gets a link. I tested it on 3 different servers and 2 NIC's, all show exactly the same misbehavior. pciconf -l | grep ix ix0@pci0:19:0:0:class=0x02 card=0x7a118086 chip=0x10fb8086 rev=0x01 hdr=0x00 ix1@pci0:19:0:1:class=0x02 card=0x7a118086 chip=0x10fb8086 rev=0x01 hdr=0x00 Do you have any recommendations on a 10Gb NIC (Fibre, Dual preffered) that can do VLAN and working stable on pfSense 2.0-RC1? Thank you very much, Frank Richter - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Traffic shaping for specific file type
ok On Mon, May 16, 2011 at 9:03 PM, Michel Servaes mic...@mcmc.be wrote: u can come on chat Google chat) i will help u my best.. . mohanra...@gmail.com Though this answer might be interesting for the person who has asked It. It is totally useless to the mailing list. If everybody acted the same, mailing list would be filled with 0 answer… Please post your answer on the mailing list. Thanks. Yes, I was thinking the very same thing here... I am not going to use bandwidth throttling right now - but I would love to know a bit on a howto described right here :-) It's like learning using it in every possible aspect... - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Traffic shaping for specific file type
u can come on chat Google chat) i will help u my best.. . mohanra...@gmail.com On Mon, May 16, 2011 at 11:33 AM, Shibashish shi...@gmail.com wrote: On Mon, May 16, 2011 at 10:56 AM, A Mohan Rao mohanra...@gmail.comwrote: yes very easy u can use acl its working fine with groups and individual.. Thanks A Mohan Rao indore india On Mon, May 16, 2011 at 10:53 AM, Shibashish shi...@gmail.com wrote: I'm on pfSense 2.0-RC1 (i386) and have been using it as a firewall+load-balancer. Can i do Traffic Shaping for certain file type... like flv and mpg? I have to serve big sized (~50Mb each) flv and mpg videos but i have a limited bandwidth... can i allocate a specific bandwidth like 5Mbps only for flv/mpg requests so that rest of my sites do not get choked. Thanks. ShiB. while ( ! ( succeed = try() ) ); Can you please provide some more (technical) details, steps how to do it, etc. Thanks. ShiB. while ( ! ( succeed = try() ) );
Re: [pfSense Support] Traffic shaping for specific file type
yes very easy u can use acl its working fine with groups and individual.. Thanks A Mohan Rao indore india On Mon, May 16, 2011 at 10:53 AM, Shibashish shi...@gmail.com wrote: I'm on pfSense 2.0-RC1 (i386) and have been using it as a firewall+load-balancer. Can i do Traffic Shaping for certain file type... like flv and mpg? I have to serve big sized (~50Mb each) flv and mpg videos but i have a limited bandwidth... can i allocate a specific bandwidth like 5Mbps only for flv/mpg requests so that rest of my sites do not get choked. Thanks. ShiB. while ( ! ( succeed = try() ) );
Re: [pfSense Support] Providing wol
i have successfully installed pfsense 2.0 on my network and its working fine, but some times content filter (ACL or GROUP ACL not working). and i use user based authentication when user click login button its still stop on that page but when i open another page internet was access smoothly. is there any bug with pfsense or some problem or mistake on my pfsense configuration. kindly guide me how to i exit this problem also i need to know how to open vpn step by step. Thanks A Mohan Rao On Thu, May 5, 2011 at 7:42 PM, Joseph L. Casale jcas...@activenetwerx.comwrote: I need to create some openvpn up scripts that send wol packets for a series of users who cannot leave their internal wksts running all the time. In 2.0 the wol packages all need perl, while not a pfsense specific question, does anyone know of a wol util written in C for example without the obtrusive deps? Thanks, jlc - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org