On 7/23/05, Jason Brunk [EMAIL PROTECTED] wrote:
I used to run monowall at home and in my office, but I have replaced the one
here at home with the pfsense on my ip330. my ipsec won't connect up. I
used to have a pfsense box that worked fine for ipsec to the office. Any
thoughts,
On 7/27/05, Randy B [EMAIL PROTECTED] wrote:
I'm not certain I understand what you're talking about - the only
load-balancing I can find described for CARP (net.inet.carp.arpbalance)
only does incoming load-balancing at L2; that's according to the latest
OpenBSD carp(4) man page I can find.
On 8/8/05, Eric m [EMAIL PROTECTED] wrote:
Hi guys!
You are talking about load balancing in previous thread.. In the same way..
Another great and really interesting improvement you can probably made is a
kind of VPN (ipsec) failover..
This already works fine with CARP, though it
On 8/11/05, Scott Ullrich [EMAIL PROTECTED] wrote:
I spoke too soon. OpenVPN is not the problem itself, its the GUI +
Backend PHP code in pfSense.
Right, the author he was speaking of that hasn't sent patches is the
author of the GUI and backend PHP code in m0n0wall, not the author of
the
On 8/12/05, Matthew Lenz [EMAIL PROTECTED] wrote:
What are some good command line settings to get an idea of what kind of
throughput pfsense has? currently I'm just doing:
host1: iperf -c host2
host2: iperf -s
That's what I typically do. That's a good indicator of the maximum
single
old newswe've had this for days already. ;) I don't know how
well it's working just yet (we're testing it) but it's in there.
On 8/15/05, sai [EMAIL PROTECTED] wrote:
http://www.bsdforums.org/forums/showthread.php?t=33642
On 8/18/05, Kim C. Callis [EMAIL PROTECTED] wrote:
How does one ascertain that OID for the interfaces on a pfsense box. I
need to display some graphs to the powers that be, but the monitoring
packages wants the OID. I know what it is, but I have to make use of
that before..
They're standard
On 8/25/05, Homero Thomsom [EMAIL PROTECTED] wrote:
At the moment, the firewall rules are changed and it
blocks all the ports except MSN Messenger Port (I
don't remember the port number).
I try to NAT the PPTP connection Port to the PPTP
Server (Windows 2000) but is imposible to forward the
On 8/25/05, Scott Ullrich [EMAIL PROTECTED] wrote:
Done! Uninstall squid and reinstall for the change to take effect or run:
or run... must be a scary problem. ;)
-cmb
On 8/25/05, Homero Thomsom [EMAIL PROTECTED] wrote:
I have understood that Nat-t works encapsulating the
protocols (AH or ESP) within a UDP datagram. It is
not thus?
actually, yeah, it is only UDP 500 and 4500. But you can't define
what ports it uses, so since you say you only have one
On 8/26/05, Matthew Lenz [EMAIL PROTECTED] wrote:
The watchdog (atleast thats what
the system log called it) on my WAN interface reset the WAN interface (any
idea why that would have happened?)
various reasons. I have some Broadcom gig NIC's (bge) onboard on Dell
2550 servers that like to do
A Rossi wrote:
I've narrowed it down to 2 possible sites:
http://www.auditmypc.com/
and
https://www.grc.com/x/ne.dll?bh0bkyd2
neither gave me anything out of the ordinary behind m0n0wall or pfsense.
first one found my private IP address **GASP** Oh no! /sarcasm ;)
-cmb
Matthew Lenz wrote:
so its safe to assume that internet - WAN stuff should be blocked.
but for internal access between my LAN/OPT interfaces and outbound WAN
i can use reject and it wouldn't be considered bad form?
Under most circumstances, yes, that's correct.
Mojo Jojo wrote:
I just bought a WRAP for testing and I am waiting for it to arrive.
Can someone tell me the benefits of having a hard drive install inside
a beefier PC over a slimmed down install in a WRAP type device?
PC gives you more power and flexibility. WRAP is a more reliable
Mojo Jojo wrote:
Hmm..
OK, I just ripped out the 128mb thinking it was bad to use the minimum
recommended in a production system.
128 is fine. if we make changes in the future where you can add things
to the CF, that might change. I wouldn't expect it to change much
though, and 128
Colin Smith wrote:
Also, it is my understanding that Scott and Chris originally forked because of
Manuel's (obvious) resistance to taking his project in an entirely new
direction. Few if any bridges were burned. It most certainly was not an 'ego
thing'.
I won't bother responding to
Sanjay Arora wrote:
Hi all
Just joined the list. Am mostly using IPcop other Linux flavours for
perimeter firewalling. Needed ISP WAN-link balancing failover, hence
my search for a new option. Also have started experimenting with
freebsd, so choice was limited to either freebsd or linux.
Bennett wrote:
This answers one of my biggest questions about the fork. I've been
fixated on the package system (though my previous mention of it was
brief), thinking it was a solution for both projects. I had envisioned
moving everything that isn't a core feature into an optional module.
[EMAIL PROTECTED] wrote:
I am missing something critical and I can't seem to find
what the problems is. I have a server on the LAN that acts
as my webserver/mailserver. I have an alias defined for this
host that is aliases to one of my static IP address on the
WAN side.
Although I can ping the
Bill Marquette wrote:
Someone hasn't done their research. This has been answered in the ML,
the forum, the FAQ, AND the blog.
*AND* today on the m0n0wall list, where he originally sent this message,
and got my answer 8 minutes before sending the message again to this list.
Jim Thompson wrote:
Chris Buechler wrote:
Alex DiMarco wrote:
Does anyone have benchmarks on the WRAP running fpsense?
about 25 Mb is the most you can expect. I wouldn't use one if you
need constant throughput of over 15 Mb for extended periods.
I assume this is Ethernet-Ethernet
Greg Hennessy wrote:
That's ~20 megabits/sec, not bad for an IP-120 given its horsepower
Not for m0n0wall/FreeBSD 4.x. That box should be about the same speed
as a Soekris 4801 or WRAP, either of which will hit ~40-45 Mbps. If
this were pfsense/FreeBSD 6.x, I would say ~20 Mbps is low,
analyzerx wrote:
GPL allows you to modify the code...
that's not the point. the point is the project is released under a BSD
license, and GPL code can't be released under the BSD license. We do
run some GPL licensed software, but nothing in the actual pfsense code
base. Just unmodified
Craig FALCONER wrote:
Anyone in New Zealand want to acquire some Nokia IP 330 boxes?
anyone know if the 330's run pfsense (or anything FreeBSD 5.x or 6.x?)
The IP1xx's kernel panic at boot with 5.x or 6.x.
Holger Bauer wrote:
http://forum.pfsense.org/index.php?topic=603.0
cool, I missed that thread.
I'll have to give my IP110 another shot, maybe the FreeBSD issue was
fixed. the 330's are quite a bit different though.
Terri Zahniser wrote:
Thanks for the link. After reading it and setting up the PPTP VPN again
I was still not able to get it to work.
Define doesn't work. With doesn't work, the best we can offer is
you configured it wrong. With some details on what's going on, what
you have configured,
http://pfsense.blogspot.com/2006/07/second-annual-pfsense-hackathon-call.html
Carlos Julio Sánchez [ACC-SIS] wrote:
If i dont have remote subnet but in the pfsense i must to write something in
the textbox REMOTE SUBNET in the configuration of ipsec vpn.
If you're doing a site to site VPN, you *have* to have a remote subnet.
It's the network on the other end that
Scott Ullrich wrote:
It is a delayed IDS. Generally an IPS hooks into the network stack
directly and does not allow the traffic to pass through until its
scanned.
And generally you probably aren't going to want to hook snort into your
network stack like that, because of the limitations of
DarkFoon wrote:
I'm considering installing the UPnP daemon on some home/home office
boxes, and I'm curious what the security issues are.
From my own (simple) analysis, the worst that could happen is a
malicious application could ask for many, many (almost all?) of the
ports above 1024 to be
Bill Marquette wrote:
Low end switches have a tendency to not have enough ram or cpu to
handle a high volume mac spoofing attack and will usually end up
turning into a hub under this kind of attack, rendering your vlans
useless.
Any switch's CAM table can be overflowed by directly connected
Roland Giesler wrote:
Is it possible to start a VMware or Xen client inside pfSense?
no. VMware doesn't support FreeBSD as a host, and Xen is still
questionable on FreeBSD I believe.
Paul M wrote:
http://www.linuxdevices.com/news/NS2837651365.html
32MB of SDRAM and 16MB of flash, expandable via an SD-card slot.
aside from the fact that those two numbers alone mean it's far from
compatible, it's not an x86 system, it's RISC. It won't run m0n0wall
either.
Eugen Leitl wrote:
I have a somewhat strange setup (thanks to our provider)
which looks like this:
LAN* - bge0- 192.168.0.1
WAN* - bge1- 10.0.2.6
OPT1(DMZ)- vlan0 - 62.245.148.129
Yes, the WAN is
http://pfsense.blogspot.com/2007/08/12-rc2.html
Please test! This may be the last RC before 1.2 is released.
Eugen Leitl wrote:
I see on http://pcengines.ch/order1.php?c=2
that ALIX (e.g. alix2c3) is ETA 20071020.
http://blog.pfsense.org/ sez
snip
...
Anyone knows how well AMD Geode LX does accelerated IPsec on FreeBSD?
As far as we know at this time, it's not yet supported.
Eugen Leitl wrote:
I see there's commercial support for pfSense, starting at about 300 EUR/year.
Are there proper invoices for that? I can't tell.
$300 USD actually. Yes, we can send you a proper invoice, or you can pay
via credit card online and we'll send you the typical email receipt.
Daniele Guazzoni wrote:
I just upgraded from 1.0.1 to 1.0.2 with
pfSense-1.0.2-Full-Embedded-Update.tgz and although the firwall is
functional I cannot access the webconfigurator.
Any idea how to fix it ?
There is no 1.0.2, so I'm not sure which version you're using, for
embedded upgrades
Adam Van Ornum wrote:
I've been looking into a Via C7 based system to run pfSense on and so
far all of the systems seem to have either Realtek or Via based LAN
chipsets. Several people have mentioned before that the Realtek
chipsets are not very well supported at this time and I'm wondering
Ronald L. Rosson Jr. wrote:
Has anyone come across or developed a template for pfsense firewalls
to be polled by a Cacti server. Any information is helpful.
haven't heard of any, it would be nice to see.
Eugen Leitl wrote:
I used to have a nice pre-shared key IPsec tunnel between
two m0n0walls/pfSenses, running in NAT. Worked very nicely.
However, I now have a transparent bridge with a public /24 network,
and whenever I activate the tunnel I no longer can ping any
host on the network (the
http://blog.pfsense.org/?p=152
Paul M wrote:
meanwhile, I noticed many of the mirrors are not doing too well so I
reported them
some of the update mirrors are no good either.. in fact the downloads
are pretty slow.
The mirrors are all fine. Many only sync once a day, so as it says in
the release announcement it
Luciano Areal wrote:
Hi Bill!
The pfSense box is in front of the PPTP server. In other ways, it will act
as the main gateway, and the PPTP server will be on the LAN. Clients will
access it from WAN, passing through the pfSense box.
I just did what you said. Removed all rules from NAT and
Jure Pečar wrote:
Since everyone is just singing praises, I'll add some things to look for ;)
Besides running it at home we run it on three production locations, which
are two server rooms and one fast growing wireless lan.
First bad expirience: it is really touchy about the quality of your
Jan Hoevers wrote:
2. On previous versions the bogons file was fetched from cymru.com, but
on RC4 the script tries to get it from a pfSense server. The file is
however missing on that pfSense server. I worked around this by copying
the old cymru url back from RC3.
Thanks for catching that,
Paul M wrote:
Hi,
given the a number of minor bug fixes, we will be seeing a 1.2RC5
variant sometime, or is the next step a full release?
We'll probably skip RC5 as an official release even though the snapshots
are labeled as such right now.
Ronald L. Rosson Jr. wrote:
On Feb 11, 2008, at 1:08 PM, Scott Dale wrote:
http://forum.pfsense.org/index.php/topic,7313.0/topicseen.html
This brought back my dashboard without a re-install.
Thanks, that's good to know.
Those who use the dashboard on 1.2, keep in mind it's experimental
DarkFoon wrote:
Does pfSense 1.2 still support booting from CD-rom and storing the
config (and possibly other data) on a floppy disk?
Yes. just the config is kept on the floppy. USB flash drives are also
supported, and recommended over floppies.
DarkFoon wrote:
Yes. just the config is kept on the floppy.
This means that the RRD graphs don't save across reboots, right?
And packages can't be installed. (well that's sort of obvious...)
Correct on both accounts.
Jose Augusto wrote:
Look this
http://pfsense.blogspot.com/2005/05/captive-portal-and-traffic-shaping-to.html
That's outdated info.
Traffic shaper does not work properly with more than two interfaces (LAN
+ WAN) in 1.2. That's already fixed in 1.3.
[EMAIL PROTECTED] wrote:
Gentlemen!
I sorry to have started this Return Receipt storm.
Chris Buechler complained to me in private and asked me to turn off RR
when writing to this forum which I will of course do my outmost to
remember in the future.
I half expected a read receipt pop up
Ermal Luçi wrote:
Expected behaviour.
Since ALTQ shapes on outgoing that shapes every thing that goes
through the interface where the shaper is enabled.
For 1.2, it should be noted.
For 1.3, Ermal has done a nice job completely rewriting the traffic
shaper to accommodate these kinds of
RB wrote:
I understand, and have tangled some of the terminology. My ticket was
about HEAD, but the library breakage seems to have seeped from HEAD to
1.3 (RELENG_1).
Because all the binaries in RELENG_1 and HEAD are for FreeBSD 7.0. You
can't go from 1.2 to 1.3 just by pulling the files
Please see the following post for more information.
http://blog.pfsense.org/?p=182
Hope to see you there!
Chris
Jan Hoevers wrote:
While not unwilling to donate to projects, this bounty thing is not for
me because of a strict open source policy.
Again, is there any estimate for 1.3?
This is 100% completely open source. The source ported to RELENG_1_2 is
even in the public CVS server in its own branch.
[EMAIL PROTECTED] wrote:
Hi
I'm trying to do some analysing on the raw log format sent to syslog:
snip
check out pflog.
http://www.openbsd.org/faq/pf/logging.html
http://www.google.com/search?q=pflog
quite a bit of stuff available.
for the underlying ruleset you're running, see
Joe Lagreca wrote:
I am running pfSense on an Alix system 2c3. When accessing via the
LAN everything works great. However when I try to access it via the
WAN, its very slow, and will time out. This is NOT a bandwidth issue.
Sometimes the pages will load, but look as if the css file didn't
On Wed, Apr 30, 2008 at 11:52 PM, RB [EMAIL PROTECTED] wrote:
Anyone have a situation where they're switching WAN types and somehow
/usr/local/sbin/lighttpd just disappears?
Can't say that I've seen that. You can restart it at the console menu
for future reference. Anything relevant in the
On Thu, May 1, 2008 at 12:08 AM, RB [EMAIL PROTECTED] wrote:
Can't say that I've seen that. You can restart it at the console menu
for future reference. Anything relevant in the logs?
Nothing at all, and no restarting - the binary is *gone*, as in deleted.
Oh wow! Definitely haven't
On Mon, May 26, 2008 at 7:08 AM, John Dakos [ Enovation Technologies ]
[EMAIL PROTECTED] wrote:
thank u SAI , but i have a problem with this configuration. this
configuration work with NAT , and i dont want NAT because i have 200 public
IP on Cisco Router, and i want all clients to join
On Wed, Jun 11, 2008 at 12:50 PM, Paul Mansfield
[EMAIL PROTECTED] wrote:
now none-free for any commercial usage, I was wondering if anyone's looked
at the alternatives?
I've been a Nessus user since its very early days, been roughly 7
years now I believe. I've had a Nessus Direct Feed
Lee is a commercial support customer and we helped him offlist with
this. There was a problem with the siproxd package, it should now
work. Lee confirmed he now has two phones working simultaneously, so
this must be working now.
If you have installed the package previously, uninstall it first.
On Wed, Jul 16, 2008 at 11:22 PM, Bill Marquette
[EMAIL PROTECTED] wrote:
Considering that you are talking about the Linux variant of the
WRT54G, I think it's safe to say that Chris probably assumed you were
not running the stock Linksys firmware on it.
Actually that is what I meant - you
On Thu, Jul 17, 2008 at 7:02 PM, Jim Thompson [EMAIL PROTECTED] wrote:
I'm happy to respond more fully to this:
A) off-list,
Jim, I'd encourage you to keep it on-list, a number of us have learned
quite a bit from sharing of your expertise over the years. It may not
be precisely on-topic for
On Tue, Jul 22, 2008 at 2:32 PM, Eugen Leitl [EMAIL PROTECTED] wrote:
http://www.provos.org/index.php?/pages/dnstest.html
DNS Resolver Test
For secure name resolution, it is important that your DNS resolver uses
random source ports. The box below will tell you if there is something you
On Tue, Jul 22, 2008 at 4:48 PM, Chris Buechler [EMAIL PROTECTED] wrote:
- if your recursive servers are behind pfSense doing NAT with a
default NAT configuration, you're fine even *without* patching your
DNS servers.
Scratch that part depending on your DNS server - if it uses a single
static
On Thu, Jul 31, 2008 at 1:44 AM, Mark Dueck [EMAIL PROTECTED] wrote:
Throughput will be minimal. From 512Kbps to 2Mbps max. I guess my biggest
concern is stability. I have lab tested the Soekris 4801 with openVPN to
have throughput of up to 3MB/s, so it should be fine for these locations,
On Sat, Sep 13, 2008 at 8:46 AM, Eugen Leitl [EMAIL PROTECTED] wrote:
I can't get an 1.2.1-RC1 full with two NICs (VIA mini ITX) to filter traffic
using http://pfsense.trendchiller.com/transparent_firewall.pdf
No rules either in WAN or LAN, to the bridge must block
everything -- but doesn't.
On Sat, Oct 4, 2008 at 4:58 PM, Eugen Leitl [EMAIL PROTECTED] wrote:
I have a pair of pfsense 1.2.1-RC1 working in a poor man's
failover (a parallel pair of transparent bridges).
Had a problem with DNS lookup blockage, the problem is that
LAN was on a different subnet. Put them on the same
On Sat, Oct 4, 2008 at 5:18 PM, Eugen Leitl [EMAIL PROTECTED] wrote:
On Sat, Oct 04, 2008 at 05:13:27PM -0400, Chris Buechler wrote:
LAN was on a different subnet from what?
LAN was a different subnet from WAN (in transparent bridge
this shouldn't matter, and it doesn't, with the exception
On Sun, Oct 5, 2008 at 5:17 AM, Eugen Leitl [EMAIL PROTECTED] wrote:
I presume this is the same problem as
http://forum.pfsense.org/index.php?topic=11531.msg63655
That person bought a support contract and we helped him resolve that,
his firewall rules weren't setup properly to allow the DNS
On Mon, Dec 1, 2008 at 11:21 PM, Roland Giesler
[EMAIL PROTECTED] wrote:
So I removed all the routes except one, just to test if all else is
ok, but found that on both release 1.2 and 1.2.1-RC2, PHP steadily
increased when I save a change until it hits 100% usage on one CPU.
Then, if I click
info here: http://blog.pfsense.org/?p=334
-
To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com
For additional commands, e-mail: discussion-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
On Fri, Dec 19, 2008 at 10:11 AM, Veiko Kukk veiko.k...@krediidipank.ee wrote:
Hi!
I wonder if there are some good reasons why i'ts not possible to choose CARP
interfaces (virtual IP-s) for load balancer pools?
Because you use only the physical interfaces, the CARP VIPs just go
with the
On Fri, Dec 19, 2008 at 11:09 AM, Paul Mansfield
it-admin-pfse...@taptu.com wrote:
Veiko Kukk wrote:
Hi!
I wonder if there are some good reasons why i'ts not possible to choose
CARP interfaces (virtual IP-s) for load balancer pools?
If not, then why can't I select carpx interfaces for ISP
On Sun, Jan 4, 2009 at 8:36 PM, Jure Pečar pega...@nerv.eu.org wrote:
Hello,
would it be possible to use pfsense on a platform with a single nic, where
wan,lan,opt are all vlans? With managed switch, of course.
Yes.
see http://blog.pfsense.org/?p=351
-
To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com
For additional commands, e-mail: discussion-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
On Thu, Jan 22, 2009 at 3:27 AM, John Dakos [ Enovation Technologies ]
gda...@enovation.gr wrote:
hi Ron and thanks for reply
look , i turn ON the sticky connections and for 30 seconds everything is
working.
but until 30 seconds i have no Internet
Don't use sticky connections. It's
On Sat, Jan 24, 2009 at 5:13 AM, Eugen Leitl eu...@leitl.org wrote:
IIRC one developer (Chris?) mentioned a number of different pfSense
possible flavors,
Yes.
including a NAS appliance.
but no to that part. :)
That's one thing that probably won't ever be added, at least not by
any of our
On Tue, Jan 27, 2009 at 10:15 PM, pfsense sense pfse...@kavadas.org wrote:
i'm not suggesting pfsense be run inside a VM, i am suggesting pfsense
provide VM functionality
Refer back to my earlier post.
-
To unsubscribe,
On Sat, Feb 28, 2009 at 4:02 PM, Tortise tort...@paradise.net.nz wrote:
Hi
In the index.php page CPU usage value I am getting:
Warning: Division by zero in /usr/local/www/includes/functions.inc.php on
line 66 0%
This is with the embedded image on a CF, Pentium 400, 756M RAM.
Run this
On Tue, Mar 3, 2009 at 6:57 PM, Mark Slatem nitro...@gmail.com wrote:
Hi all.
I have about 50 Alix embedded firewalls running at branches. All the
branches connect to a central pfsense at our data centre via an openvpn
tunnel. This solution works absolutely beautifully and allows all the
On Wed, Mar 4, 2009 at 7:30 AM, Mark Slatem nitro...@gmail.com wrote:
Thanks for all advice.
I recall attempting to add a static route to the openvpn server endpoint ip,
but it still did not work for me.
Then you aren't doing something right.
On Thu, Mar 5, 2009 at 10:03 PM, Chris Buechler c...@pfsense.org wrote:
On Wed, Mar 4, 2009 at 7:30 AM, Mark Slatem nitro...@gmail.com wrote:
Chris, Will version 2 support this natively by any chance?
Just need a package for OSPF, which could be added on 1.2.x and 2.0.
That's a project I
On Fri, Apr 3, 2009 at 3:34 PM, David Rees dree...@gmail.com wrote:
On Fri, Apr 3, 2009 at 7:48 AM, Paul Mansfield
it-admin-pfse...@taptu.com wrote:
use vlans, a managed switch, and use 192.168.x.0/24 for each vlan. for
bonus points, use NAC and dynamic vlans to allow only approved devices
On Sat, Apr 4, 2009 at 4:50 PM, Tortise tort...@paradise.net.nz wrote:
Hi
Is anyone else getting this?
It is occurring if you get a either a
1) divide by zero error on the index page for CPU Usage or
2) an indication the CPU is always on 0% use, which it shouldn't be for long!
It seems
On Thu, Apr 9, 2009 at 11:46 PM, RB aoz@gmail.com wrote:
On Thu, Apr 9, 2009 at 21:07, Chris Buechler c...@pfsense.org wrote:
I'm looking for something simple to do nothing but accept SMTP mail
from a defined list of hosts allowed to relay and push it off to
another SMTP server (using
On Fri, Apr 10, 2009 at 1:52 AM, David Rees dree...@gmail.com wrote:
On Thu, Apr 9, 2009 at 8:07 PM, Chris Buechler c...@pfsense.org wrote:
I'm looking for something simple to do nothing but accept SMTP mail
from a defined list of hosts allowed to relay and push it off to
another SMTP server
On Fri, Apr 10, 2009 at 9:00 PM, RI 1 / ipv6.or.id risna...@ipv6.or.id wrote:
Hi,
I just worked with PFSense lately.
Why can't I save any changes made to /tmp/rules.debug file due to web
interface firewall doesn't seem to work ?
It's always after a while back to block default deny rule or
On Sat, Apr 11, 2009 at 11:52 AM, RI 1 / ipv6.or.id risna...@ipv6.or.id wrote:
Hallo Chris,
Yes, changing PF Rules.
GUI doesn't seem to work, i already set allow all for all interface.
It works fine, you're seeing something else like out of state traffic
or asymmetrically routed traffic. If
Info here: http://blog.pfsense.org/?p=428
-
To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com
For additional commands, e-mail: discussion-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
On Mon, Apr 27, 2009 at 5:45 PM, Angus Jordan angus.jor...@gmail.com wrote:
Hi there,
We have a pfSense 1.2.2 box setup in a transparent firewall
configuration (ie. LAN is bridged to WAN). This works just fine, but
the colocation where this box is sitting is broadcasting HSRP (UDP
port 1985)
On Fri, May 8, 2009 at 5:59 PM, Joe Lagreca j...@bignetonline.com wrote:
I'm having a STANGE problem when our traffic shaper is turned on.
Normal. limitation of 1.2.x shaper. treats no differently than
Internet-bound pings.
-
On Fri, May 8, 2009 at 6:21 PM, Joe Lagreca j...@bignetonline.com wrote:
Why only on the download portion of the test and not the upload portion?
If I switch to pfsense 1.0.1 can I avoid these limitations/problems?
No. The shaper in 1.0.x is slightly worse, and 1.0.x is riddled with
problems.
On Fri, May 8, 2009 at 7:04 PM, Joe Lagreca j...@bignetonline.com wrote:
The problem is the high latency is wreaking havoc with our VOIP PBX.
That's irrelevant, ICMP is queued differently from your VoIP traffic.
-
To
On Wed, May 27, 2009 at 8:26 AM, Paul Mansfield
it-admin-pfse...@taptu.com wrote:
http://www.ukuug.org/events/eurobsdcon2009/
anyone going?
I submitted a talk on pfSense, if it gets accepted I'll be there.
We've submitted to 5 BSD conferences over the past 4 years and haven't
been rejected
On Sat, Jul 11, 2009 at 4:14 AM, Zied Fakhfakhzyd...@gnet.tn wrote:
Hi,
I have a dhcp relay on pfsense to a dhcpd at, let's say, 192.168.2.1.
There's a failover dhcpd server at 192.168.2.2 (withou floating IP).
is there anyway pfsense can handle that ?
Manually change the relay. There's
On Thu, Jul 16, 2009 at 3:22 AM, Angus Jordanangus.jor...@gmail.com wrote:
Hi again,
I've attached the logs directly from the /var/log/filter.log. These
show up at exactly the same time the download stops...
What happens if you lower the MTU on the server to 1450?
On Thu, Jul 16, 2009 at 4:01 AM, Angus Jordanangus.jor...@gmail.com wrote:
I had configured the servers behind the pfsense bridge with the
gateway pointing directly at the pfsense firewall. When I modified the
gateway on the servers to use the real upstream gateway, all is
normal.
Ah yeah,
1 - 100 of 129 matches
Mail list logo
