[pfSense-discussion] problems with two laptops
Hello, I have 30 PC and 5 laptops, all my devices have internet without problems, but I have problems only with two laptops, these laptops have internet with a minutes and later it is down, I have an alias where I have all my devices with the same restrictions y only with two laptops I have problems. When I press the button SAVE in the alias then the two laptops begin to have internet for another few minutes. Somebody can help with this problems. Sorry for my English it is not very good. My version Pfsense is 1.2-release
[pfSense-discussion] limit Wan link
Hi! I need to limit the traffic wan link (512 kb), I configure Traffic shaper with qwanroot 380kb but I dont see on the traffic graph that my traffic is limited. Thanks for the help. Carlos J. Sánchez Redes y Telecomunicaciones [EMAIL PROTECTED] www.americancallcenter.com http://www.americancallcenter.com/ http://maps.yahoo.com/py/maps.py?Pyt=Tmapaddr=AV.+Fco+de+Orellana+111+Edif .+WTC+Torre+B+Of.+1402csz=AV.+Fco+de+Orellana+111+Edif.+WTC+Torre+B+Of.+140 2country=us Av. Fco. de Orellana 111 Edif. WTC Torre B Of. 812 Guayaquil, Ecuador Tel. +593 (4) 263-0750 Ext. 5140 Fax. +593 (4) 263-0764 attachment: image001.jpg
[pfSense-discussion] VideoConference problems
Hi! Anybody can help me, I connect from my home without pfsense to videoconference device, but when I try connect at work with pfsense firewall I dont have video and sound Anybody knows why? Carlos J. Sánchez Redes y Telecomunicaciones [EMAIL PROTECTED] www.americancallcenter.com http://www.americancallcenter.com/ http://maps.yahoo.com/py/maps.py?Pyt=Tmapaddr=AV.+Fco+de+Orellana+111+Edif .+WTC+Torre+B+Of.+1402csz=AV.+Fco+de+Orellana+111+Edif.+WTC+Torre+B+Of.+140 2country=us Av. Fco. de Orellana 111 Edif. WTC Torre B Of. 812 Guayaquil, Ecuador Tel. +593 (4) 263-0750 Ext. 5140 Fax. +593 (4) 263-0764 attachment: image002.jpg
RE: [pfSense-discussion] VideoConference problems
Hi! I created the advanced outbound NAT, but my netmeeting machine behind Pfsense dont have video and sound yet. I was reading the forum but said the same below -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Monday, January 08, 2007 12:19 PM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] VideoConference problems Same situation that VOIP folks run into. Create an advanced outbound NAT rule for this particular port, move it to the top and be sure to enable the static pot option for the rule in question. Also search the forum for static port, it's discussed about once a week at least. Scott On 1/8/07, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Hi! Anybody can help me, I connect from my home without pfsense to videoconference device, but when I try connect at work with pfsense firewall I don't have video and sound Anybody knows why? Carlos J. Sánchez Redes y Telecomunicaciones [EMAIL PROTECTED] www.americancallcenter.com Av. Fco. de Orellana 111 Edif. WTC Torre B Of. 812 Guayaquil, Ecuador Tel. +593 (4) 263-0750 Ext. 5140 Fax. +593 (4) 263-0764
RE: [pfSense-discussion] help me
Thanks!!! -Original Message- From: Holger Bauer [mailto:[EMAIL PROTECTED] Sent: Thursday, November 23, 2006 6:25 AM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] help me If things like this happen yes. It usually *should* work but between RC2 and 1.0.1 are several month of developement. It might break under certain circumstances. Holger -Original Message- From: Carlos Julio Sánchez [ACC-SIS] [mailto:[EMAIL PROTECTED] Sent: Thursday, November 23, 2006 11:06 AM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] help me Always when I upgrade from RC2 to 1.0.1 I need to reinstall? -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thursday, November 23, 2006 2:40 AM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] help me You need to reinstall. Scott On 11/23/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Hi! I upgrades pfsense RC2 to Release 1.0.1 and i have an error in the banner that say [filter load] there were error(s) loading the rules: pfctl: DIOCSETSTATUSIF the line in question reads [DIOCSTATUSIF] Anybody knows why? __ NOD32 1879 (20061123) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com
RE: [pfSense-discussion] help me
Always when I upgrade from RC2 to 1.0.1 I need to reinstall? -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thursday, November 23, 2006 2:40 AM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] help me You need to reinstall. Scott On 11/23/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Hi! I upgrades pfsense RC2 to Release 1.0.1 and i have an error in the banner that say [filter load] there were error(s) loading the rules: pfctl: DIOCSETSTATUSIF the line in question reads [DIOCSTATUSIF] Anybody knows why?
[pfSense-discussion] help me
Hi! I upgrades pfsense RC2 to Release 1.0.1 and i have an error in the banner that say [filter load] there were error(s) loading the rules: pfctl: DIOCSETSTATUSIF the line in question reads [DIOCSTATUSIF] Anybody knows why?
RE: [pfSense-discussion] ftp dont connect
Yes, I have problems with my ftp connections going to wan. please inform me when the fix come up Thanks again! -Original Message- From: Holger Bauer [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 06, 2006 10:00 AM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] ftp dont connect That will affect ftp connections going to wan btw. so this is just a workaround for now. We'll have to come up with a proper fix for this. Holger -Original Message- From: Carlos Julio Sánchez [ACC-SIS] [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 06, 2006 4:57 PM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] ftp dont connect Thanks, my problem was corrected -Original Message- From: Holger Bauer [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 06, 2006 9:43 AM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] ftp dont connect That is most probably an ftp helper problem. It needs to be excluded for remote destinations via VPN. We have code in place to prevent this from happening on IPSEC tunnels. Guess we have to do something similiar for OpenVPN-Tunnel. Try to disable the ftp-helper at the LAN interfaces at both ends. does that solve the issue? Setting is at interfacesLAN in the webgui. Holger -Original Message- From: Carlos Julio Sánchez [ACC-SIS] [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 06, 2006 4:23 PM To: discussion@pfsense.com Subject: [pfSense-discussion] ftp dont connect Hi! I have a tunnel with openvpn side1===GW1=Internet =GW2===side2 when I do ftp ip_side1 from side2, the ip of side2 is changed with the ip of the GW2 and the ftp don't connect because the side1 responds to the GW2 and not to the side2 Anybody Knows why? __ NOD32 1.1741 (20060906) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com __ NOD32 1.1741 (20060906) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com
[pfSense-discussion] VPN with ipsec
Hello! When i try to connect a vpn with a Checkpoint i have this error: racoon: ERROR: not acceptable Identity Protection mode Anybody knows what means this error Carlos J.
RE: [pfSense-discussion] source-hash and sticky-address in pf pools
Thanks, I might hit you up for that script when I get to it. I have a DSL/Cable modem setup(2 WAN) 1 DMZ and 1 LAN. I am getting ready to setup. I haven't worked with this before, and the routing tables are a bit confusing the first time through. I think I have the basics though. Please share the script. It may be something we can turn into a package depending on how it looks and works, etc. Yes, share the Script
[pfSense-discussion] vpn with ipsec
Saludos! I have a configuration in ipsec where i have a computer A and red lan 1 with pfsense and a server B with centos, in the pfsense I configure a mobile client and the pre-shared keys but not a tunnel. When I try to do ping from my server B I have this error in the pfsense racoon: INFO: respond new phase 2 negotiation: ip computer A[0]=ip server B[0] racoon: INFO: no policy found, try to generate the policy : ip server B/32[0] red lan A/24[0] proto=any dir=in racoon: ERROR: not matched racoon: ERROR: no suitable policy found. racoon: ERROR: failed to pre-process packet. Do I need configure a tunnel? Carlos J. Sánchez Redes y Telecomunicaciones [EMAIL PROTECTED] www.americancallcenter.com Av. Fco. de Orellana 111 Edif. WTC Torre B Of. 812 Guayaquil, Ecuador Tel. +593 (4) 263-0750 Ext. 5140 Fax. +593 (4) 263-0764
[pfSense-discussion] Problem with ipsec
Hello! anybody can help me please? I have an error when I set up vpn with ipsec, my computer A have pfsense and my computer B have Centos(Linux) In the ipsec logs I have: racoon: ERROR: failed to get sainfo. racoon: ERROR: failed to get sainfo. racoon: ERROR: failed to pre-process packet. racoon: INFO: purging ISAKMP-SA spi=00bc15f02e56a4a5:69e1cebf2efd8757. racoon: INFO: purged ISAKMP-SA spi=00bc15f02e56a4a5:69e1cebf2efd8757. racoon: INFO: ISAKMP-SA deleted xxx.xxx.xxx.xxx [500]- xxx.xxx.xxx.xxx [500] spi:00bc15f02e56a4a5:69e1cebf2efd8757 in the logs of computer B I have: Aug 9 16:15:08 actibts1 racoon: NOTIFY: couldn't find the proper pskey, try to get one by the peer's address. Aug 9 16:15:08 actibts1 racoon: INFO: ISAKMP-SA established xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] spi:00bc15f02e56a4a5:69e1cebf2efd8757 Aug 9 16:15:09 actibts1 racoon: INFO: initiate new phase 2 negotiation: xxx.xxx.xxx.xxx [0]= xxx.xxx.xxx.xxx [0] Aug 9 16:15:39 actibts1 racoon: INFO: IPsec-SA expired: AH/Transport xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx spi=35812955(0x222765b) Aug 9 16:15:39 actibts1 racoon: WARNING: the expire message is received but the handler has not been established. Aug 9 16:15:39 actibts1 racoon: ERROR: xxx.xxx.xxx.xxx give up to get IPsec-SA due to time up to wait.
RE: [pfSense-discussion] Problem with ipsec
If i dont have remote subnet but in the pfsense i must to write something in the textbox REMOTE SUBNET in the configuration of ipsec vpn. What I have to write in? -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 09, 2006 4:31 PM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Problem with ipsec On 8/9/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Hello! anybody can help me please? I have an error when I set up vpn with ipsec, my computer A have pfsense and my computer B have Centos(Linux) In the ipsec logs I have: racoon: ERROR: failed to get sainfo. racoon: ERROR: failed to get sainfo. racoon: ERROR: failed to pre-process packet. racoon: INFO: purging ISAKMP-SA spi=00bc15f02e56a4a5:69e1cebf2efd8757. racoon: INFO: purged ISAKMP-SA spi=00bc15f02e56a4a5:69e1cebf2efd8757. racoon: INFO: ISAKMP-SA deleted xxx.xxx.xxx.xxx [500]- xxx.xxx.xxx.xxx [500] spi:00bc15f02e56a4a5:69e1cebf2efd8757 in the logs of computer B I have: Aug 9 16:15:08 actibts1 racoon: NOTIFY: couldn't find the proper pskey, try to get one by the peer's address. Aug 9 16:15:08 actibts1 racoon: INFO: ISAKMP-SA established xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] spi:00bc15f02e56a4a5:69e1cebf2efd8757 Aug 9 16:15:09 actibts1 racoon: INFO: initiate new phase 2 negotiation: xxx.xxx.xxx.xxx [0]= xxx.xxx.xxx.xxx [0] Aug 9 16:15:39 actibts1 racoon: INFO: IPsec-SA expired: AH/Transport xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx spi=35812955(0x222765b) Aug 9 16:15:39 actibts1 racoon: WARNING: the expire message is received but the handler has not been established. Aug 9 16:15:39 actibts1 racoon: ERROR: xxx.xxx.xxx.xxx give up to get IPsec-SA due to time up to wait. Double check your phase 2 settings on both hosts. There is a mismatch somewhere. Scott
RE: [pfSense-discussion] Problem with ipsec
I configure a mobile client and set the pre-shared-key with the identifier. I need configure a tunnel ipsec too? -Original Message- From: Holger Bauer [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 09, 2006 4:51 PM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] Problem with ipsec It's the remote LAN that you want to reach through the tunnel at the other end. HOlger -Original Message- From: Carlos Julio Sánchez [ACC-SIS] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 09, 2006 11:57 PM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] Problem with ipsec If i dont have remote subnet but in the pfsense i must to write something in the textbox REMOTE SUBNET in the configuration of ipsec vpn. What I have to write in? -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 09, 2006 4:31 PM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Problem with ipsec On 8/9/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Hello! anybody can help me please? I have an error when I set up vpn with ipsec, my computer A have pfsense and my computer B have Centos(Linux) In the ipsec logs I have: racoon: ERROR: failed to get sainfo. racoon: ERROR: failed to get sainfo. racoon: ERROR: failed to pre-process packet. racoon: INFO: purging ISAKMP-SA spi=00bc15f02e56a4a5:69e1cebf2efd8757. racoon: INFO: purged ISAKMP-SA spi=00bc15f02e56a4a5:69e1cebf2efd8757. racoon: INFO: ISAKMP-SA deleted xxx.xxx.xxx.xxx [500]- xxx.xxx.xxx.xxx [500] spi:00bc15f02e56a4a5:69e1cebf2efd8757 in the logs of computer B I have: Aug 9 16:15:08 actibts1 racoon: NOTIFY: couldn't find the proper pskey, try to get one by the peer's address. Aug 9 16:15:08 actibts1 racoon: INFO: ISAKMP-SA established xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] spi:00bc15f02e56a4a5:69e1cebf2efd8757 Aug 9 16:15:09 actibts1 racoon: INFO: initiate new phase 2 negotiation: xxx.xxx.xxx.xxx [0]= xxx.xxx.xxx.xxx [0] Aug 9 16:15:39 actibts1 racoon: INFO: IPsec-SA expired: AH/Transport xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx spi=35812955(0x222765b) Aug 9 16:15:39 actibts1 racoon: WARNING: the expire message is received but the handler has not been established. Aug 9 16:15:39 actibts1 racoon: ERROR: xxx.xxx.xxx.xxx give up to get IPsec-SA due to time up to wait. Double check your phase 2 settings on both hosts. There is a mismatch somewhere. Scott __ NOD32 1.1699 (20060809) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com
[pfSense-discussion] Multiwan and openvpn problems
Hello! Anybody can help me! When I set up the load balancer my openvpn crash down. Why???
RE: [pfSense-discussion] Multiwan and openvpn problems
Thanks, but my destination subnet behind the openvpn is not balanced it have default, i create and activate a interface opt2(that is my tun0), I put a rule that permit all, when I probe my tunnel and thats ok, but when a reset the machine my comunication with the subnet behind the tunnel is lost. AnyBody knows why? -Original Message- From: Holger Bauer [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 18, 2006 9:45 AM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] Multiwan and openvpn problems You need a rule at LAN to exclude destinationsubnets behind the openvpn tunnel to not be balanced. Create a rule that uses the default gateway for this. Holger -Original Message- From: Carlos Julio Sánchez [ACC-SIS] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 18, 2006 4:28 PM To: discussion@pfsense.com Subject: [pfSense-discussion] Multiwan and openvpn problems Hello! Anybody can help me! When I set up the load balancer my openvpn crash down. Why??? Virus checked by G DATA AntiVirusKit __ NOD32 1.1664 (20060717) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com
RE: [pfSense-discussion] Multiwan and openvpn problems
How to upgrade to a snapshot? -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 18, 2006 10:53 AM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Multiwan and openvpn problems On 7/18/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Thanks, but my destination subnet behind the openvpn is not balanced it have default, i create and activate a interface opt2(that is my tun0), I put a rule that permit all, when I probe my tunnel and that's ok, but when a reset the machine my comunication with the subnet behind the tunnel is lost. AnyBody knows why? This was fixed recently. Upgrade to a snapshot. http://www.pfsense.com/~sullrich/RELENG_1_SNAPSHOT-07-12-2006/
RE: [pfSense-discussion] Multiwan and openvpn problems
What file I have to download (pfsense.img.gz, pfsense.iso.gz, pfsense-full-update)? -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 18, 2006 10:53 AM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Multiwan and openvpn problems On 7/18/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Thanks, but my destination subnet behind the openvpn is not balanced it have default, i create and activate a interface opt2(that is my tun0), I put a rule that permit all, when I probe my tunnel and that's ok, but when a reset the machine my comunication with the subnet behind the tunnel is lost. AnyBody knows why? This was fixed recently. Upgrade to a snapshot. http://www.pfsense.com/~sullrich/RELENG_1_SNAPSHOT-07-12-2006/
RE: [pfSense-discussion] Multiwan and openvpn problems
Hi Scott! I probe the snapshot and I am still having the same problem, please anybody can help me with this error -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 18, 2006 10:53 AM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Multiwan and openvpn problems On 7/18/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Thanks, but my destination subnet behind the openvpn is not balanced it have default, i create and activate a interface opt2(that is my tun0), I put a rule that permit all, when I probe my tunnel and that's ok, but when a reset the machine my comunication with the subnet behind the tunnel is lost. AnyBody knows why? This was fixed recently. Upgrade to a snapshot. http://www.pfsense.com/~sullrich/RELENG_1_SNAPSHOT-07-12-2006/
RE: [pfSense-discussion] Multiwan and openvpn problems
I don´t understand your question, i am from Ecuador and my english is not very technical -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 18, 2006 12:25 PM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Multiwan and openvpn problems What does your build time say? On 7/18/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Hi Scott! I probe the snapshot and I am still having the same problem, please anybody can help me with this error -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 18, 2006 10:53 AM To: discussion@pfsense.com Subject: Re: [pfSense-discussion] Multiwan and openvpn problems On 7/18/06, Carlos Julio Sánchez [ACC-SIS] [EMAIL PROTECTED] wrote: Thanks, but my destination subnet behind the openvpn is not balanced it have default, i create and activate a interface opt2(that is my tun0), I put a rule that permit all, when I probe my tunnel and that's ok, but when a reset the machine my comunication with the subnet behind the tunnel is lost. AnyBody knows why? This was fixed recently. Upgrade to a snapshot. http://www.pfsense.com/~sullrich/RELENG_1_SNAPSHOT-07-12-2006/