Re: [pfSense] bulk update of multiple aliases & rules

Or export config, copy/paste the rules in an editor and import again. On Jun 29, 2017 5:42 PM, "Steve Yates" wrote: > On the off chance they're coming from another pfSense, perhaps export the > configs and copy/paste. > > -- > > Steve Yates > ITS, Inc. > > -Original

Re: [pfSense] Multiple DMZs isolated from each other

The rule(s) that allow internet access are the "Allow to Any" rule(s). This could be accomplished as one rule on a floating or interface group ruleset. (Allow any from any to any). The trick is to block the things that you don't want the DMZ to have access to first. I also use an alias to keep

Re: [pfSense] Multiple DMZs isolated from each other

I've got exactly this situation. My "tech bench" has 26 ports that are all completely isolated from each other, with a very strict outbound ruleset. This is to prevent an infected machine from infecting others on the bench. To simplify the rules for the interfaces, I added all of the DMZ

Re: [pfSense] Access Point Recommendations?

Ubiquiti Unifi. I switched to them from Engenuis for several clients. Price point is similar to Engenuis and they use a software based controller (you need to have that installed on some PC in the enviromment.) Signal quality is good. On Jul 17, 2015 9:45 AM, Chuck Mariotti cmario...@xunity.com

Re: [pfSense] from LAN to OPT1, pfsense forces all http connections to https

Bob, Are you running squid? I've seen this happen before when trying to set up a transparent proxy. On Apr 18, 2015 6:42 PM, Bob McClure Jr b...@bobcatos.com wrote: On Fri, Apr 17, 2015 at 10:55:42PM -0500, Bob McClure Jr wrote: I am a pfsense newbie. After my homebrew firewall crashed, a

Re: [pfSense] How do I stop noise to logs

If you're interested in just silencing the noice from that particular device, create a block (or reject) rule that matches the source IP with logging disabled on that rule. I often do this on my WAN interfaces to keep NetBIOS noise from filling up my logs. On Feb 23, 2015 4:35 PM, Chris Buechler

Re: [pfSense] Multi-WAN port forwarding

I am running 3CX with PFSense in several installations. Are you using Advanved Outbound NAT with static mappings to your PBX? I usually need to do this for SIP (UDP:5060) stun (UDP:5090) and RTP (UDP:9000-9050) in order to make the 3CX firewall checker happy. On Feb 13, 2015 4:02 PM, Tiernan

[pfSense] Nagios plugin to check the status of IPSec tunnels

# # Adapted from check_racoon by Daniel van den Oord by Jim Spaloss # Modified to target PFSense 2.1x and higher # Last Modified 5/31/2014 #PATH= ECHO=/bin/echo GREP=/bin/egrep DIFF=/usr/bin/diff TAIL=/usr/bin/tail CAT=/bin/cat RM=/bin/rm CHMOD=/bin/chmod TOUCH=/bin/touch PROGNAME=`/usr/bin

[pfSense] Can't access some secure sites, and GWGroup/IPSec Issues

Hello all, I have a strange problem. Over the weekend, I replaced an older M0n0wall installation that has been faithfully serving me for several years with a PFSense installation on a Soekris net6501. I had installed 2.1 on the flash, and imported the config from the M0n0wall box (which worked

[pfSense] Fwd: Can't access some secure sites, and GWGroup/IPSec Issues

OK, so I found the solution, or at least a workaround to my bigger issue. It seems that the issues disappear when I check the Clear invalid DF bits instead of dropping the packets checkbox under System: Advanced: Firewall and NAT. This gave me reason to scour through my old m0n0wall config, and

Re: [pfSense] IPSec problem with mobile IOS and Android

Carlos, You may want to try enabling the DMZ option (if it's available) on the ISP's router and directing all traffic to the wan address of the PFSense box. I've run into the same issue with Comcast business class routers. They're very light on features and I've seen some firmware versions that

Re: [pfSense] Full Backup/Restore for pfSense

But they are included. Look under Diagnostics - Backup/Restore. This feature has been there since M0n0wall, although it's functionality has been enhanced in pfSense. On May 4, 2013 5:32 AM, Odhiambo Washington odhia...@gmail.com wrote: Again, at the risk of being so uninformed, I'd like to ask

Re: [pfSense] Soekris Net6501-50 2GB mSATA SSD Boot Issues

li...@pingle.org wrote: On 11/1/2011 6:23 PM, Jim Spaloss wrote: I was finally able to get the mSATA SSDs to work. I had to put them in a regular PC using an mSATA to SATTA adapter and installed PFSense directly from the CD. I removed the swap partition during setup, and chose

Re: [pfSense] Soekris 5501 + SATA drive issues

On Wed, Dec 21, 2011 at 5:49 PM, Erik Anderson erike...@gmail.com wrote: I'm at a loss here - My shiny new 5501 arrived today, along with the SATA mounting kit and a small SSD drive. Knowing that the 5501 doesn't support USB boot, I connected the SSD to another system, and installed 2.0.1 to