Re: [pfSense] USB3 to ethernet adaptor

Op 2-5-2016 om 15:57 schreef WebDawg: > On May 2, 2016 1:56 AM, "Frans Meulenbroeks" > wrote: >> >> Hi, >> >> Has anyone experience using USB3 to ethernet adapters ? I need an extra >> interface but my HW (Intel NUC) does not have room for another card). >> Anything

Re: [pfSense] IPV6 WAN/LAN routing

Op 20-4-2016 om 18:38 schreef Olivier Mascia: > Dear all, > > I must be tired or something but I have a strange thing with IPv6 on a new > box I just setup. > > Have a x:y:z:d800::/56 routed to me. > WAN is static IPv6 on x:y:z:d800::1/64, gateway is > x:y:z:d800::::: (not a

Re: [pfSense] 2.2.6 and IPv6 RA

Op 22-1-2016 om 8:53 schreef Antonio Prado: > Hi, > > on a fresh installed box, IPv4 configured on 2 NICs (WAN and LAN), IPv6 > not configured, pfSense starts advertising itself as IPv6 gateway on LAN > using its link-local address (fe80::/64). > > That's not the correct behavior I guess. > >

Re: [pfSense] 2.2.6 and IPv6 RA

Op 22-1-2016 om 12:15 schreef Antonio Prado: > On 1/22/16 11:02 AM, Seth Mos wrote: >>> on a fresh installed box, IPv4 configured on 2 NICs (WAN and LAN), IPv6 >>> not configured, pfSense starts advertising itself as IPv6 gateway on LAN >>> using its link-local addre

Re: [pfSense] Slow speed on 100Base TX full duplex.

Op 11-1-2016 om 14:46 schreef Muhammad Yousuf Khan: > em0@pci0:4:0:0: class=0x02 card=0x15d9 chip=0x10968086 rev=0x01 > hdr=0x00 > class = network > subclass = ethernet > em1@pci0:4:0:1: class=0x02 card=0x15d9 chip=0x10968086 rev=0x01 > hdr=0x00 > class =

[pfSense] pfSense 2.1.5 crashing

Hi, Just a heads up, this week we have had multiple 2.1.5 firewall on different hardware in different locations crashing hard and rebooting. These firewalls have been running for over a year before they rebooted, with no rule changes lately. Anybody else seeing these hard crashes with respect

[pfSense] Large amount of tunnels failing on 2.2.4 upgraded from 2.1.5

a shame that we missed 2600 calls just this morning because the network broke. Kind regards, Seth Mos ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Connect pfSense as client to a Hotel WLAN?

Chris Buechler schreef op 30-7-2015 om 8:55: On Wed, Jul 29, 2015 at 7:59 PM, Ray r...@renegade.zapto.org wrote: Hi, I run pfSense on a few ALIX boxes, usually as tunnel end and as access point. When I can plug one of these machines into any (wired) network, I have easy access to my home

Re: [pfSense] Access Point Recommendations?

Karl Fife schreef op 23-7-2015 om 17:46: Your point about having a one-off solution is a great one. Installing a single UniFi AP would be unnecessarily complex. In a pinch I use the Linksys E2500 or EA2700 dual band wireless access points. Set a static IP, disable the DCHP server and connect

Re: [pfSense] Pfsense + Cloudflare

Roy Sandbergen - Webguru schreef op 30-4-2015 om 16:02: Hi All, Does anyone have his site behind pfsense and cloudflare? I have the problem that my pfsense only see the ipadresses of the cloudflare servers not the original ip of the client. Does anyone have a solution for that problem?

Re: [pfSense] 2.2-RELEASE now available!

on it eventually hung the network after half an hour or so. Due diligence. Regards, Seth Seth Mos schreef op 26-1-2015 om 11:12: Chris Buechler schreef op 24-1-2015 om 3:24: Details on the blog: https://blog.pfsense.org/?p=1546 2 Upgrades done so far, one had a different Architecture

Re: [pfSense] 2.2-RELEASE now available!

Chris Buechler schreef op 24-1-2015 om 3:24: Details on the blog: https://blog.pfsense.org/?p=1546 2 Upgrades done so far, one had a different Architecture autoupdate URL, that one updated from AMD64 to i386, please don't do that. Also, I have issues with the Intel X540-2 10G card now, it's

Re: [pfSense] Road Warrior open vpn

A Mohan Rao schreef op 22-1-2015 om 10:18: someone more .. Are you sure that the devices on the LAN are using the same gateway as the pfSense machine, could be assymetric routing. Regards, Seth ___ pfSense mailing list

Re: [pfSense] Road Warrior open vpn

A Mohan Rao schreef op 21-1-2015 om 11:30: Hello, successfully configured Road Warrior OpenVpn also vpn client is connected from remote area but not able to access server end LAN or server's. Add firewall allow rules on the OpenVPN Server interface Thanks Mohan

Re: [pfSense] 4 Byte ASN

Adam Thompson schreef op 8-1-2015 om 17:24: On 15-01-08 10:02 AM, Seth Mos wrote: To clarify this a bit better. You speak BGP to your ISP from each pfSense node and generally use CARP as the router address on the internal side. You still need to exchange routes between both pfSense nodes

Re: [pfSense] 4 Byte ASN

Bryant Zimmerman schreef op 8-1-2015 om 17:22: *From*: Seth Mos seth@dds.nl *Sent*: Thursday, January 8, 2015 11:02 AM *To*: list@lists.pfsense.org *Subject*: Re: [pfSense] 4 Byte ASN Jim Thompson schreef op 8-1

Re: [pfSense] 4 Byte ASN

Bryant Zimmerman schreef op 8-1-2015 om 15:28: We are working on getting our own ASN with ARIN so we can get our own blocks of address. We are doing this because we are using multiple ISP's and want to announce our own addresses, For better fail over. It's so much nicer then multi-wan, I

Re: [pfSense] 4 Byte ASN

Jim Thompson schreef op 8-1-2015 om 16:52: On Jan 8, 2015, at 9:23 AM, Seth Mos seth@dds.nl wrote: You do not want to use CARP with with BGP in any situation. Each node needs it's own session with the remote BGP peer. You need to use iBGP between the nodes instead. We run a pair

Re: [pfSense] APU and SSD: full install or NanoBSD

Jim Thompson schreef op 30-10-2014 16:33: On Oct 30, 2014, at 9:28 AM, Jeppe Øland jol...@gmail.com mailto:jol...@gmail.com wrote: 3 year old Kingston SSDs are not like new Kingston SSDs. Agreed. On the other hand, I tend to distrust manufacturers that shipped completely unreliable

Re: [pfSense] LAN: IPv6 static configuration

Erik Anderson schreef op 10-10-2014 3:51: Any thoughts on this? Unfortunately, all of the examples and documentation I can find on IPv6 configures with pfSense are geared towards consumer-class circuits using DHCP-PD, and I've not found anything about proper static configuration. Well,

Re: [pfSense] v2.1.5: OpenVPN + IPv6. Any success?

Erik Anderson schreef op 16-9-2014 6:32: I recently got IPv6 turned up on my Comcast cable circuit. They're delegating a /60 to my router. I have successfully configured interface tracking on the LAN interface and that is working great. Next, I'd like to get the OpenVPN server configured to

[pfSense] Upgrade from 2.1 to 2.1.3 RA misses subnet

Hi, Maybe it was just my install, but when I upgraded from 2.1 to 2.1.3 the RADVD settings changed. I did not explicitly setup a subnet to announce for radvd, it previously just picked up the interface subnet. I was wondering where my IPv6 went off to. Kind regards, Seth

[pfSense] Problems with gateways on IPv6 Tunnels?

Hi, I just upgraded to 2.1.3 at home and tried to switch my IPv6 default gateway around. Unfortunately, when I try to set my HE.net tunnel gateway as the default it throws an error that the gateway address is not in the interface subnet. I’ve set the prefix length in both the GIF interface

Re: [pfSense] ICMPv6 filtering recommendations with pfSense?

On 21-5-2014 9:11, Olivier Mascia wrote: Le 14 mai 2014 à 03:37, Chris Buechler c...@pfsense.com mailto:c...@pfsense.com a écrit : IMO, I agree that it's best to let ICMP flow free on IPv6. ICMP has had a bad reputation for a long time, and it's mostly undeserved in

Re: [pfSense] vzw uml290

On 18-4-2014 0:49, Ryan Coleman wrote: I’ve found many devices do not honor this. +1 There is a AT command to reset the device, but this has the unfortunate side effect that it can cause FreeBSD to kernel panic. I noticed this when I was working on the 3G support. Regards, Seth On Apr

Re: [pfSense] pfSense 2.1.2 is released

On 15-4-2014 7:41, Chris Buechler wrote: On Sun, Apr 13, 2014 at 7:33 AM, Doug Lytle supp...@drdos.info wrote: Jim Thompson wrote: pfSense release 2.1.2 is now available. pfSense release 2.1.2 follows less than a week after pfSense release 2.1.1, and is primarily a security release.

Re: [pfSense] Remote office redundancy

On 9-4-2014 16:50, Vick Khera wrote: I just dug up this old thread to implement IPsec and OpenVPN failover coming to my main office from a remote location. The main office already has a gateway group for the two different ISPs, so my first step is to set up a dynamic DNS for it. This is

Re: [pfSense] IPSEC bug in 2.1

On 12-12-2013 10:48, Jon Gerdes wrote: There exists an IPSEC bug in pfSense 2.1 When the router's modem is restarted, the IPSEC tunnel fails to come back up. The problem exists if you have IPsec tunnels with the hostname, the reload process fails to reload the firewall filters so IPsec never

Re: [pfSense] naive suggestion: conform to US laws

On 11-10-2013 11:57, Adrian Zaugg wrote: Dear all After having read the whole NSA thread on this list, it came up to my mind that pfsense web GUI could declare itself conform to US laws upon the point when there are known backdoors included or otherwise the code was compromised on pressure

Re: [pfSense] naive suggestion: conform to US laws

On 11-10-2013 11:57, Adrian Zaugg wrote: Dear all After having read the whole NSA thread on this list, it came up to my mind that pfsense web GUI could declare itself conform to US laws upon the point when there are known backdoors included or otherwise the code was compromised on pressure

Re: [pfSense] RRD traffic lost after 2.0.3 - 2.1

On 7-10-2013 21:23, petes-li...@thegoldenear.org wrote: What you can try is dumping the old 2.0 config with RRD data, and then restore that after upgrade. Try that. It should also retrigger a config upgrade at that point and upgrade the databases. Thanks for your suggestion. I tried

Re: [pfSense] RRD traffic lost after 2.0.3 - 2.1

On 1-10-2013 9:47, petes-li...@thegoldenear.org wrote: Hi. After upgrading 2.0.3 to 2.1.0 on an x86 full install, RRD Graphs - Traffic says There has been an error creating the graphs. Please check your systemlogs for further details. This is from the log: php: rc.bootup: The command

Re: [pfSense] RRD traffic lost after 2.0.3 - 2.1

On 1-10-2013 11:45, petes-li...@thegoldenear.org wrote: Additionally, I'm now seeing this in the log: php: /status_rrd_graph_img.php: Failed to create graph with error code 1, the error is: ERROR: No DS called 'inpass6' in '/var/db/rrd/wan-traffic.rrd'/usr/bin/nice -n20

Re: [pfSense] IPv6 - Subnetting/Routing with HE?

On 27-9-2013 18:13, Adam Thompson wrote: I firmly agree with previous posts that outline why this allocation policy is suboptimal. However, I do *not* want to be renumbering my IPv6 hosts down the road simply because I wanted to be the most efficient guy on the block. Nor do I want to be

Re: [pfSense] IPv6 - Subnetting/Routing with HE?

On 30-9-2013 10:53, Chris Bagnall wrote: On 30/9/13 7:56 am, Seth Mos wrote: I finally bit the bullet and signed up for PI space with a ASN and hopefully that's that. Worth mentioning here that no more IPv4 PI ranges will be allocated - at least not within RIPE jurisdiction (conservation

Re: [pfSense] 2.1 on WRAP

On 20-9-2013 9:45, Odette Nsaka wrote: First of all, thanks to the developers for the new fantastic 2.1 release. I've been using Alix by PC Engines (WRAP's successor) succesfully for a lot of time. I was just wandering about PC Engines not releasing new versions of Alix. And it seems

Re: [pfSense] Optimal Setup

On 19-9-2013 11:52, Joseph W. Joshua wrote: Hello all, Currently, my internet comes in through a linksys router, in which I have set up the above rules. However, we would like to introduce a proxy server, and also internet use monitoring and banning of excessive users. Squid with ldap or

Re: [pfSense] 2.1 on WRAP

On 19-9-2013 15:22, Ugo Bellavance wrote: Hi, My old PC Engines WRAP is still surviving, and I'd like to install 2.1 on it. Are these instructions still valid for 2.1? https://doc.pfsense.org/index.php/NanoBSD_on_WRAP Anyone built a WRAP-compatible image for 2.1? There is a nasty RRD

Re: [pfSense] captive portal with sms for registration

On 18-9-2013 10:54, budi wibowo wrote: Hi have situation like this: - user register via web portal and password sent via sms any module in pfsense for this? as i used before the captive portal not have registration page Not impossible to do if there is a 3G dongle connected to pfSense. You

Re: [pfSense] pfSense and Cable Modem Throughput

On 12-9-2013 19:16, Bas van Dieren wrote: Greetings, Most cable providers rate limit only when there are too many states at high speeds. It clould be a combination of the two. I know at least 2 cable providers who rate limit (drop packets) when you have over 5k of sessions at 1Gbit speed

Re: [pfSense] pfSense and Cable Modem Throughput

On 12-9-2013 17:28, Adam Piasecki wrote: First I'm almost certain this is a cable modem/provider problem. We have a 20mb ethernet circuit that works fine with the same pfSense. We upgraded to a 100/10mb cable modem, when we put this on the WAN of the pfsense, we are getting major packet loss

Re: [pfSense] insert a pfsense box to handle high network load (botnet attack)

On 6-9-2013 2:56, Roberto Nunnari wrote: Hi all. I have a problem with my home internet connection. Aha! My vdsl router gets on the wan interface about 40-50 requests per second on port 80 and when I configure it so that it forwards that traffic to my web server, the router can't bear the

Re: [pfSense] A unique problem requires a unique solution. PFsense behind shorewall

On 5-9-2013 13:09, Asim Ahmed Khan wrote: Hi, Let me first briefly explain my setup. I have redundant internet link from two ISPs. Before pfsense, I was using two gateway boxes. One for each internet link. Each box is CentOs, with Shorewall + Squid. I have certain rules imposed on each box.

Re: [pfSense] Dibbler-client PD under PfSense

On 29-5-2013 10:13, Slawomir Kosowski wrote: Thanks for your reply. Following the advice, we've configured WAN in SLAAC, and then tried to do track interface on LAN, but there was no interface in roll-down menu. Not sure why (probably done something wrong - what ?). Isn't it caused by

Re: [pfSense] pfSense as a datacentre router (was: dual ISP BGP)

On 29-5-2013 11:05, Chris Bagnall wrote: On 29/5/13 9:39 am, Eugen Leitl wrote: Which hardware are you using? If you're pushing 5 GBit/s you might be running into hardware limitations. There was a thread about it on nanog a week or two ago. I'm quite impressed Mikrotik hardware is able to

Re: [pfSense] Remote office redundancy

On 23-5-2013 17:17, Peter Milazzo wrote: Hi All, I have a remote office running version 2.0.3 with a T1 that has been stable for years and recently added a Cable connection on a second WAN port for faster web browsing etc... both connections are setup for failover. There is also an IPsec

Re: [pfSense] Need advise or best practice for pfsense NAT

On 22-5-2013 6:27, Makara wrote: Hi List, We are using pfsense for NAT purpose, around 1000 customers concurrent and the bandwidth is around 500MBPS. We have problem the pfsense is stuck around 1 or 2 week always. HW: Dell Optiplex 7010 OS: Pfsense 2.0-RC3(We downgrade the latest

Re: [pfSense] SOHO Router for VPN to pfSense

On 29-4-2013 16:01, j...@millican.us wrote: On 4/29/2013 9:35 AM, j...@millican.us wrote: Hello, Thank You, JohnM Forgot to add that I have been looking at the Buffalo WZR-300HP. Any opinions? We almost exclusively use Draytek Vigor routers with IPsec tunnels and pfSense. We use Dell

Re: [pfSense] Shell Logout time

On 26-4-2013 10:48, Odhiambo Washington wrote: I am using ShellGuard as the ssh client. My ssh sessions don't time out with other hosts except my pfSense box. My pfSense box is connected to the same switch as my workstation PC so I am lost as to what causes these timeouts. BTW, I think it's

Re: [pfSense] Dandy pfSense appliance

On 24-4-2013 20:18, Chris Bagnall wrote: On 24/4/13 7:05 pm, Mathieu Simon wrote: Depends what you think about high specs many 1 GE ports or even 10 GE, lots of cores etc? FWIW, we've been using the ALIX boards for several years, and despite their apparently low spec, they'll happily route

Re: [pfSense] Dandy pfSense appliance

On 25-4-2013 10:30, Odhiambo Washington wrote: What I meant with high specs is to do with CPU, Disk Storage and RAM. Why? For instance in the particular case I went to address, there was a DDoS issue. Some app installed on one of the computers on that LAN was sending millions of HTTP GET

Re: [pfSense] Dandy pfSense appliance

On 25-4-2013 10:42, Odhiambo Washington wrote: Hi Seth, Any pointers to these Intel Atom boards with dual NICs?? Gigabit or otherwise, I think I am looking for something like that. I see the Lexcom Brik with 4x lan. Or a Lanner LEC2055 http://www.lannerinc.com/DM/LEC-2055_DM.pdf We use a

Re: [pfSense] Dandy pfSense appliance

On 25-4-2013 11:39, Odhiambo Washington wrote: Hi Seth, Did you install pfSense (or other OS) in these? I am looking for how to connect the Display:) pfSense 2.1 with serial console. On 25 April 2013 11:53, Seth Mos seth@dds.nl wrote: On 25-4-2013 10:42, Odhiambo Washington wrote

Re: [pfSense] help

On 24-4-2013 18:24, Chris Bagnall wrote: Some ISPs that are particularly stingy with IPs and bad at routing have been doing this. I might be missing something, but it does seem like a pretty awful, and at best very temporary 'solution' to IPv4 shortage. I must admit if I were the OP, I'd

Re: [pfSense] native IPv6 static

On 2-4-2013 23:58, Fuchs, Martin wrote: have an installation in suisse with native IPv6 with a /48 net. It's needed to configure it with static IPv6 on the WAN interface, i too can ping the externam WAN IPv6 address. The ISP should have set up a static route for the delegated /48 to the

Re: [pfSense] pfsense reload config.xml problems

On 27-3-2013 2:43, Simon tiong wrote: Dear All, I am Simon from Malaysia. I faced a error, which I manually edit the config.xml, and my concern is without any reboot firewall needed. Basically I changed, the IP address for my LAN Interface from 10.2.28.1 to 10.10.10.1. I have committed

Re: [pfSense] HA and bgp

On 20-3-2013 0:29, Zach Underwood wrote: I am setting up a pair of pfsense servers in front of a web hosting setup. I have two firewalls, two network switches(layer 3 stacked), and two isp links using BGP. I plan on using OSPF on the network switches to pass the routeing tables to pfsense. The

Re: [pfSense] Blocking Websites

On 1-3-2013 22:44, Kevin Hayes wrote: Hello, I am trying something that I thought would be fairly simple but is turning out to be more confusing than I had hoped. We have several computers that are considered critical and I would like to block the internet except for a short

Re: [pfSense] firewall rules: destination host or network

Op 18-9-2012 8:23, Vieri schreef: Hi, I'm having trouble understanding a very simple concept. Suppose I have several interfaces, eg. lan, wan, dmz, corp2. Most public IP addresses are in 'wan' but some may be accessible through 'corp2'. Let's say I would like to add a firewall rule for a

Re: [pfSense] pfSense 2.0.1-RELEASE, Restoring partial config.xml does not work

Good news. Support for just that and a few other items have been included in pfSense 2.1 Regards, Seth Stefan Baur newsgroups.ma...@stefanbaur.deschreef: Am 23.07.2012 15:10, schrieb Oliver Hansen: Hi Stefan, I can't be sure but I think I have run into this before. Have you tried uploading a

Re: [pfSense] wan interface losing ip address

Op 18-7-2012 0:30, b...@bitrate.net schreef: Jul 17 07:55:30 gw1 kernel: ue0: link state changed to DOWN Jul 17 07:55:30 gw1 kernel: ue0: link state changed to UP I see a few occasions of your ethernet link flapping, could be a modem rebooting or something else, bad cable, maybe. Although it

Re: [pfSense] Forwarding Protocol 41 for 1:1 IP Addresses

Good question, Op 27 jun 2012, om 20:53 heeft Yehuda Katz het volgende geschreven: I would like add a HE IPv6 tunnel to two of my servers without adding a tunnel for the whole network. I was looking at adding an option for each 1:1 to forward protocol 41 just for that public IP. (maybe a

Re: [pfSense] Possible bug in gateway monitoring in 2.1 snapshot (Sat Jun 16 08:16:08 EDT 2012)

Hi, Op 22 jun 2012, om 04:30 heeft Moshe Katz het volgende geschreven: On Wed, Jun 20, 2012 at 4:50 PM, Jerome Alet jerome.a...@univ-nc.nc wrote: Hi there, While playing with gateways and monitoring alternative IP addresses, I've noticed a problem. When you add an alternative IP address

Re: [pfSense] Question about failover setup

Op 20-6-2012 5:34, Jerome Alet schreef: Hi, On Tue, Jun 19, 2012 at 08:35:38AM +0200, Seth Mos wrote: Op 18-6-2012 23:26, Jerome Alet schreef: So now that I'm trying to replicate the OpenBSD configuration on my pfSense 2.1 boxes, I'm wondering if I really need 3 distinct IP addresses on each

Re: [pfSense] Question about failover setup

Op 18-6-2012 23:26, Jerome Alet schreef: Hi there, So now that I'm trying to replicate the OpenBSD configuration on my pfSense 2.1 boxes, I'm wondering if I really need 3 distinct IP addresses on each vlan and what are the consequences of using only one on the carp interface ? For pfSense you

Re: [pfSense] CARP with public IP's and managed GW

Not with bridging, no. Cheers, Seth Op 12 jun 2012, om 23:55 heeft bsd het volgende geschreven: Hello, I have an ISP which is providing me a bloc of public IP's /27and a GW (managed GW inside the given bloc). Generally in order to filter in such situation, I create a bridge on the

Re: [pfSense] High interrupt load on LAGG with LACP

Op 5-6-2012 3:53, Glenn Kelley schreef: Good to know. For us we just need 100-300mbps in the sky (literally 300 foot up a tower) The soekris net6501 may be a good fit, it can do PoE iirc. It's a 600-1.6Ghz Intel Atom. I've benchmarked the faster Intel Atom 1.8 Dual core in a Lanner Inc

[pfSense] HEADSUP: 2.1 snaps currently broken

Under investigation, please hold off. More later. Seth ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Duplicate icmp echo

Hi, Op 1 jun 2012, om 23:03 heeft David Miller het volgende geschreven: I have pfsense 2.01-release, built Mon Dec 12 17:53:52 EST 2011 running on a soekris 6501. The WAN port is seeing duplicate icmp echo requests, and it happens bi-directionally: tcpdump run on the pfsense box shows

Re: [pfSense] modern hardware selection

Op 29-5-2012 15:50, Vick Khera schreef: Also, I have three IPsec VPNs connecting to other data centers and the main office, which need to push at peak 40Mbps for a couple of hours a day during backups. I use Dell PowerEdge 860 servers with a Core i3 3.2Ghz and I can flatten my 100mbit pipe

Re: [pfSense] OpenVPN: offsite configuration

Hi, To make sure things stay working as it is. I have a hostname in the remote access list so that even if the main office needs to relocate (DR) i can still access the remote machine. I also ship routers with a dyndns name that every now and then will turn up a rfc1918 ip but i can still see

Re: [pfSense] pfSense product support lifecycle?

Op 24-4-2012 9:13, Stefan Baur schreef: Hi list, The thing is, I rolled out 2.0.1 (upgrading from 1.2.3) between November 2011 and February 2012, IIRC. I'd prefer to stay on 2.0.1 for a while, as I don't need the IPv6 features of 2.1 just yet. I'm just wondering how long after June 6, 2012

Re: [pfSense] IPv6 configuration in a delegated /64

Op 23-4-2012 9:53, bsd schreef: Le 23 avr. 2012 à 07:38, Seth Mos a écrit : So do you think I could manage to have a full IPv6 support on LAN by using DHCPv6 on WAN ? How would you manage to achieve this ? If you want to use DHCP6, select it on the WAN, Select a Prefix Delegation size

Re: [pfSense] Upgrade 2.0.1 to 2.1

Op 23-4-2012 11:02, Eugen Leitl schreef: On Sun, Apr 22, 2012 at 10:54:51PM -0400, Chris Buechler wrote: On Sun, Apr 22, 2012 at 10:47 PM, Drew Lehmandleh...@digitatech.com wrote: Apparently the Git option is not longer valid to upgrade 2.0.1 to 2.1 since so much has changed. Does anyone

Re: [pfSense] Upgrade 2.0.1 to 2.1

Op 23-4-2012 14:30, Chris Bagnall schreef: Are there any plans to incorporate something like NAT64 (or another 4-to-6 translation method) to allow v6-only networks? Yes, for 2.2 at it's earliest. There is a patch for pf in OpenBSD in circulation but that's not useful right now.

Re: [pfSense] Pfsense Ipad / Iphone - Android - Smartphone App

Op 23-4-2012 16:28, justino garcia schreef: Hi Group, I noticed Checkpoint, Cisco, Sonicwall, and bunch of other firewalls have a App for SmartPhones and Tabelts. Any idea for Pfsense, IPSEC ssl vpn app??? I would like simple setup for vpn Thanks, There is a OpenVPN app in the works for

Re: [pfSense] IPv6 configuration in a delegated /64

Hi, Op 22 apr 2012, om 22:03 heeft bsd het volgende geschreven: Hello my friends, My ISP is providing a full /64 network which looks similar to 2a01:e35:2436:7e20::/64 That's the limitation you get with the Free.fr, they only subnet a single /64. That means it's impossible to put a

Re: [pfSense] IPv6 configuration in a delegated /64

Hi, Op 23 apr 2012, om 00:38 heeft bsd het volgende geschreven: If the CPE has a bridge mode you could configure the WAN in pfSense and configure the delegated /64 on your lan. Theoretically. The CPE has a bridge mode (which I am using since a very long time for IPv4), It allows me to

Re: [pfSense] issues with 2.1 snapshot

drop all ipv6 traffic. Regards, Seth On Tue, Apr 3, 2012 at 2:33 AM, Seth Mos seth@dds.nl mailto:seth@dds.nl wrote: Op 3-4-2012 8:20, Brian Henson schreef: I have checked the /64 and the wan is on the wan and the Lan is setup right. Files and info requested

Re: [pfSense] Snapshots are back

On 23-3-2012 11:47, Eugen Leitl wrote: On Thu, Mar 22, 2012 at 09:48:54PM -0400, Jim Pingle wrote: FYI- 2.1 snapshots are going again. http://snapshots.pfsense.org/ Great. How stable are they? Useful for limited production? There are a couple of tickets open, a bunch related to IPv6 and

Re: [pfSense] Parallel setup for testing/migration

Op 23 mrt 2012, om 19:08 heeft Ugo Bellavance het volgende geschreven: Hi, During my Checkpoint to pfSense transition, I'll have, during a few days, two ISP active at the same time at the office. The firewall is the only router of the organisation, but has several networks attached to

Re: [pfSense] pfSense error, maybe hard drive?

On 21-3-2012 18:08, Adam Piasecki wrote: What hard drive is recommended for pfSense. Or can someone tell me what your running. Any ide or sata drive should do. If you really want a SSD drive I recommend the Intel 320 series SSD drives. These have a capacitor inside which means it will survive

Re: [pfSense] pfSense error, maybe hard drive?

On 21-3-2012 18:40, Jeppe Øland wrote: I deployed about a dozen Kingston 64G SSDs about a year and a half ago (in laptops and desktops) and I've seen about a quarter of them fail with different symptoms in each case. Garbage Totally agree. I have gone through 2 Kingston 4GB industrial SSDs

Re: [pfSense] icmp best practices

Hi, Op 19 mrt 2012, om 19:16 heeft Adam Thompson het volgende geschreven: Denying ICMP is mainly only useful in the Security By Obscurity model. There are many valid reasons to allow ICMP, especially from the inside, and in my opinion we all may as well get used to allowing it, since

Re: [pfSense] schrappen

On 10-2-2012 12:08, Michel Servaes wrote: Goede middag, Kan u dit mail adres schrappen om te mailen aub. Hartelijke groeten, ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list Ik stel voor dat U

Re: [pfSense] Request for help: Seeking pfSense user with access to 6RD IPv6 WAN

Op 1-2-2012 16:41, Chris Bagnall schreef: On 1/2/12 2:15 pm, Seth Mos wrote: I am seeking a user(s) that has access to a 6RD IPv6 connection so we can test our development 6RD code. Out of curiosity (and this is more aimed at ISPs than end users), is implementing the various IPv6

Re: [pfSense] IPv6 and v2.1

Quoting Oliver Schad ad...@automatic-server.com: Hello, can somebody estimate when version 2.1 with IPv6 support will be released? One month, 6 months, 1 Year? If all goes according to plan, somewhere this spring. Which sounds vague but should be before may and definitely before World

Re: [pfSense] rrd error

On 24-1-2012 11:19, İhsan Doğan wrote: Hi, I'm running the NanoBSD version of pfSense, Version 2.0.1. This system was upgraded from 1.2.3 through 2.0. The initial 2.0 did not correctly upgrade the RRD files from 1.2.3. A fix is in 2.0.1 so that upgrades from 1.2.3 work. However, if you

Re: [pfSense] Soekris 6501 installation question

Hi, Op 23 jan 2012, om 18:21 heeft David Miller het volgende geschreven: Is it plugged in questions are welcome, I'm probably missing something about that simple. It's my first time with a soekris, and first time trying to boot pfsense off the memstick image. The soekris was set to

Re: [pfSense] Fatal trap 12 page fault

Hi, On 4-1-2012 12:53, Hiren Joshi wrote: And another one: http://sysops2.moonfruit.com/communities/4/004/009/843/874/images/4560450091_525x290.jpg http://sysops2.moonfruit.com/communities/4/004/009/843/874/images/4560450095_525x291.jpg

Re: [pfSense] relayd fails to start after 2.0.1 upgrade

On 27-12-2011 9:31, Andrew Mitchell wrote: lbpool/ lbaction/ lbprotocol/ it's these tags that cause it. Regards, Seth ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] particular site not working

Hi, Op 17 dec 2011, om 05:19 heeft Guruprasad R het volgende geschreven: action taken: - i disabled transparent proxy and configured 3128 as my proxy port in browser as well as pfsense - i stopped the squid/squidguard services - i tried different browsers from different systems behind the

Re: [pfSense] Blackberry Playbook VPN and Connecting up to PFSense

On 12-12-2011 16:35, Gavin Will wrote: Hi there, Curious if anyone has setup a VPN for a Blackberry Playbook to connect to a PFsense Box. Playbook supports many commercial devices such as Juniper / Cisco. The only option I feel I can use is Generic IKEv2 VPN Server Is Pfsense classed

Re: [pfSense] Silly question - using a PC + pfsense + dual ethernet NIC + wlan PCI card as wifi router

On 8-12-2011 9:21, Chris Buechler wrote: Though that'd be pretty ugly too given the 11 Mb limit of USB 1.x you'd find on such a box, aside from the fact USB NICs tend to be ugly in general driver-wise, and I can't recall seeing a USB wifi card whose chipset supported hostap mode. Ralink usb

Re: [pfSense] Silly question - using a PC + pfsense + dual ethernet NIC + wlan PCI card as wifi router

Hi, Op 8 dec 2011, om 18:07 heeft ernst het volgende geschreven: How expensive is your electricity? When you look at it from a 1-2 year total cost of ownership of keeping that old PC running 24/7, you are (eventually) further ahead to buy one of those embedded computers (Alix / Soeokris) or

Re: [pfSense] Forwarding stopped between two local networks.

HI, Op 8 dec 2011, om 18:27 heeft Joshua Schmidlkofer het volgende geschreven: Yesterday, for no discernible reason, new connections ceased, in one direction between two local subnets. I have two interfaces, alc0 to 10.2.0.0/16 (BuildingA), and re2 to 10.3.0.0/16 (BuildingB). My pfSense

Re: [pfSense] Ipad Road Warrior + VPN (secure connection) to my home network??

Hi, Op 8 dec 2011, om 22:55 heeft justino garcia het volgende geschreven: I want to gain secure (VPN) access on the road, to my home network from my ipad, Anyone setup PFsense for this, or do you recomend something else (OpenVPN and Ipad support???) The built in ipsec client in the iPad

Re: [pfSense] Any suggestions on how filter in pfSense for SQL Injections?

Hi, Op 7 dec 2011, om 00:26 heeft Chuck Mariotti het volgende geschreven: At our datacenter managed to not get hit. However, I guess I would like to ask for suggestions on how to stop this type of attack at the pfSense firewall and what/how to implement something that would allow us to

Re: [pfSense] 3G USB Modem installation on PFSENSE

Hi, Op 4 dec 2011, om 20:51 heeft Oliver Hansen het volgende geschreven: There are actually quite a few modems that work with pfSense 2.0. It's not plug and play but if you follow the documentation it's not too hard to set up. I don't know if your specific modem is supported but I suggest

Re: [pfSense] Replacing CheckPoint Firewall-1 with pfSense

On 23-11-2011 19:34, Ugo Bellavance wrote: Hi, We're thinking about replacing our CheckPoint Firewall-1 by pfSense. We are using only those features on Firewall-1 (R65): - Security (default deny on everything) Delete the LAN - any rule on the LAN interface and you are good to go. The

  1   2   >