Re: [pfSense] Interface options for pfsense
On Mon 21 Apr 2014 22:46:57 NZST +1200, Christoph Hanle wrote: > > Are there any USB Ethernet adapters that actually work with pfsense? > > Reliably? I am looking for reports from those who have tried, not the > > freebsd supported HW list - that list is too long and not really > > trustworthy (I have a USB wifi adapter which runs for 10min then makes > > pfsense kernel panic). > Tested with 2.0.3 and stable in production usage: Digitus 3015 (RTL 8150 > chipset) and Digitus-10050 (MCS7832 chipset). Obtained one which says RTL8152 under Linux (works off the shelf): Bus 010 Device 003: ID 0bda:8152 Realtek Semiconductor Corp. On pfsense 2.1.3 dmesg says ugen1.2: at usbus1 But even after adding if_rue_load="YES" to /boot/loader.conf.local and rebooting with the adapter plugged in nothing much in dmesg gives any hint of the presence of another interface. --> RTL8152 no good with pfsense 2.1.3. I can't find RTL8150 any more. Does anyone have an Ethernet USB adapter working under pfsense 2.1? Thanks, Volker -- Volker Kuhlmann is list0570 with the domain in header. http://volker.top.geek.nz/ Please do not CC list postings to me. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Install on one machine, deploy on another
Most problems will surround the network cards and identification. You'll most likely have to set that all up again. Maybe delete all interfaces right before powering down the new test disk. Reassign them when it comes back up. Otherwise, in ym use of pfsense 2.0, your interfaces get all wonky and you'll be saying ...justdie! they seem to not go away. I did the whole delete and reassign thing I am mentioning and it all worked. Used all the exact names and all of the rules stayed put and the interface groups all maintained a proper config. On Mon, Jun 9, 2014 at 6:19 PM, compdoc wrote: >> Will I have any problems if I install a new version of pfsense on one >>machine and then move the hard drive to another machine? > > You probably will have some problem. Let us know how it goes... > > ___ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Install on one machine, deploy on another
> Will I have any problems if I install a new version of pfsense on one >machine and then move the hard drive to another machine? You probably will have some problem. Let us know how it goes... ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] pfsense and openvpn
hello. i had setup pfsense 2.1.3 and installed openvpn export package. i created server certs and and a user and a user cert. i can export and install the windows package so my certificates appear to be matched correctly. i can connect on a win7 box to the openvpn server but can only access the wins server and dns server through icmp. the rest of my lan is unreachable. i have tried to use a tap with bridge and a tun but am still not able to access lan. my current setup is as follows: pfsense lan - 192.168.16.0/24 pfsense is dns on 192.168.16.1 samba server is wins 192.168.16.5 openvpn server - ssl/tls with auth local db udp device mode = tun interface = wan enabled auth of tls packets ipv4 tunnel network 192.168.19.0/24 ipv4 local networks 192.168.16.0/24 5 concurrent connections lzo compression address pool = provide virt adapter dns = 192.168.16.1 netbios p-node to wins 192.168.16.5 rules: WAN ID Proto Source Port Destination Port Gateway Queue Schedule IPv4 UDP** WAN address 34447 * none LAN ID Proto Source Port Destination Port Gateway Queue Schedule * ** LAN Address 80 & 443 * * IPv4 * LAN net * * ** none IPv4 * 192.168.19.0/24 *LAN net** none OpenVPN ID Proto Source Port Destination Port Gateway Queue Schedule IPv4 * ** * **none I can only ping win server and dns server. the win server resolves ips for other devices on lan but are not reachable by my client. any help would be greatly appreciated. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Traffic Shaping for optimizing IPSEC tunnel traffic
Hi, What would be the best method of tuning an IPSEC tunnel. I want to give that traffic highest priority. Should I apply limiting to the LAN or the WAN Queues? Or create a custom one. Thanks, -- Mark Street, D.C., RHCE Chief Technology Officer Alliance Medical Center (707) 433-5494 "Trust decentralization over centralization, voluntarism over coercion, bottom-up over top-down, adaptation over planning, openness over secrecy, practice over ideology, and markets over politics." Eric Raymond ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Alerts on bandwidth conditions
We are trying to enhance our (D)DOS detection and response. Can pfSense create alerts when the bandwith goes over X, especially if it is dues to more than Y connections to a single IP? -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100- - +1 (443) 269-1555 x333Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Install on one machine, deploy on another
Will I have any problems if I install a new version of pfsense on one machine and then move the hard drive to another machine? Both are 64bit AMD processors. One a dual core, the other a single core. Thanks in advance. -- Joe Laffey The Stable Visual Effects http://TheStable.tv/?e34519M/ ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] IPSec Keep Alive and Ping
On Sun, Jun 8, 2014 at 12:10 AM, Francois Roussy wrote: > Good day, > > I had a Juniper SSG140 connected to 9 sites with IPSEC. > > I just changed tonight to pfSense. All is up and running ! [image: ;D] > > I want to keep those tunnels alive.. So i founded the option in the IPsec > Phase 2 "Automatically ping host". I want to put the remote gw there ( > 192.168.2.1/3.1/4.1...) depending of the IPsec tunnel. > > But, from the pfsense console, I can’t ping the remote subnet > 192.168.2.x/3.x/4.x on each sites.. but from a PC on my lan, I can > > Any idea ? Is it a rule that I didn’t make ? > You have to source traffic from the correct IP address to match policies. > > Thanks > Frank > > > > ___ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list > ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
