On Sat, Jul 7, 2012 at 3:26 AM, Paul Gear wrote:
> On 07/07/12 14:33, Adam Van Ornum wrote:
>>>
>>> FreeBSD's driver apparently is much improved in later releases (remember,
>>> pfSense is based on 7.3, which is quite a few years old now), so it's
>> just
>>> a matter of waiting until pfSense 2.1(
On Sun, Jul 1, 2012 at 7:14 AM, Adam Thompson wrote:
>> Are there any JunOS features you consider killer that are not in
>> pfSense 2.1? What would be these features?
>
> Hardware offload: you can scale vertically with JunOS platforms with the
> simple addition of more money, whereas an x86-style
On Thu, Jun 28, 2012 at 9:07 PM, Paul Gear wrote:
> Hi all,
>
> I'm testing pfSense for a client, looking to put it into an existing
> production network some time in the next month or two. (Some background
> at [1], if anyone cares...) In terms of features and interface it is a
> win, but we're
On Mon, Jun 25, 2012 at 8:55 PM, Jim Thompson wrote:
>
> It strikes me that if you only care about 10/100 Ethernet, you could also
> use a USB - Ethernet adapter.
Not sure there are any with reliable drivers, though I haven't
experimented much at all with them, just going by user feedback. Those
On Fri, Jun 22, 2012 at 11:22 AM, Vick Khera wrote:
> On Fri, Jun 22, 2012 at 7:02 AM, Mark Tinka wrote:
>> The machine is still in "setup mode", so it's not connected
>> to the Internet. However, it seems that a quick web GUI
>> loves DNS (confirmed via pfSense state table), which,
>> obviously,
On Fri, Jun 22, 2012 at 7:02 AM, Mark Tinka wrote:
> Hello all.
>
> New to pfSense, loving the concept straight-off-the-bat!
>
> I'm in the process of setting up the installation per our
> environment, and seem to be hitting this seemingly
> consistent issue - a slow web GUI due to lack of DNS que
The static routes aren't even necessary anymore, so they can go in the future.
http://redmine.pfsense.org/issues/2514
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Wed, Jun 13, 2012 at 2:33 PM, Vick Khera wrote:
> I have a pair of firewalls set up with pfsync. pfSense 2.0.1/i386.
>
> I'm pushing a lot of connections and traffic, so had to bump the
> number of states in the Advanced -> Firewall/NAT tab. This increased
> number did not show up on the backu
It's up now, installs fine.
On Wed, Jun 13, 2012 at 12:29 AM, Michael D. Wood
wrote:
> I was running into the same problem. According to what I've read online the
> barnyard2 package hasn't been built yet so the file is MIA on the server.
>
> I was able to install by SSH'ing into pfSense and ex
On Tue, Jun 12, 2012 at 6:17 PM, bsd wrote:
>
> So is there any solution in order to use CARP and still be able to filter in
> such scenario ?
>
You can hack a script into devd to down and up the bridge with the
CARP status, but I would avoid that if at all possible.
> I have other internal Ne
On Mon, Jun 11, 2012 at 9:32 AM, Yehuda Katz wrote:
> I think you got your answer already about a week ago from Ermal and Chris.
> http://lists.pfsense.org/pipermail/list/2012-June/002312.html http://lists.pfsense.org/pipermail/list/2012-June/002318.html
> pfSense has significant customization in
On Mon, Jun 4, 2012 at 8:46 PM, Bill Yuan wrote:
>
>
> On Tue, Jun 5, 2012 at 8:02 AM, Chris Buechler wrote:
>>
>> On Mon, Jun 4, 2012 at 7:54 PM, Bill Yuan wrote:
>> > Hi ,
>> > Thanks for you reply,
>> > And please tell me more information
On Mon, Jun 4, 2012 at 7:54 PM, Bill Yuan wrote:
> Hi ,
> Thanks for you reply,
> And please tell me more information about the patch of fwd.
> I have compiled the kernel by myself. already included the options, and I
> have activated the pf and ipfw at the same time,
>
> a patch for fwd to work
On Mon, Jun 4, 2012 at 2:53 PM, Jens Kühnel wrote:
> Hi,
>
> I'm a longtime and very satisfied pfsense user. But I ran into an
> situation that I can not understand. Maybe you can give me a Clue what
> to do. Or where to look for infos.
>
> I have Alix 2D3 Board with PFSense 2.0.1-RELEASE i386 run
On Fri, Jun 1, 2012 at 5:11 PM, Seth Mos wrote:
> Hi,
>
> Op 1 jun 2012, om 23:03 heeft David Miller het volgende geschreven:
>
>> I have pfsense 2.01-release, built Mon Dec 12 17:53:52 EST 2011 running on a
>> soekris 6501.
>>
>> The WAN port is seeing duplicate icmp echo requests, and it happen
On Thu, May 31, 2012 at 3:44 AM, Jeppe Øland wrote:
> On Tue, Jan 10, 2012 at 6:26 PM, Chris Buechler wrote:
>>> Okay, I think I found out what's going on:
>>>
>>> /etc/crontab contains
>>> 1 1 * * * root /usr/bin/nice
On Fri, May 25, 2012 at 11:58 PM, Adam Stasiak wrote:
> Is it possible to use NAT (or some combination of NAT and other trickery) to
> redirect an address on your WAN interface to another external IP address
> (not on the WAN interface, but at some other site).
>
> e.g. Site A has Public IP addres
On Wed, May 9, 2012 at 9:45 PM, Ugo Bellavance wrote:
> OpenVPN Remote Access Server Setup Wizard
>
>
> Firewall Rule Configuration
>
> Firewall Rules control what network traffic is permitted. You must add rules
> to allow traffic to the OpenVPN server's IP and port, as well as allowing
> traffic
On Sat, May 5, 2012 at 5:11 PM, Joseph L. Casale
wrote:
> We switched providers and are utilizing a 3 way bonded dsl setup aggregated
> behind a Mikrotik unit.
>
> I am seeing some less than expected throughput and certain types of
> connections
> like rdp/rsync are hanging and need to be restart
On Fri, May 4, 2012 at 9:13 AM, Alex Damast [Aqua-Flo]
wrote:
> Not true at all. Layer 7 does do this exact thing in pfsense and it works
> well.
>
That is true of some, there aren't signatures that match every
possible means of streaming video though.
On Thu, May 3, 2012 at 1:55 PM, Noam Birnbaum
wrote:
> Good call, David --
>
> They current have dual WAN -- 40/40 WiMAX and 50/10 cable. I expect that as
> they grow these pipes will at least double.
>
> As for their *expectations* -- they are a web development startup in San
> Francisco, so…
Doesn't have any relation to how much RAM you have, it's dependent on
your pfblocker config. Info here:
http://forum.pfsense.org/index.php/topic,48716.0.html
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Wed, May 2, 2012 at 8:25 AM, Eugen Leitl wrote:
>
> I need to make terminate a VPN tunnel (users behind NAT)
> with above Cisco box.
>
> Parameters are
>
> ISAKMP Phase I
> preshared key
> AES128
> SHA
> Group 2
> Lifetime 28800 sec
>
> IPSEC Phase II
> AES 128
> SHA
> Group 2
> Perfect forward
On Thu, Apr 26, 2012 at 3:12 AM, Abdullah Nihan wrote:
> Which means its simply not possible to use Free-radius on Pf-sense in a
> windows AD environment. Right?
> Reason I wanted to use Pf-sense Captive portal is that its way too cooler
> than windows IIS & Radius!
>
You can use Windows RADIUS
On Wed, Apr 25, 2012 at 11:54 PM, steel max wrote:
> Can anyone please tell me the step by step to integrate Freeradiuse to
> authenticate users from Window Active directory?
>
>
Why? Use RADIUS on your Windows server instead, no sense in complicating
things with some other RADIUS server.
___
On Tue, Apr 24, 2012 at 7:56 AM, k_o_l wrote:
>
> Don't you have a way to track which release is being used the most and
> tailor support accordingly
>
We don't have any means of knowing. Besides, that ultimately wouldn't
impact anything. I have little doubt there are tens of thousands of
systems
On Tue, Apr 24, 2012 at 4:50 AM, Gerald A wrote:
>
> Lots of commercial firewall makers make updates to their "firmware" or loads
> which they expect you to load on as soon as you can. With those, you get a
> combo of security, bug fixes and "features" which may or may not be helpful,
> and has ne
On Tue, Apr 24, 2012 at 4:54 AM, Stefan Baur
wrote:
>
> Uh, don't get me wrong, I'm all for timely updates that fix security issues.
> I just don't want to drag fancy stuff along that I don't need. And at
> present, that's what full IPv6 support is for me.
>
Which will be fully disabled when up
On Tue, Apr 24, 2012 at 3:46 AM, Stefan Baur
wrote:
> Am 24.04.2012 09:32, schrieb Chris Buechler:
>
>> Nothing formal. To date, once we put out a new release, all prior
>> releases will not get any updates. That will probably especially be
>> true going forward, with muc
On Tue, Apr 24, 2012 at 3:13 AM, Stefan Baur
wrote:
> Hi list,
>
> I just stumbled over a few posts mentioning the scheduled 2.1 release of
> pfSense on June 6, 2012.
> This has made me wonder: Is there any centralized resource (ordinary web
> page, wiki, whatever) where one can review what Micros
On Mon, Apr 23, 2012 at 5:27 AM, Seth Mos wrote:
>>
>> Is it realistic to expect 2.1 with full IPv6 support by 6th June?
>
>
> Define Full.
>
Yeah "full IPv6 support" is hard to quantify. You could add things to
a "full IPv6 support" list and create something where no product in
the world has "fu
On Sun, Apr 22, 2012 at 10:47 PM, Drew Lehman wrote:
> Apparently the Git option is not longer valid to upgrade 2.0.1 to 2.1 since
> so much has changed. Does anyone know if there is an upgrade image
> someplace or do I need to backup the settings and wipe it all?
There are snapshots.
http://for
On Fri, Apr 20, 2012 at 3:32 PM, Bob Gustafson wrote:
>
> How does either of these VPN approaches compare with using SSH
> Tunneling? (see various Linux Journal articles on this subject)
>
SSH tunneling isn't a serious VPN solution. It can be used as such as
a hack but it's definitely not somethi
On Wed, Apr 18, 2012 at 11:44 AM, bsd wrote:
> Hello,
>
> I would like to know if you planned to incorporate 802.11n in the next
> release (2.1) or if you have post-poned this to a later stage ?
>
2.1 will be FreeBSD 8.3, so no. The next release after that will be
9.x, which finally has full 11n
On Mon, Apr 16, 2012 at 2:42 PM, David Rees wrote:
> I posted this on the forum[1] a while back but didn't get a response -
> thought I'd try here.
>
> I've got a fairly typical multi-WAN setup on pfSense 2.0.1 with one
> primary WAN and a secondary WAN port.
>
> Inbound access to servers is the s
On Sun, Apr 15, 2012 at 1:07 PM, Joe Landman
wrote:
> Hi folks:
>
> Have pfSense 2.0.1 stable installed on a machine we are using for testing.
> 2x em network ports. Have em0 configured as WAN with IP 10.100.241.121/16,
> and em1 configured as LAN with IP 192.168.3.1/16.
>
> I can reach the LAN
On Tue, Apr 10, 2012 at 4:55 AM, Jan wrote:
> Hi Chris,
>
> On 04/04/2012 02:21 PM Chris Buechler wrote:
>> On Wed, Apr 4, 2012 at 1:18 AM, Jan wrote:
>>> Hi,
>>>
>>> on my local pfSense installation running 2.0.1 I'm using pfflowd to send
>>
On Sun, Apr 1, 2012 at 7:28 PM, Luke Jaeger wrote:
> the WAN is only 7 Mbps down so throughput won't be high no matter what!
> But we'll probably want to set it up to serve DHCP and run squid/squidguard
> on it.
>
Then anything with a hard drive should suffice (ALIX would otherwise
be fine witho
On Thu, Apr 5, 2012 at 5:32 AM, Gabor Debreczeni-Kis wrote:
> Dear List Members,
>
> I'm using pfsense as a pptp vpn server (version 2.0.1) at one of my customer
> and have a problem with static routing and gateways.
> We're using pptp to make LAN-to-LAN connections between various locations
> and
On Wed, Apr 4, 2012 at 2:29 AM, Bill Yuan wrote:
> Hi,
>
> on pfsense ,actually is using fwd 127.0.0.1:8080 to redirect the traffic to
> the captive portal when the ip is not allow to go through.
>
> but is it possible to add an extra parameter there, like i want to have a
> MAC address of the cli
On Wed, Apr 4, 2012 at 1:18 AM, Jan wrote:
> Hi,
>
> on my local pfSense installation running 2.0.1 I'm using pfflowd to send
> netflow datagrams to a centralized collector, which works like a charm.
>
> However, pfflowd doesn't seem to include tcp flags as well. I already tried
> switching betwee
On Sun, Apr 1, 2012 at 7:06 PM, Luke Jaeger wrote:
> helping someone spec a new router for a small business network, currently 10
> users (more in future, hopefully) - it needs to be a 'set it and forget it'
> solution so I thought about a pfSense appliance. Anyone have an opinion about
> a par
On Sat, Mar 31, 2012 at 1:23 PM, wrote:
> Hello list,
>
> I need to setup multihome AS on BGP for redundancy.
> Can it be done by using pfSense+OpenBGPD?
>
Yes.
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Fri, Mar 23, 2012 at 8:36 PM, Karl Fife wrote:
> Are there any TCP/IP Offload Engine nic's that pfSense can leverage? A TOE
> in pfSense could function somewhat like the hardware packet-forwarding ASICs
> in the likes of Csco/Juniper etc, No? If supported, it seems that a TOE
> could be an
On Thu, Mar 22, 2012 at 11:15 AM, Adam Piasecki
wrote:
> O
> I have two questions,
>
> 1) Windows has TRIM support for ware-leveling. Does FreeBSD include this?
> Looking at the wiki page for TRIM (http://en.wikipedia.org/wiki/TRIM) it
> does not for 8.1, only for low level formatting.
>
> 2) If 8
On Thu, Mar 22, 2012 at 1:02 AM, David Burgess wrote:
> I hate to resurrect an old thread, but this was never resolved for me, and
> the workaround that I was using is no longer valid due to a change in the
> situation.
>
> The old thread is here:
> http://www.mail-archive.com/list@lists.pfsense.o
On Wed, Mar 21, 2012 at 2:46 PM, Jeppe Øland wrote:
>>> I'm getting the following error when logging into the box. It's at the top
>>> of the page when presented with the username and password prompt. You can
>>> not go past the login page. pretty sure it's due to faulty hard drives.
>>
>> Indeed
On Wed, Mar 21, 2012 at 1:08 PM, Adam Piasecki
wrote:
> I'm getting the following error when logging into the box. It's at the top
> of the page when presented with the username and password prompt. You can
> not go past the login page. pretty sure it's due to faulty hard drives.
Indeed it is. W
On Tue, Mar 20, 2012 at 7:37 PM, Nathan Eisenberg
wrote:
>> That's why I said:
>
>> ICMP from host to GW is OK
>
>> ICMP from host to the world - should be blocked - or just allowed for
>
>> the
>
>> administrator's host
>
>
>
> So you break PMTUd and basic diagnostic functionality for your users?
On Thu, Mar 15, 2012 at 5:01 AM, Raimund Sacherer wrote:
> I would wish that pfSense integrates a simple REST API for functionality like
> that:
>
Me too. Patches welcome.
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/li
On Tue, Mar 13, 2012 at 10:41 AM, Claus@pfSense
wrote:
> Sorry for being unclear.
>
> I would
>
> 1) like to modify a pfSense-alias from command line.
> 2) tell pfSense to pick-up the change and go live from command line.
>
Easiest would be to do it from the command line using PHP, the same
funct
On Mon, Mar 12, 2012 at 6:04 PM, Claus@pfSense
wrote:
> Any comments on this one ?
>
I don't think it's very clear what you're attempting to do, at least
not to me, maybe if you can clarify what you're doing and why someone
will have some feedback.
___
On Wed, Mar 7, 2012 at 7:52 AM, Ugo Bellavance wrote:
> Hi,
>
> Is it a good idea/recommended to set the mac address in the interfaces
> config, to avoid problems when adding a NIC in the future?
>
That has no relevance to which NIC is assigned where. If
adding/removing a NIC changes the device n
On Wed, Mar 7, 2012 at 1:05 AM, Joseph Rotan wrote:
>> Hi,
>>
>> I would like to seek any assistance on how could i add a network printer
>> to
>> my pfsense LAN.
>>
>> I install pfsense 2.0 machine for a High school computer Lab with 20
>> computers connected to a centralised switch, now the scho
On Mon, Mar 5, 2012 at 10:03 PM, Ugo Bellavance wrote:
> Hi,
>
> I think I lost my config.xml. Well I do have a backup, but I worked like 1
> hour on the config tonight and I'd like to recover the file. This is what I
> did (I think):
>
> - Install pfsense on the HDD, play with it (and probably m
On Fri, Mar 2, 2012 at 9:28 PM, Mehma Sarja wrote:
>
> I am thinking of a RFP from an un-named country with current BW of 85 Gbps.
> They are looking for a system to handle 100 Gbps. I have a gut feeling that
> this stream needs to be split and filtered that way.
Yes if it truly has to be firewal
On Fri, Mar 2, 2012 at 4:00 PM, Nathan Eisenberg wrote:
> Dual quad core 5420s, 8GB RAM, ~915Mbps. Would have taken more if the
> interfaces weren’t full or were lagged.
>
> **
>
Gig wire speed is no problem at larger packet sizes (at all 64K packets,
not going to happen, but that's true of
On Mon, Feb 27, 2012 at 5:23 AM, Tom S wrote:
> Thanks.
>
> If I have traffic between vlans, could it be more performance consuming than
> routing between physical interfaces ?
> If I'll transfer the vlans that are talking to each other to two different
> physical interfaces, should it be better
On Tue, Feb 28, 2012 at 11:31 PM, Pankaj Kumar wrote:
> Hi, I have setup PfSense2.0.1 with four network interface card 2 for wan and
> 2 for LAN and DMZ interface.
>
>> is it possible to assign both WAN traffic to each other i mean WAN1 should
>> go on LAN and WAN2 should go DMZ?
Yes.
>> how to
What's the CPU RRD graph look like?
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Sun, Feb 26, 2012 at 1:31 AM, Tom S wrote:
> Hi all,
>
>
>
> I have 2 PFSense servers, running Active/Passive.
>
> On the active server I hit most of the time 50-80 percent CPU, sometimes
> peaks to 100.
>
> Nothing special is active on the server except routing and filtering (basic,
> layer 3/
On Tue, Feb 21, 2012 at 9:50 PM, Nathan C. Smith wrote:
> How does pfSense identify – for purposes of traffic shaping - which
> packets are VoIP? Is it looking for RTP or is there some other method(s) in
> use?
>
Generally UDP port ranges.
___
List m
On Sat, Feb 18, 2012 at 11:55 PM, Adam Piasecki
wrote:
>
> It was coming from a single machine, hey kept on requesting the same IP. So
> he didn't exhaust the pool. It was a bunch of DHCP Requests and Acks for
> the same IP. Not sure if he was doing it on purpose.
>
I'm not aware of any means of
On Fri, Feb 17, 2012 at 11:17 AM, Adam Piasecki
wrote:
> We recently had a user generating thousands of DHCP requests a minute. This
> resulted in high CPU utilization and preventing other users from obtaining
> DHCP . Once we removed the user in question everything returned to normal.
>
> Can DHC
On Thu, Feb 16, 2012 at 10:59 PM, Jason T. Slack-Moehrle
wrote:
> Hi Guys,
>
> I changed to IP Alias rather than ARP.
>
> I put each of my static IP's on the WAN Interface, 1 at a time, saved
> and reloaded and pinged it from the LAN (which is where this server is
> I want to hit as well)
>
> I st
On Wed, Feb 15, 2012 at 8:57 PM, Jason T. Slack-Moehrle
wrote:
> HI Yehuda;
>
>> On Wed, Feb 15, 2012 at 8:04 PM, Jason T. Slack-Moehrle
>> mailto:slackmoeh...@gmail.com)> wrote:
>> > Hi All,
>> >
>> > My struggle continues.
>> >
>> > So basically:
>> > 1. I have 5 IP's from Comcast in a /29.
>>
On Mon, Feb 13, 2012 at 12:37 AM, Adam Thompson wrote:
> OK, I'm reasonably certain this is going to be a dumb question, but...
>
> Is there not any way to install packages (even temporarily) on a running
> memstick or livecd system?
>
No, the file system isn't able to be changed on either so it'
On Thu, Feb 9, 2012 at 7:24 PM, Chris Brennan wrote:
> For some reason recently, I've noticed that pfSense will arbitrarily
> block some IP's for no good reason and I can't figure out why.
Is it really blocking, or is it a routing issue? Could be either/or
from the traceroute. Check firewall logs
On Fri, Feb 3, 2012 at 2:04 AM, Pete Boyd wrote:
> I have pfSense 1.2.3 setup to use its OpenVPN server. I use TinyCA to
> create CA and client certificates and keys on a separate computer,
> giving the CA cert to pfSense and the client certs & keys to users.
>
> If I upgrade pfSense 1.2.3 to 2.0.
On Wed, Feb 1, 2012 at 5:53 PM, Atkins, Dwane P wrote:
> All,
>
> Ever since Mac OS 10.7 Lion came into existence, we have had issues with
> connecting to our Captive Portal. Mac 10.6.8 works just fine.
>
> Does anyone know of a fix for this? Is there a workaround? Will an upgrade
> to 2.0.1 wo
On Mon, Jan 16, 2012 at 9:17 AM, Aymen Belkhiria
wrote:
> Chris,
>
> is it disable NAT-T option the only solution here?
I doubt if that's the issue, it sounded like you just upgraded from
1.2.3 to 2.0 and it stopped working without changing anything, but
that's not the case. Not enough info there
2012/1/16 :
>
You probably want to post to the Portuguese list where there are a
number of people who can help.
http://lists.pfsense.org/mailman/listinfo/pfsense-pt
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/
On Sat, Jan 14, 2012 at 9:05 PM, Aymen Belkhiria
wrote:
> Thanks Chris for the quick reply,
>
> I am using NAT-T option for this IPsec Tunnel, forgot to mention that, is
> that another way to resolve it?
>
You weren't using NAT-T on 1.2.3 release. If you stayed on an old
pre-release version, may
On Sat, Jan 14, 2012 at 8:26 PM, Aymen Belkhiria
wrote:
>
> I am using pfsense 2 and I have many drops on my IPsec Tunnel, here the log:
>
> Jan 14 20:03:54 racoon: [NAT Test]: INFO: ISAKMP-SA established
> xx.xx.xx.xx[4500]-xx.xx.xx.xx[4500] spi:ef320f25a6ad35e8:0f6e6a71aa89b928
> Jan 14 20
On Thu, Jan 12, 2012 at 1:00 PM, Tim Nelson wrote:
> Greetings-
>
> I understand the functionality of the OpenVPN Status package from the 1.x
> versions is now integrated into the 2.x versions. *However*, let's say...
> "hypothetically" a 1.2.2 config was uploaded to a fresh 2.0.1 installation,
On Thu, Jan 12, 2012 at 7:52 AM, Hiren Joshi wrote:
> We had another crash one this morning...
>
> It seems to cascade, that is to say, whatever crashes the primary seems to
> persist during the failover and crashes the secondary as well (about a minute
> later), not good. Does anyone have any c
On Tue, Jan 10, 2012 at 9:22 PM, newsgroups.ma...@stefanbaur.de
wrote:
> [update interval of pfSense's built-in dyndns client when used with
> no-ip.org]
>
> Okay, I think I found out what's going on:
>
> /etc/crontab contains
> 1 1 * * * root /usr/bin/nice -n20
>
On Fri, Jan 6, 2012 at 3:57 PM, Lyle Giese wrote:
>
> I have not checked but I doubt that pfsense would store that password in
> plain text either.
>
It does and has to. You can't encrypt passwords that you later need in
clear text.
___
List mailing lis
On Thu, Jan 5, 2012 at 12:27 AM, Andrew Mitchell
wrote:
> OK, I have added:
>
> route 192.168.16.0 255.255.255.0;
> route 192.168.15.0 255.255.255.0;
> route 192.168.8.0 255.255.255.0;
> route 192.168.7.0 255.255.255.0;
> route 192.168.1.0 255.255.255.0;
>
> to the 10.0.7.1 server.
>
> Now, a trac
On Tue, Jan 3, 2012 at 8:02 PM, Wade Blackwell wrote:
> Good evening all,
> I have an IPsec tunnel between a M0n0wall (1.33) and a pair of
> virtualized PFsense boxen running 2.0-RELEASE (amd64). I've never seen this
> issue in an IPsec implementation before. Short history, before I went t
On Tue, Dec 27, 2011 at 12:19 PM, Dave Warren wrote:
> Unfortunately I have no control at all over the remote end.
>
> Their OpenVPN implementation is integrated into their firewall, and
> automatically generates certificates and whatnot via a nice user-friendly
> UI, but unfortunately it enforces
On Mon, Dec 26, 2011 at 1:17 PM, Mike Montgomery
wrote:
> Hello all, I have been running pfsense at home on an old pc now for some
> time and loving it. I run several m0n0wall soekris devices at work, but am
> now looking for a low end pfsense capable device, that as of right now, I am
> only wan
On Thu, Dec 22, 2011 at 6:17 AM, Norman Golisz wrote:
> pfSense version in use:
> 2.0.1-RELEASE (i386)
> built on Mon Dec 12 18:24:17 EST 2011
> FreeBSD 8.1-RELEASE-p6
>
> Problem description:
> When creating a new NAT entry with Associated Filter Rule, the
> generated packet filter rule lacks the
On Fri, Dec 23, 2011 at 1:16 PM, Ron Lemon wrote:
>
> Sure I can try. I had disabled the traffic shaper and then re-run the wizard
> through the GUI once before in hopes of getting rid of the error but that did
> not seem to help either. Since most help posts on the shaper highly
> recommende
On Fri, Dec 23, 2011 at 11:30 AM, greg whynott wrote:
> I ran across an issue while installing the postfix-relay package today.
>
> The package installs correctly without issue, but after you start to
> configure options under the 'general' tab, upon saving it loads an error
> page with the err
It's back up. Sorry for the inconvenience. The provider that hosts
that screwed up our VLAN doing some massive network changes late last
night, and the server where we used to keep a synced backup copy died
a while back (new backup is syncing up now, and will stay synced up so
this doesn't happen a
On Thu, Dec 22, 2011 at 11:47 AM, - Dickie Bradford -
wrote:
>
> Are the packages missing on the server for 2.0.1?
>
The server is missing entirely at the moment, it'll be back later today.
___
List mailing list
List@lists.pfsense.org
http://lists.pfsen
On Tue, Dec 20, 2011 at 6:36 PM, Nenhum_de_Nos wrote:
>
> On Tue, December 20, 2011 21:08, Chris Buechler wrote:
>> info here: http://blog.pfsense.org/?p=633
>
> Chris,
>
> my 2.0 i386 points to this link, it renders me 404.
>
> http://updates.pfsense.org/_upda
info here: http://blog.pfsense.org/?p=633
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Mon, Dec 19, 2011 at 9:49 AM, Nick Upson wrote:
> I'm running 1.2.3
>
> I have an IPsec tunnel to another site, which closes unless there is traffic
> I want it up 24/7 so I put a remote IP in the "keep alive, automatically
> ping host" section of the setup.
> It still behaves the same way. Is
On Mon, Dec 12, 2011 at 10:35 AM, Gavin Will wrote:
> Hi there,
>
> Curious if anyone has setup a VPN for a Blackberry Playbook
>
I didn't think anyone actually bought one of those. ;)
> Playbook supports many commercial devices such as Juniper / Cisco. The only
> option I feel I can use is "
On Thu, Dec 8, 2011 at 12:07 PM, ernst wrote:
>
> How expensive is your electricity? When you look at it from a 1-2 year
> total cost of ownership of keeping that old PC running 24/7, you are
> (eventually) further ahead to buy one of those embedded computers (Alix /
> Soeokris) or that shiny new
On Wed, Dec 7, 2011 at 10:12 PM, Adam Thompson wrote:
> One caveat: many WLAN PCI cards require PCI 2.1 busses, and will not
> function in the PCI 1.0 / 1.1 busses often found in Pentium-III-era PCs.
> Found this out the hard way. Don’t know about pfSense support, but the
> usual way around this
On Wed, Dec 7, 2011 at 1:59 AM, Chuck Mariotti wrote:
>
> Yep, validation is the key in this case. Knock on wood, we should be good.
> We are also using filtering using URLScan on the web servers to stop this
> attack, but it would be nice to be able to quickly blanket the network if
> that’s an o
On Fri, Dec 2, 2011 at 4:26 AM, Eugen Leitl wrote:
> On Thu, Dec 01, 2011 at 03:01:16PM -0500, Chris Buechler wrote:
>
>> Just make sure you set MSS clamping on WAN to 1500 (which MSS clamps
>> at 1460) to prevent any issues that may arise if you end up in a
>> scena
On Thu, Dec 1, 2011 at 8:33 AM, Eugen Leitl wrote:
>
> I'm thinking about enabling jumbo frames (whatever the lowest
> common denominator for the LAN switches, probably 9212 in my
> case) for the home LAN, including the pfSense LAN MTU.
>
> This should have no visible (CPU load, latency) on the WA
On Tue, Nov 29, 2011 at 9:43 AM, Ryan Rodrigue wrote:
>
> You are correct that these are on different subnets. Your method of double
> nattng should work, but isn't the bast way to do things. Double natting
> usually causes problems.
>
It's ugly and best avoidable if possible, and it makes trou
On Thu, Nov 24, 2011 at 10:44 AM, greg whynott wrote:
>
> I am attempting to install softflowd on a 64bit machine. Using this
> document to do the install:
>
> http://doc.pfsense.org/index.php/Exporting_NetFlow_with_softflowd
>
>
> here is the error i'm seeing:
>
> pkg_add -r softflowd
> Error:
On Sun, Nov 27, 2011 at 10:24 PM, Nenhum_de_Nos
wrote:
>
> On Sat, November 26, 2011 20:50, Jim Pingle wrote:
>> On 11/26/2011 1:09 PM, Nenhum_de_Nos wrote:
>>> is there an idea when pfsense will run FreeBSD9 ? I know 2.1 will have
>>> ipv6, what FreeBSD
>>> version
>>> will it run ?
>>
>> It wil
On Sat, Nov 26, 2011 at 1:09 PM, Nenhum_de_Nos wrote:
> hail,
>
> is there an idea when pfsense will run FreeBSD9 ? I know 2.1 will have ipv6,
> what FreeBSD version
> will it run ?
>
9.x
___
List mailing list
List@lists.pfsense.org
http://lists.pfsens
301 - 400 of 467 matches
Mail list logo