tween
other subnets / interfaces on the firewall. I don't have RRD loaded so this is
strictly speculation on a possible cause.
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Chuck Mariotti
Sent: Wednesday, May 23, 2018 1:57 PM
To: list@lists.pfsense
We've run into a data overage situation at a datacenter... We get charged a
premium per GB over 500GB (yes I know, stupid). Their reporting system seems to
indicate significantly less data usages vs pfSense's RRD reporting... their
billing system seems to be indicating overage similar to their
, but might throw an error..
Kind regards,
Seb
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Chuck
Mariotti cmariotti-at-xunity.com
Sent: 15 August 2015 22:26
To: pfSense Support and Discussion Mailing List
Subject: Re: [pfSense] pfSense
: [pfSense] pfSense 2.1.5 to 2.2.4 update problems...
Pls try with AMD64 Pfsense it works good at my pfSense server only
filter http not https...
Thanks
Mohan
On Aug 17, 2015 6:26 PM, Chuck Mariotti
cmario...@xunity.com wrote:
Thanks, I had rebooted the server a few times trying to
resolve
I had a need to update to the latest pfSense. I had a replacement machine with
the latest 2.2.4. Took the config file from 2.1.5 and restored it...
It got stuck on the restoring packages and I eventually unlocked and just left
it as-is.
Swapped over the connection to the replacement and some
If I can add to this question... are support incidents hardware specific?
Meaning, if I purchase some hardware with 2 incidences... can I use those on
other devices?
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Adam Thompson
Sent: July-20-15 7:09
We are having a number of issues with Engenius Access Points... they seems to
have the features we need but for some reason, connectivity is not reliable
(seems Mac related). As much time as I would like to spend debugging it, it
would be cheaper to replace.
Does anyone have any
Tomato, preferably Toastman or Shibby. I
still use a $15 ebay Linksys WRT54GL that is rock solid and with Tomato it
includes built in OpenVPN software to connect to pfsense at the office.
Paul
On Jul 17, 2015, at 10:45 AM, Chuck Mariotti cmario...@xunity.com wrote:
We are having a number
That's definitely the cable modem's NAT getting confused. If you can get the
phones to randomize their source ports on their OpenVPN traffic, that might
resolve. I'm not sure if that's possible on those phones. In stock OpenVPN,
specifying lport 0 in the config will make it choose a random
You could try TCP for the OpenVPN if the phones will support it. The vast
majority of your traffic will be UDP so you wont get the joy of TCP in TCP
exponential standoffs.
Cheers
Jon
The phones do support TCP (an option on a per line basis offers UDP/TCP).
Could you clarify what you mean by
: February-19-15 8:04 AM
To: pfSense Support and Discussion Mailing List
Subject: Re: [pfSense] OpenVPN (pfSense 2.1.5-RELEASE) - VoIP Phone Issues
On 19 February 2015 at 14:51, Chuck Mariotti
cmario...@xunity.commailto:cmario...@xunity.com wrote:
That's definitely the cable modem's NAT getting confused
I have 4 Yealink T46G phones, 3 on one network (problematic), 1 on a separate
network... all phones are OpenVPNing into pfSense box at datacenter... then
using a phone system through the OpenVPN connection.
The problematic location keeps having issues with phones not receiving calls or
making
Think you forgot the logs. That should be enough of a summary to have a good
idea though.
What's the firewall/router/NAT device on the network where the 3 phones
reside? That sounds like what could happen with a NAT device that doesn't
handle UDP well. Some consumer-grade routers and some NAT
That's definitely the cable modem's NAT getting confused. If you can get the
phones to randomize their source ports on their OpenVPN traffic, that might
resolve. I'm not sure if that's possible on those phones. In stock OpenVPN,
specifying lport 0 in the config will make it choose a random
Have been using pfSense for years at our datacenter, very happy with it running
on old dedicate hardware with failover. The hardware is overdue to be retired
and I'm wondering what people are doing/recommending for a datacenter setup. We
want to use OpenVPN Server, IDS, dBandwidth, etc... so
, space)?
P.S. You can run packages on embedded in 2.2, you just want to be careful not
to run packages that would trash the SD card with too many writes.
Walter
On Thu, Feb 5, 2015 at 9:40 AM, Chuck Mariotti
cmario...@xunity.commailto:cmario...@xunity.com wrote:
Have been using pfSense for years
THIS Also has the advantage that in the event of hardware failure, you
can move the drives to any other system and still access the data - something
that's not always an option if you're relying on a proprietary RAID layout.
Applies to a great many system builds... if you have the option of
?
Chuck
-Original Message-
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] On
Behalf Of Jim Pingle
Sent: March-11-14 1:57 PM
To: pfSense support and discussion
Subject: Re: [pfSense] Yealink OpenVPN to asterisk
On 3/11/2014 12:09 AM, Chuck Mariotti wrote
I have a asterisk box at a data center that has some high traffic websites. I
also have am asterisk box there with a few Yealink T46G phones OpenVPNed into
the presence box at the data center. I have a few asterisk boxes but this is
the first client connection via openvpn.
I think the call
OpenVPN allows you to push routes to the client side… not sure if those routes
can be bypassed (it other words, if it’s just a rule sent to the client only,
or if the firewall actually enforces that rule as well).
I’m not sure about the grouping component. But you could define each user with
Configuration of a single datacenter connection, with 2 x WANs defined (two
separate public IP sets/subnets). Both equally important... just ran out of IPs.
We are experiencing an influx of traffic for a few servers that are starting to
introduce some problems in some VOIP traffic at times...
are on the same IP address.
Is there a way in pfSense that would allow me to report on traffic like this on
a monthly basis?
Regards,
Chuck Mariotti
[Xunity_Ad]
13 Seymour Ave.
Toronto, Ontario
M4J 3T3
Office: 416-469-5008 x 222
Fax: 416-469-5009
cmario...@xunity.commailto:cmario...@xunity.com
It's effectively impossible to blind spoof TCP, so since you're completing
the TCP session you can be assured the traffic is really coming from where it
claims to be.
Is it a high rate from a smallish number of IPs, or a low rate from a large
number? What specifically do the HTTP requests
We are seeing a lot of http requests to legitimate URLs on our web server...
the URLs are pages that do auto redirects to other content pages. The redirects
are collecting site stats and the high number of requests are knocking the
tracking stats out way out of whack compared to the norm.
If you use the same certificate on two clients, it will do that.
Or if you connect two clients to a shared key instance, it will do that.
In the first case, you can check Duplicate Connections to allow multiple
people to connect from the same certificate, but that is highly discouraged.
Use
I have used one of these (Supermicro SYS-5015A-EHF-D525), the only issue I have
run into with the one I have, is that IP KVM for some reason isn't working as
expected.
Specifically... if I VPN into the firewall (PPTP), I can't seem to be able to
access the IP-KVM.
If I remote into a machine
I have some clients that has been hit twice with the recent SQL injections that
seem to be ramping up.
See:
http://www.scmagazineus.com/new-mass-sql-injection-attack-could-be-forming/article/218069/
http://news.hitb.org/content/new-mass-sql-injection-attack-could-be-forming
At our datacenter
2011, om 00:26 heeft Chuck Mariotti het volgende geschreven:
At our datacenter managed to not get hit. However, I guess I would like to ask
for suggestions on how to stop this type of attack at the pfSense firewall and
what/how to implement something that would allow us to manage such attacks
After converting a network of computers to use a fairly popular 3rd party email
service (not my decision unfortunately), users are experiencing very odd issues
with email (POP and SMTP based). The 3rd party says we should try different
ports, increase timeouts, etc... and they sometimes take
It' not a How to but a quick video... of setting up. Not sure if it's the
right way to do it but it worked for me.
http://www.youtube.com/watch?v=odjviG-KDq8
Now if only I could find out how to setup OpenVPN via pfSense to work with Snom
phones.
Chuck
-Original Message-
From:
30 matches
Mail list logo