Re: [pfSense] Nat between vlans

2018-03-30 Thread James Ronald 
Yılmaz,

Sorry, but why not attach the Airprint to both VLANs?

- Jim

Regards,

*James Ronald*
Drew Technologies, Inc.
3915 Research Park Dr Ste 10A
Ann Arbor, MI 48108
734-222-5228 x617
www.drewtech.com

On Fri, Mar 30, 2018 at 1:58 PM, Raphaël RIGNIER <r.rign...@leschartreux.net
> wrote:

> Le 30/03/2018 à 19:03, Yılmaz Bilgili a écrit :
>
>> Thank you for your reply. Especially IOS devices can not find others if
>> they are not on the same subnet. This is why I want this way.
>>
>>
> Native Access is difficult, as Airprint uses Bonjour Protocol wich works
> only on the same subnet.
> Bonjour is Multicast protocol. You'll have to play with filter Rules with
> advanded "allow ip options" checked and set IGMP proxy correctly. I have
> never did this on pfsense.
>
> The only success I had with multicast routing is with a Linux box and pimd
> service. It works to deploy Os images via multicast between the server and
> desktop's subnets.
>
> --
>
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Port forwards don't work on one machine

2018-02-12 Thread James Ronald 
What is the default gateway of the destination (is there a route back to
pfSense)?

- Jim

On Mon, Feb 12, 2018 at 1:46 PM, Marco  wrote:

> On Mon, 12 Feb 2018 11:59:09 -0600
> Steven Spencer  wrote:
>
> > On 02/12/2018 11:43 AM, Marco wrote:
> > > On Mon, 12 Feb 2018 10:21:08 -0600
> > > Steven Spencer  wrote:
> > >
> > >> On 02/11/2018 03:29 PM, Marco wrote:
> > >>> On Sun, 11 Feb 2018 20:46:41 +
> > >>> "Joseph L. Casale"  wrote:
> > >>>
> >  -Original Message-
> >  From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of
> >  Chris L Sent: Sunday, February 11, 2018 1:43 PM
> >  To: pfSense Support and Discussion Mailing List
> >   Subject: Re: [pfSense] Port forwards
> >  don't work on one machine
> > 
> > > What interface is that taken on? Take one on the interface the
> > > destination server is connected to (WLAN?) and test again. While
> > > you’re capturing also do another Diagnostics > Test Port from
> > > the local pfSense itself. Please include the capture of both
> > > events (from outside and using test port.)
> > >
> > > It looks like the server is not responding.
> >  I'd also suggest running a capture on the destination, if it's
> >  actually receiving traffic and/or sending it elsewhere (routing
> >  rule) this will provide some insight.
> > >>> I ran a wireshark on the destination and it received packets when
> > >>> “port testing” from the pfSense, but not when using external
> > >>> access (e.g. canyouseeme.org)
> > >>>
> > >>> Marco
> > >>> ___
> > >>> pfSense mailing list
> > >>> https://lists.pfsense.org/mailman/listinfo/list
> > >>> Support the project with Gold! https://pfsense.org/gold
> > >> Marco,
> > >>
> > >> Just curious, but what is the target machine's OS?
> > > The actual server is FreeBSD, but I run the tests with a Linux
> > > laptop as the behaviour is the same.
> > >
> > > Marco
> > > ___
> > > pfSense mailing list
> > > https://lists.pfsense.org/mailman/listinfo/list
> > > Support the project with Gold! https://pfsense.org/gold
> >
> > I know you've stated that you have no firewall on these machines. So
> > iptables -L shows empty on the Linux laptop
>
>   Chain INPUT (policy ACCEPT)
>   target prot opt source   destination
>
>   Chain FORWARD (policy ACCEPT)
>   target prot opt source   destination
>
>   Chain OUTPUT (policy ACCEPT)
>   target prot opt source   destination
>
> > No selinux in play on the Linux
> > laptop
>
> No selinux in use.
>
> > I looked at your screen shots and I can't see anything that leaps
> > out at me. We have a number of PfSense firewalls in use (15)
> > within our organization and I've used port forwarding on every one
> > of them and have never run into a problem-unless the receiving
> > machine refuses the connection.
>
> Same here. Not that I'm a network expert, but I've set up five
> pfSense installations and port forwarding has always been an easy
> task which worked by just configuring the NAT rule.
>
> If the receiving machine refuses the connection, I would not be able
> to successfully "port test" it from the pfSense box and I would see
> incoming packets with wireshark (I believe). Therefore, I suspect an
> issue with the port forwarding.
>
> > I've been bitten by selinux before and more recently, by firewalld.
>
> Not installed and (therefore I hope) not used.
>
> Thanks for the support and confirming that it's not something
> obvious. Will investigate later.
>
> Marco
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] Recipe to safely allow remote SIP phones to connect a local asterisk PBX?

2015-12-23 Thread James Ronald 
Is anyone aware of a pfSense config/recipe to safely allow remote SIP
phones to connect a local asterisk PBX?

Regards,

*James Ronald*
<http://www.drewtech.com>
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold