Re: [pfSense] MBR restore

2017-06-30 Thread Kostas Backas 
Maybe install a fresh version and restore a backup?

Kostas

Sent from my iPhone

From: List  on behalf of Nicola Ferrari 
(#554252) 
Sent: Friday, June 30, 2017 2:02:47 PM
To: list@lists.pfsense.org
Subject: [pfSense] MBR restore

Hi guys!

I'm writing here since one of my collegues had to move a pfsense install
to new hardware, so imaged the pfsense using clonezilla but forgot to
enable the option to save MBR also.

So, after restoring the image, pfSense is no more able to boot.

What's the best way to restore the MBR on an existing and
already-configured pfSense install?

Thanks to everybody!
Nick


--
+-+
| Linux User  #554252 |
+-+

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] looking for silent and powerful pfsense hardware

2017-03-28 Thread Kostas Backas 
Maybe the newest Alix: https://www.pcengines.ch/apu.htm

Best regards

Kostas

On 28/03/17 16:00, "List on behalf of Eero Volotinen" 
 wrote:

Well, I don't know PPS values :) This is just home gigabit connection for
.. surfing/movies/4K streaming :)

Eero

2017-03-28 15:13 GMT+03:00 Vick Khera :

> On Tue, Mar 28, 2017 at 2:59 AM, Eero Volotinen 
> wrote:
>
> > Looking for pfsense hardware that can handle 1000M/1000M internet
> > connection with NAT.
> >
>
> I would recommend at least a Xeon processor base system for that traffic.
> Really, the limit is PPS; do you know what that would be? Any system using
> a Xeon will not be silent. I use a pair of high end custom-built boxes at
> my data center, and they can push this kind of traffic, though my usual
> sustained is only in the 200Mbps range.
>
> The only silent systems I have are based on the Atom C2758 processor, and 
I
> do not think those will handle a full gigabit connection at full speed.
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Is this list still active?

2017-01-24 Thread Kostas Backas 
Just received a bunch of messages from other people so I guess the listsrv woke 
up.

Best regards

Kostas

Sent from my iPhone


From: List  on behalf of Steven Sherwood 

Sent: Monday, January 16, 2017 4:23:19 PM
To: 'list@lists.pfsense.org'
Subject: [pfSense] Is this list still active?

Just sending this out as a test message as I've stopped receiving the list as 
of December 8...
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Open Vpn

2016-08-23 Thread Kostas Backas 
The Client Export package will give you the option to get the client for 
Windows as well as the conf files.

Best regards

Kostas


From: List  on behalf of Alfredo Tapia Sabogal 

Sent: Wednesday, August 24, 2016 1:16:23 AM
To: pfSense Support and Discussion Mailing List
Subject: [pfSense] Open Vpn

Hello
Is anyone knows where i can downloaded the openvpn client for windows
client please

Thanks!!!

Alfredo Tapia Sabogal
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] SCVMM Agent

2016-01-09 Thread Kostas Backas 
Pfsense hyperv image?

Sent from my iPhone

> On 9 Ιαν 2016, at 19:47, Jim Thompson  wrote:
> 
> We have an official image for Azure coming. 
> Should be available soon. We're in final stages with Microsoft. 
> 
> -- Jim
> 
>> On Jan 9, 2016, at 4:56 AM, "pfsense-l...@y-tech.co.il" 
>>  wrote:
>> 
>> Hi everyone,
>> 
>> We are struggling for weeks now trying to install SCVMM 2012 R2 agent on 
>> PFSense.
>> We run a cloud company based on Hyper-V with Azure Pack, we wish to give our 
>> customers a great experience with pfsense, we are working with the product 
>> for years (outside SCVMM scope) and it's perfect.
>> In order to be compliant and have all the features with SCVMM VM networks 
>> and automation we must install the SCVMM agent, but there is lack of support 
>> for FREEBSD.
>> If anyone managed to do so or have an idea how we can accomplish our goal it 
>> will be great.
>> 
>> Thanks,
>> Tomer Schwaitzer.
>> 
>> -- 
>> This message has been scanned for viruses and
>> dangerous content by Y-Tech MailScanner system, and is
>> believed to be clean.
>> 
>> ___
>> pfSense mailing list
>> https://lists.pfsense.org/mailman/listinfo/list
>> Support the project with Gold! https://pfsense.org/gold
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] HAproxy question

2015-12-12 Thread Kostas Backas 
Do you have Snort in your setup? I've seen IPS causing this behavior.

Best regards

Kostas

Sent from my iPhone

> On 12 Δεκ 2015, at 00:13, C. R. Oldham  wrote:
> 
> Actually I think I characterized this problem the wrong way.
> 
> It appears that neither haproxy nor nginx (when used as a proxy) are
> reliable on our pfSense firewall.  They will work for a while, then they
> stop passing traffic for a while, then they work awhile.  Restarting them
> doesn't make them responsive immediately.  I am at a loss to explain this.
> I've confirmed there are no other processes listening on port 443 on any IP
> (virtual or physical).  If anyone has ideas I'd love to hear them.
> 
> --cro
> 
> 
>> On Fri, Dec 11, 2015 at 8:14 AM, C. R. Oldham  wrote:
>> 
>> Greetings,
>> 
>> We've recently replaced both our routers with pfSense.  I am using tinc
>> for site-to-site VPN and OpenVPN for clients to connect.
>> 
>> Since some of our support engineers often end up onsite with customers, I
>> want to enable OpenVPN over TCP port 443--we've noticed that many of our
>> customers block outbound UDP, but using the https port works fine.
>> 
>> However, we also have haproxy on our firewall proxying for some web
>> applications on port 443. but on a different virtual IP from OpenVPN.  If I
>> enable OpenVPN on the TCP port, haproxy stops working, even though they are
>> listening on different IPs.
>> 
>> I have appropriate firewall rules for both virtual IPs in place.
>> 
>> Can anyone shed some insight on how I can fix this?
>> 
>> Thanks.
>> 
>> --cro
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] VPN client

2015-12-09 Thread Kostas Backas 
You can have IPSec site-to-site tunnels if this is what you want to achieve.

Best regards

Kostas

Sent from my iPhone

> On 9 Δεκ 2015, at 07:15, Ted Byers  wrote:
> 
> Is it possible to use pfsense as a client, replacing a Checkpoint
> UTM-1 Edge W with AES256 ?  You see, I have one of these Checkpoint
> routers that has failed, and it had been used as a client to a VPN.  I
> know I can use pfsense to provide VPN access to machines behind it.  I
> have done this, and use OpenVPN to connect to to the machines
> protected by pfsense.
> 
> I suppose I could use OpenVPN as the client, and will investigate
> that.  But I need to know if pfsense can function as both a server and
> as a client (for the unrelated purpose of configuring clusters of LANs
> each of which is protected by pfsense, so that regardless of which LAN
> fails, the others in the cluster can take over operation of the VPN
> connecting them all).
> 
> Thanks
> 
> Ted
> 
> -- 
> R.E.(Ted) Byers, Ph.D.,Ed.D.
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Multiple SSIDs

2015-11-27 Thread Kostas Backas 
We are using Ubiquiti Edge router and Unifi APs to route multiple SSIDs to 
VLANs.

I am sure (since Unifis can handle VLANs very well) that pfSense can be used. 
We are using pfSense VLANs to route multiple WANs from one NIC.

Best regards

Kostas

> On 27 Νοε 2015, at 02:37 π.μ., John Johnstone 
>  wrote:
> 
> On Nov 24, 2015, at 10:50 AM, Steve Yates  wrote:
>> 
>> Steve Yates wrote on Tue, Nov 24 2015 at 9:28 am:
>>>   We haven't used wireless with pfSense yet.  The manuals for the
>>> hardware models don't seem to mention how to set up the optional
>>> wireless. The doc site suggests not using wireless in pfSense?
>>> (https://doc.pfsense.org/index.php/Should_I_use_pfSense_as_my_access_poi
>>> nt)  It also says that some cards can handle multiple SSIDs
>>> (https://doc.pfsense.org/index.php/Wireless_Interfaces).  Does anyone
>>> know if pfSense's hardware models support multiple SSIDs?
> 
> I haven't used wireless with pfSense.  From what I've glanced at in the 
> freebsd-questions mailing list, wireless with FreeBSD is very much a hit or 
> miss situation.  I'd definitely stick with an external access point.
> 
> My company has a D-Link DAP-2660.  It's not running through pfSense though.  
> It has multiple SSID capability although we're not using it.  You can 
> configure each SSID to a VLAN.  It only gets light use and works well.
> 
> -
> John J.
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Multi-Wan Setup, High Availability and Traffic Segmentation

2015-11-14 Thread Kostas Backas 
We use VLANs to route more than one wan from one NIC, not for routing, but it 
can be done.

Best regards

Kostas

Sent from my iPhone

> On 14 Νοε 2015, at 06:43, Espen Johansen  wrote:
> 
> VLANs ? VLAN is l2 not L3. I have no idea what you are trying to do with
> VLANs in the mix. Policy routing is easy and probably what you need.
> 
> -lsf
> 
> fre. 13. nov. 2015, 23.29 skrev David White :
> 
>> I have a unique scenario:
>> 
>> The higher ups require a multi-wan high availability setup, but assuming
>> both ISPs are working, some traffic is required to use 1 ISP and some
>> traffic is required to use the other.
>> 
>> I've read in some pfSense docs on how I can setup a high availability,
>> multi-wan setup, but those docs say nothing about segmenting the traffic.
>> 
>> My idea is to setup 2 VLANS, and route 1 VLAN out of 1 gateway and 1 VLAN
>> out the other, but configure them so that if 1 ISP or the other ISP goes
>> down, both VLANS will go out whichever ISP is working.
>> 
>> Is this possible?
>> 
>> --
>> David White
>> Founder & CEO
>> 
>> *Develop CENTS *
>> Computing, Equipping, Networking, Training & Supporting
>> Organizations Worldwide
>> http://developcents.com
>> ___
>> pfSense mailing list
>> https://lists.pfsense.org/mailman/listinfo/list
>> Support the project with Gold! https://pfsense.org/gold
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] client VPN on IOS

2015-09-25 Thread Kostas Backas 
Openvpn client works really well.

Best regards

Kostas

Sent from my iPhone

> On 25 Σεπ 2015, at 20:46, Bryan D.  wrote:
> 
>> On 2015-Sep-15, at 6:18 AM, Ray Bagby  wrote:
>> 
>> Greetings,
>> 
>>   Anyone have any luck connecting iphone via VPN?
> 
> You can also see:
> 
> http://www.derman.com/blogs/Setting-Up-iOS-OnDemand-VPN
> 
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] client VPN on IOS

2015-09-15 Thread Kostas Backas 
Yes, OpenVPN Connect works really great.

Best regards

Kostas


Kostas Backas

 Certified System Administrator
 Certified Trainer 10.9 - 10.8 - 10.7 - 10.6
 Certified Technology Specialist [Directory Services]
 Certified Technology Specialist [Deployment]
 Certified Technology Specialist [Security and Mobility]
 Certified Macintosh Technician
 Certified Technical Coordinator 10.7 - 10.6
 Certified Support Professional 10.8 - 10.7 - 10.6
Cyberoam Certified Network & Security Professional
MCTS: Windows Server 2008 R2, Server Virtualization

iSystem
Apple Premium Reseller
Apple Authorized Premium Service Provider

269, Messoghion Ave, 152 31 Halandri
Τ: +30 210 6985280 <tel:%2B30%20210%206985280> • F: +302106912228 
<tel:%2B302106912228>
> On 15 Σεπ 2015, at 16:18 μ.μ., Ray Bagby <rba...@sbcglobal.net> wrote:
> 
> Greetings,
> 
>Anyone have any luck connecting iphone via VPN?
> 
> Thanks
> 
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Access Point Recommendations?

2015-08-24 Thread Kostas Backas 
UniFi is my choice. I have used it with pfsense with great success. Vlan 
capability gives extra configuration options.

Best regards

Kostas

Sent from my iPhone

 On 24 Αυγ 2015, at 06:36, Volker Kuhlmann hid...@paradise.net.nz wrote:
 
 Does anyone have any recommendations for a/ac models, AP only, as is
 only radio, no router/switch stuff? Dumb is good, I use pfsense already
 and don't need more complexity in closed-source buggy devices.
 Single-RJ45 perfect, as soon as there are LAN and WAN ports the problems
 start (like everyone thinking the only secure way to configure the AP is
 over the wifi!).
 
 Thanks,
 
 Volker
 
 -- 
 Volker Kuhlmannis list0570 with the domain in header.
 http://volker.top.geek.nz/Please do not CC list postings to me.
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Access Point Recommendations?

2015-07-17 Thread Kostas Backas 
UniFi has several models, AC included.

You can have the controller running on a Raspberry Pi or VM.

Best regards

Kostas

Sent from my iPhone

 On 17 Ιουλ 2015, at 18:16, Chuck Mariotti cmario...@xunity.com wrote:
 
 I guess I should mention, the internet connections are usually 150Mbit+ ... 
 so would need something in the n or a/c range preferably.
 Lots of devices, laptops (hooked up to Ethernet but still wifi active when 
 walking around).
 
 -Original Message-
 From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Paul Galati
 Sent: July-17-15 10:50 AM
 To: pfSense Support and Discussion Mailing List list@lists.pfsense.org
 Subject: Re: [pfSense] Access Point Recommendations?
 
 Probably get flamed for this but my experience has been positive.  Purchase a 
 router that is capable of running Tomato, preferably Toastman or Shibby.  I 
 still use a $15 ebay Linksys WRT54GL that is rock solid and with Tomato it 
 includes built in OpenVPN software to connect to pfsense at the office.
 
 Paul
 
 On Jul 17, 2015, at 10:45 AM, Chuck Mariotti cmario...@xunity.com wrote:
 
 We are having a number of issues with Engenius Access Points... they seems 
 to have the features we need but for some reason, connectivity is not 
 reliable (seems Mac related). As much time as I would like to spend 
 debugging it, it would be cheaper to replace.
 
 Does anyone have any recommendations for small office access points?
 
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Issues with 2.2.x and Alix devices

2015-07-07 Thread Kostas Backas 
Hello,

Thank you for your answer.

The devices I use are the 2D3 with the 256 RAM.

Best regards

Kostas


 On 7 Ιουλ 2015, at 10:45 π.μ., Микаел Бак mikael@yandex.ru wrote:
 
 Hi Kostas,
 
 
 On 2015-07-06 18:53, Kostas Backas wrote:
 Hello,
 
 I had no success restoring 2.2.x (2.2.2 or 2.2.3) proper installers or 
 updaters to 2 different Alix devices.
 
 2.1.5 is installing fine, and then update works OK. I haven’t tested yet the 
 devices with serial cables to see where they stop.
 
 Anyone faced this?
 
 
 You do not specify how much RAM your Alix device have.
 I have only been able to run pfsence reliably with Alix devices that have 
 256MB RAM. With less (128MB RAM) the webconfigurator process kills itself, 
 presumably because it needs more RAM to work properly.
 
 Perhaps I'm wrong, but this is what I have noticed on my systems.
 
 HTH,
 Mikael
 
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] Issues with 2.2.x and Alix devices

2015-07-06 Thread Kostas Backas 
Hello,

I had no success restoring 2.2.x (2.2.2 or 2.2.3) proper installers or updaters 
to 2 different Alix devices.

2.1.5 is installing fine, and then update works OK. I haven’t tested yet the 
devices with serial cables to see where they stop.

Anyone faced this?

Best regards

Kostas


___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] Cannot install 2.2 on Alix board (latest firmware)

2015-03-09 Thread Kostas Backas 
Hello,

I have difficulties installing pfsense 2.2 on Alix board (with the latest 
firmware 0.99) to a 2 GB CF card. I had success install 2.1.5 and upgrade, but 
direct install of 2.2 not working (sequencial blinking lights).

Best regards

Kostas


___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Cannot install 2.2 on Alix board (latest firmware)

2015-03-09 Thread Kostas Backas 
Thank you,

I have tried different cards, only 2 GB. I will try tomorrow with a serial 
cable.

Best regards

Kostas

Στάλθηκε από το iPad μου

9 Μαρ 2015, 11:22 μ.μ., ο/η Walter Parker walt...@gmail.com έγραψε:

 I installed it on an ALIX with a 4GB card without issues. I'd suggest getting 
 a serial cable so that you can see the output from the system as it boots 
 (make sure you a null modem cable or adapter).
 
 
 Walter
 
 On Mon, Mar 9, 2015 at 5:11 AM, Kostas Backas kos...@i-system.gr wrote:
 Hello,
 
 I have difficulties installing pfsense 2.2 on Alix board (with the latest 
 firmware 0.99) to a 2 GB CF card. I had success install 2.1.5 and upgrade, 
 but direct install of 2.2 not working (sequencial blinking lights).
 
 Best regards
 
 Kostas
 
 
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold
 
 
 
 -- 
 The greatest dangers to liberty lurk in insidious encroachment by men of 
 zeal, well-meaning but without understanding.   -- Justice Louis D. Brandeis
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] dns to openvpn clients

2015-02-03 Thread Kostas Backas 
Hi,

I have the same issue with viscosity and OS X clients.

DNS works fine for internal queries, but no internet for connected clients.

Windows clients are working fine.

Στάλθηκε από το iPad μου

3 Φεβ 2015, 10:12 μ.μ., ο/η Federico Corradino spiorf...@gmail.com έγραψε:

 I had a similar problem with openvpn-gui client on windows 7. The interface 
 info showed the correct dns, and running nslookup everything looked fine, but 
 normal windows applications didn't even tried to query a dns server, and just 
 fail.
 
 I solved adding 
 
push route-method exe;
push route-delay 2
 
 to server config.
 
 also, i tried brutally NATing every dns request from openvpn interface to any 
 non-lan host, redirecting it to 127.0.01.
 That works even if the user manually changes his dns server, and still hasn't 
 broken anything.
 
 Federico
 
 2015-02-03 20:45 GMT+01:00 Randy Bush ra...@psg.com:
 2.2-RELEASE (i386)
 
 i think i am configured to
   Redirect Gateway checked
   DNS Default Domain not checked
   DNS Servers / Provide a DNS server list to clients
 
 but the clients (viscosity) are not learning the dns
 
 clue bat, please
 
 randy
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold
 
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] MultiWAN QoS (VoIP priority)

2015-01-12 Thread Kostas Backas 
Hello,

I saw a question in the forum, but maybe I get faster answers here. I have 3 
WANs. Can I get QoS for VoIP priority in MultiWAN groups? Is it reliable?

Best regards

Kostas
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] Prioritize VoIP in MultiWAN

2015-01-06 Thread Kostas Backas 
Hello,

Any issues-advice for prioritize VoIP in multiWAN (3 WANs-variable speed)? I 
have group gateways for load balancing and failover and policy routing” by 
setting specific IPs WAN routing.

Best regards

Kostas
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Allow specific internal IPs over OpenVPN

2014-12-24 Thread Kostas Backas 
Hello,

I need to create a site-to-site OpenVPN. What rules are needed in order for the 
remote site to have access only to a specific host on the remote network?

Best regards

Kostas
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Allow specific internal IPs over OpenVPN

2014-12-24 Thread Kostas Backas 
Thank you!

Best regards

Kostas


 On 24 Δεκ 2014, at 12:27 μ.μ., Vassilis bigracc...@gmx.net wrote:
 
 On 24 December 2014 11:00:01 EET, Kostas Backas kos...@i-system.gr wrote:
 Hello,
 
 I need to create a site-to-site OpenVPN. What rules are needed in order
 for the remote site to have access only to a specific host on the
 remote network?
 
 Best regards
 
 Kostas
 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list
 
 Hi!
 
 In order to have any access between your sites you need to setup rules in the 
 OpenVPN tab. If you only need access from the whole site to a single host, 
 set up the rule for the remote location subnet as source and the specific 
 host as the destination. 
 
 Vassilis
 
 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Restore older version backup

2014-12-15 Thread Kostas Backas 
Hello!

I have an Alix with the latest 2.1.5 version. Can I restore a backup from this 
hardware (Alix), but older version (2.0.x)?

Best regards

Kostas

Sent from my iPhone
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] OpenVPN connects fine, no internet

2014-12-11 Thread Kostas Backas 
Agreed. That is the reason that I do not need it.
What I need is to find out why connected clients to vpn do not have Internet 
access.

Is it an issue with the tunnelblick client in os x or do I need to fix 
something in the Pfsense box?

Best regards

Kostas

Sent from my iPhone

On 11 Δεκ 2014, at 12:11, Volker Kuhlmann hid...@paradise.net.nz wrote:

 did you configure tunnelblick to send *all* traffic to the vpn? if so, you
 have to add allow rules to the openvpn interface to permit that traffic,
 and probably set up a NAT on there as well.
 
 If the network the client is connecting from (e.g. while travelling) is
 in any way not totally trustworthy it would be prudent to at least route
 the DNS traffic through the tunnel, if not all traffic. The VPN should
 protect from all MITM attacks and snooping between the VPN client and
 server.
 
 Volker
 
 -- 
 Volker Kuhlmannis list0570 with the domain in header.
 http://volker.top.geek.nz/Please do not CC list postings to me.
 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] OpenVPN connects fine, no internet

2014-12-11 Thread Kostas Backas 
Thank you,

I don't want to route all traffic. I just want to find out why connected 
clients cannot access the internet.

Best regards

Kostas

Στάλθηκε από το iPad μου

11 Δεκ 2014, 7:19 μ.μ., ο/η Karl Fife karlf...@gmail.com έγραψε:

 The VPN should protect from all MITM attacks and snooping between the VPN 
 client and server.
 
 This is a great idea, but I find that routing all traffic through VPN causes 
 problems in marginal (lossy or congensted) networks.  I'm curious to know if 
 others have also had this pain point, and whether you've had any success by 
 simply sending VPN over TCP.
 
 
 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] OpenVPN connects fine, no internet

2014-12-10 Thread Kostas Backas 
Hello,

We are using openvpn with tunnelblick and viscosity clients in OS X.

Our main issue is that when the users are connected to the vpn, the cannot 
access the Internet.

I have tried to forward traffic through vpn, add DNS servers etc, but nothing 
worked.

How can I determine what keeps it from working?

Best regards

Kostas

Sent from my iPhone
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list