Re: [pfSense] VIPs : CARP vs IP Alias

On 09/03/15 12:02, Espen Johansen wrote: For 2.2 I'm not sure but it used to be a limit afaik. >*snip* "Proper" IP aliases were introduced with 2.0. Up to 1.2.3 this was a limitation. Best regards Matthias ___ pfSense mailing list https://lists.pfs

Re: [pfSense] VIPs : CARP vs IP Alias

On 09/03/15 11:23, Brian Candler wrote: On 09/03/2015 10:10, Bryan D. wrote: Nope, it's a fully functioning setup (has been, in this form, for a few years) ... just wanted to switch off CARP VIPs since I'm not using failover. The only question is why won't IP Alias VIPs replace the CARP VIPs?

Re: [pfSense] Difference between APU4 and APU1C4

Am 27.07.2014 20:20, schrieb Chris Bagnall: On 27/7/14 7:06 pm, Matthias May wrote: With intel cards on the same board you can get up to 650 Mbit/s, but i expect it to be lower with additional rules. Have you tried it with Intel cards (I assume you're talking mPCIe cards?) - and if so,

Re: [pfSense] Difference between APU4 and APU1C4

Am 27.07.2014 18:32, schrieb Kenward Vaughan: On 07/22/2014 02:19 PM, Rainer Duffner wrote: Am 22.07.2014 um 21:29 schrieb Nickolai Leschov mailto:nlesc...@gmail.com>>: The difference is not $200, but about $100 with 8GB Sandisk Extreme Secure [sic!] SDHC card included. ... What sort of ban

Re: [pfSense] Trouble logging into Forum Account, Any admins able to help?

List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list What is your username? Best regards Matthias May ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Status of pfSense 2.2 regarding 802.11n

On 16/05/14 00:36, Victor Padro wrote: On Thu, May 15, 2014 at 3:29 PM, Matthias May <mailto:matth...@may.nu>> wrote: Am 15.05.2014 20:49, schrieb Jim Pingle: On 5/15/2014 1:03 PM, b...@todoo.biz <mailto:b...@todoo.biz> wrote: I wanted to know what wa

Re: [pfSense] Status of pfSense 2.2 regarding 802.11n

Am 15.05.2014 20:49, schrieb Jim Pingle: On 5/15/2014 1:03 PM, b...@todoo.biz wrote: I wanted to know what was the status of 2.2 regarding WLAN (802.11 n) support / implementation ? I am mainly interested in Atheros driver support since most of our HW is based on this chipset. The drivers ar

Re: [pfSense] My son is able to bypass my captivate portal

Am 11.05.2014 21:48, schrieb Stefan Baur: Am 11.05.2014 21:28, schrieb Ryan Coleman: The simple solution is to block all outbound DNS at the firewall, but this can also break things (like some Google and Apple devices). Even broken devices usually have a fallback mode, but be careful of what br

Re: [pfSense] Blast from the past: pfSense 1.2 / ALIX / VLANs

Am 24.03.2014 14:18, schrieb Chris Bagnall: Greetings list, I appreciate this is something of a blast from the past, but I'm hoping some of you will still have 1.2 systems in use and might be able to shed some light on this. Recently, one of our clients sublet part of their building to anoth

Re: [pfSense] Fwd: Firewall Log

On 19/03/14 13:46, Moshe Katz wrote: On Mar 19, 2014 7:59 AM, "Brian Caouette" > wrote: > > > > > Original Message > Subject: > Firewall Log > Date: > Thu, 13 Mar 2014 12:48:33 -0400 > From: > Brian Caouette mailto:bri...@dlois.com>> > To: > pfSense s

Re: [pfSense] VPN group restrictions

On 14/02/14 11:53, Chuck Mariotti wrote: OpenVPN allows you to push routes to the client side... not sure if those routes can be bypassed (it other words, if it's just a rule sent to the client only, or if the firewall actually enforces that rule as well). I'm not sure about the grouping co

Re: [pfSense] is it possible to rename gateways in 2.1 release AMD64?

Joe Not sure i follow. What is not working with: Click on the "System --> Routing --> Gateways" on the "e" button next to the gateway you want to change the name of. Set the name you want in the "Name" field. Regards Matthias May

Re: [pfSense] Exclude an ip address from a phase 2 entry

On 08/11/13 15:52, Dan wrote: Hi, I have a really annoying problem that I am trying to resolve. Assume the following subnets. Site A Internal: 10.10.0.0/16 Site B Internal: 10.50.0.0/16 Site B DMZ: x.y.z.0/24 ( Where this is a valid public subnet). I have an ipsec vpn setup. The first phas

Re: [pfSense] Hardware requirements for gigabit wirespead

ion, etc. or something else? Use dedicated 5GHz antennas and dedicated 2.4GHz antennas (No dualband). Avoid APs with internal antennas. Best would be an AP with detachable antennas and then connect your own. Regards Matthias May ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Hardware requirements for gigabit wirespead

uch more you can do other than using better hardware which costs remarkably more. Regards Matthias May ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Pfsense Firewall complete halt

Am 06.10.2013 15:35, schrieb kol: Since upgrading from 2.1RC1 to 2.1-Release I have been experiencing intermittent forwarding halts, I also noticed access the web gui is also halted, I'm however able to access the FW via SSH and console, restarting webconfigurator doesn't solve the problem, n

Re: [pfSense] pfSense and Cable Modem Throughput

On 13/09/13 01:07, Ernst den Broeder wrote: On 2013-09-12, at 3:34 PM, Adam Piasecki wrote: It sounds like my issue, i'll have to get the cable provider to change the settings as they won't allow me access into the modem. This is a Motorola SB6580G in bridge mode. Adam If it is indeed a phy

Re: [pfSense] Strange Block on LAN interface

On 12/09/13 01:23, Kevin Tollison wrote: I am getting an odd behavior on 2.1RC2 . Hopefully I have just missed something. My site is setup as follows PfSense - Site 1 192.168.1.0/24 - Adtran router 192.168.1.3 - PPPT1 ---Site2 Adtran Router 192.168.3.3

Re: [pfSense] Remote office redundancy

Am 23.05.2013 17:53, schrieb Chris Bagnall: On 23/5/13 4:50 pm, Vick Khera wrote: Still, what happens if site 1 wan1 goes down, and site 2 wan 2 goes down? I suppose theoretically you could have 4 VPNs: 1 - 1 1 - 2 2 - 1 2 - 2 Though the OSPF rules to do that would be... interesting, to say t

Re: [pfSense] Hosts in LAN can't see each other

On 12/05/13 18:05, Marco wrote: Hi, as described in another post a few days ago, my setup is as follows: ethernet -> WAN WLAN -> LAN OPT1 -> bridge(WAN,LAN) The firewall is switched off and communication from LAN to WAN works flawlessly. But the hosts in the LAN (wireless) can't see ea

Re: [pfSense] help

On 24/04/13 16:36, eyobe kebede wrote: we are using dSL and let me give you some information. we were using 10.130.48.72 IP address give by the ISP and for some reason we have purchased public ip 197.156.75.54. where technicians from the ISP do not give us how to use the IP addresses and it be

Re: [pfSense] help

On 24/04/13 03:17, Vick Khera wrote: On Sat, Apr 20, 2013 at 5:46 AM, eyobe kebede > wrote: but 10.134.192.154 is the WAN ip and 10.130.42.65 is default gate way Given that 10.134.192.154 is your WAN IP, and the netmask they gave you is 255.255.255.252, the *ONLY

Re: [pfSense] pfSense serial connection boot

Am 01.02.2013 16:40, schrieb Jim Thompson: On Feb 1, 2013, at 9:39 AM, Jim Thompson wrote: Maybe someone (you?) already changed the speed under pfSense? Ignore me, you said WRAP, not ALIX. Pingle got it right. ___ List mailing list List@lists.pfs

Re: [pfSense] Openvpn site to site problem

On 21.12.2012 05:27, Nishant Sharma wrote: On Thu, Dec 20, 2012 at 6:58 PM, Cristian Del Carlo wrote: In lan e openvpn i have only one rule that pass everything. This problem make me crazy Have you configured the server for pushing the routes to client and added iroute parameters? -Nish

Re: [pfSense] CARP Questions on pfSense 2.x

r site-to-site i would honestly set up 2 separate tunnels (one on each WAN) and create an internal loadbalancer/failover pool for the other side via the two gateways of the openVPN tunnels. Greetings Matthias May ___ List mailing list List@lists.p

Re: [pfSense] Open VPN Question: Multiple Local LAN ranges

On 02.10.2012 16:02, Joel Robison wrote: Hello, First off, Ive been following this list for some time and I love PfSense and have recommended it to many others. I have a question about the OpenVPN functionality around adding another routable subnet to clients exported through the client expor

Re: [pfSense] SSH error

lease help anybody Thanks ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list This could also mean that the state-table is full. Try to increase it and see if it helps. Greetings Matthia

Re: [pfSense] VLAN

On 16.08.2012 03:16, Drew Lehman wrote: Probably, yes, although you still need rules, based on your description. How have you configured the switchport that the pfSense box is plugged into? Also, the SSID name has nothing to do with the VLAN tag... do you have a 'smart' WiFi AP that has been conf

Re: [pfSense] Odd CARP Question

le this is why. Greetings Matthias May ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Ping through two bridged interfaces not working

rewall log. Greetings Matthias May ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Rule processing optimization - states

Am 23.05.2012 um 15:25 schrieb Ugo Bellavance : > On 2012-05-22 15:44, Vick Khera wrote: >> On Thu, May 17, 2012 at 2:37 PM, Ugo Bellavance wrote: >> >>> I would like to make sure my rules in the best order. I understand that the >>> rules are processed from top to bottom, so I should place the

Re: [pfSense] pf vrs mono?

st You have the same subnet on WAN and OPT1. Remove the OPT1 (or move to a different subnet) and it will probably start working. Greetings Matthias May ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Routing based on source address possible?

create a firewall rule, you can set as criteria a source-address and then define a gateway. (Keyword: policy routing). Greetings Matthias May ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Block Rule doesnt work

below is no longer considered. Meaning if you have an allow rule above your block rule, the allow rule will always catch. Put your block rules all the way to the top. If that doesn't help, send a screenshot of your rules. (Overview, not the configuration of the rule itself).

Re: [pfSense] [pfSense-discussion] modified nanoBSD 1.2.3 image for WRAP? -> 2.0 ?

For anyone else actually still running a WRAP. Premodified images for 2.0 are on http://zhaw.ch/~maym Greetings Matthias May Olivier Mueller wrote: On Mon, 2011-09-19 at 09:26 -0400, Jim Pingle wrote: On 9/19/2011 8:29 AM, Matthias May wrote: I think what he means is that he&#

Re: [pfSense] [pfSense-discussion] modified nanoBSD 1.2.3 image for WRAP? -> 2.0 ?

org http://lists.pfsense.org/mailman/listinfo/list I think what he means is that he's running a WRAP and not an ALIX (at least from the subject of the mail). I will modify the images and host them on the above mentioned link as soon as i find the time. Haven't gotten around to update