Re: [pfSense] SG-1000 and VPN

2017-01-24 Thread A Mohan Rao 
better u can use site to site vpn is best solution.

On Wed, Jan 25, 2017 at 11:08 AM, WebDawg  wrote:

> On Tue, Jan 17, 2017 at 10:16 AM, Steve Yates  wrote:
>
> > We have a client who wants to set up one remote user (in a fixed
> > location) with a hardware VPN connection back to the office.  The office
> > has about 5 active PCs at any given time.  This would be the only VPN
> user.
> >
> > Has anyone used one of the new micro SG-1000 units with a VPN
> > yet?  Either as a remote site or as a SOHO router + VPN host?  Just
> > wondering how the ARM CPU would stack up.  The specs say 200k active
> > (non-VPN) connections...
> >
> > --
> >
> > Steve Yates
> > ITS, Inc.
> >
> > ___
> >
>
>
> I would also like to see some real world reports.
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Reports

2016-09-02 Thread A Mohan Rao 
 I need https transparent squid3 without import CA Certificate at
client computer with https squid reports.

pls give idea if any body already configured it.


Thanks
Mohan

On Fri, Sep 2, 2016 at 7:47 AM, Abhi  wrote:

> I tried the package.
> It's able to send the test msg. &, I jaaave configured it to send reports
> every 12hrs. But, it doesn't send it.
>
> On 02-Sep-2016 01:40, "Luis G. Coralle"  wrote:
>
> > Hi, try the pfsense package mailreport.
> >
> > 2016-08-31 23:24 GMT-03:00 Abhi :
> >
> > > Hi all,
> > >
> > > Can someone help me to configure my firewall to send daily reports of
> wan
> > > usage, captive portal user's usage etc?
> > > ___
> > > pfSense mailing list
> > > https://lists.pfsense.org/mailman/listinfo/list
> > > Support the project with Gold! https://pfsense.org/gold
> > >
> >
> >
> >
> > --
> > Luis G. Coralle
> > ___
> > pfSense mailing list
> > https://lists.pfsense.org/mailman/listinfo/list
> > Support the project with Gold! https://pfsense.org/gold
> >
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] openvpn site to site clients not communicating ??

2016-02-19 Thread A Mohan Rao 
Pls check rule
Wan rule : source lan destination any your VPN port 1194.
If still not work go to your interface then uncheck two options. Block...

Regards
mohan
On Feb 19, 2016 3:25 AM, "Richard Lussier" 
wrote:

> Hi, This option is not available on a site to site ssl/tls server
>>>
>> If it's a fully routed network, my next step would be to use traceroute
>> on both ends to see where it's getting hung up at.
>>
>> Doug
>>
>
> Got it Doug
> On the server side, the rule on openvpn destination had to be to "any"
> instead of "lan net" !!!
> Thank you
>
> Richard
>
> ___
>> pfSense mailing list
>> https://lists.pfsense.org/mailman/listinfo/list
>> Support the project with Gold! https://pfsense.org/gold
>>
>
>
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] client VPN on IOS

2015-09-15 Thread A Mohan Rao 
i tried with my android its works great.



On Tue, Sep 15, 2015 at 6:48 PM, Ray Bagby  wrote:

> Greetings,
>
> Anyone have any luck connecting iphone via VPN?
>
> Thanks
>
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Why no dnssec in dnsmasq by default?

2015-08-24 Thread A Mohan Rao 
Chris SIR,
I m using squid and squid guard its working good but some important sites r
not opening given message ip-addr target group i also make rule for that
still have same issue. Also add to whitelist.
If i m use internet without pfSense its open properly.
Pls give any idea..
On Aug 25, 2015 12:05 AM, Chris Buechler c...@pfsense.com wrote:

 On Sun, Aug 23, 2015 at 9:28 AM, Adrian Zaugg a...@ente.limmat.ch wrote:
 
  Adding the three lines
 
  dnssec
  dnssec-check-unsigned
 
  
 trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
 
  to dnsmasq in pfSense makes dnsmasq dnsssec aware. Is there a reason why
  there is no tickable box to enable this in the GUI or why it is not
  enabled by default?
 

 Because that was only recently added to dnsmasq, and by the time it
 was, we'd switched to Unbound as the default resolver. You can add it
 in the advanced options.
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Why no dnssec in dnsmasq by default?

2015-08-24 Thread A Mohan Rao 
Okey sorry for that but if u have any solution for my question pls post.

Thanks
On Aug 25, 2015 12:55 AM, David Burgess apt@gmail.com wrote:

 On Mon, Aug 24, 2015 at 1:19 PM, A Mohan Rao mohanra...@gmail.com wrote:
  Chris SIR,
  I m using squid and squid guard its working good but some important
 sites r
  not opening given message ip-addr target group i also make rule for that
  still have same issue. Also add to whitelist.
  If i m use internet without pfSense its open properly.




 Please don't hijack the thread. Post a new message for your question.

 db
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] Block Torrentz

2015-08-18 Thread A Mohan Rao 
Hello pfSense experts,

I find out torrents ports like 6881-6889 etc.
And create firewall block rule source lan network then destination any with
torrents ports but still users can download torrents data.
Also i created in traffic shaper layer 7 BitTorrent still not reached any
positive result.
Pls guide Where i m wrong or my rules not work...

Thanks in advance.

Mohan Rao
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Block Torrentz

2015-08-18 Thread A Mohan Rao 
sorry not clear your point...!

On Wed, Aug 19, 2015 at 1:21 AM, Espen Johansen pfse...@gmail.com wrote:

 Focus on layer 7. Most torrent clients use dynamic ports. And disable upnp
 as that will defeat the ports blocking as well.

 -lsf

 tir. 18. aug. 2015, 21.21 skrev A Mohan Rao mohanra...@gmail.com:

  Hello pfSense experts,
 
  I find out torrents ports like 6881-6889 etc.
  And create firewall block rule source lan network then destination any
 with
  torrents ports but still users can download torrents data.
  Also i created in traffic shaper layer 7 BitTorrent still not reached any
  positive result.
  Pls guide Where i m wrong or my rules not work...
 
  Thanks in advance.
 
  Mohan Rao
  ___
  pfSense mailing list
  https://lists.pfsense.org/mailman/listinfo/list
  Support the project with Gold! https://pfsense.org/gold
 
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] How to restrict certain websites for certain computers during certain times of the day?

2015-08-03 Thread A Mohan Rao 
But squid+squidguard is filter only http sites not https like facebook. or
yourtube etc...

On Fri, Jul 31, 2015 at 9:24 PM, Ivo Tonev i...@tonev.pro.br wrote:

 You can use squid+squidguard to create restrictions and time ranges.

 Need to create local users in pfsense box and use authentication
 Em 31/07/2015 12:36, Tim Koop t...@timkoop.com escreveu:

  I have installed pfsense and I would like to block certain websites
 during
  certain times of the day for certain computers.  I've looked around
 pfsense
  as well as a plugin or two, and this looks very difficult or impossible
 to
  do.  Anyone have any ideas?
 
  These are the details:
 
  It's installed in my home.  My wife and I want full access to the
 Internet
  all the time.  Using the very nice firewall, I'm currently giving my kids
  access during certain times of the day.  (They connect with DHCP and are
  given IP addresses in a certain range, whereas our computers are given
  static IP addresses based on mac address.)
 
  The main reason I'm blocking my kids' Internet is so they don't watch
  cartoons and play games all day long.  But I wouldn't mind if they had
  access to, say, Wikipedia, or Ubuntu updates server.  So want I want is
  this:
 
  - I want to enter a list of domain names to block, myself, not take it
  from someone else's list somewhere else.
  - I want this to only apply to certain computers (my kids), preferably by
  IP address range.
  - I want to be able to apply it only during certain times of the day.
 
  Does anything like this exist?  Or how close can I get?
 
  Thanks.
 
  --
  Tim K
  ___
  pfSense mailing list
  https://lists.pfsense.org/mailman/listinfo/list
  Support the project with Gold! https://pfsense.org/gold
 
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] Captive portal

2015-07-30 Thread A Mohan Rao 
Dear all,
I need captive portal user authentication with email or mobile sms ..

Is it possible...?

Thanks
Mohan
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] 2.1.4-RELEASE to 2.2.3 problems

2015-07-22 Thread A Mohan Rao 
I also facing lots of problem after upgrade like squid3-dev squid3 services
are stopped.
I had reinstalled but having same issue.

then alos watch a big issue lan is broadcasting.


pls give any idea how i resolve..

Thanks

Mohan

On Wed, Jul 22, 2015 at 10:41 AM, Chris Buechler c...@pfsense.com wrote:

 On Tue, Jul 21, 2015 at 2:39 PM, Zach Underwood zunder1...@gmail.com
 wrote:
  Lastnight/this morning we upgraded pfsense from 2.1.4 to 2.2.3
 
  We are having problems will ssh and siproxd. We are unable to ssh to the
  box and ssh on the service tab will not start.
 

 Is this nanobsd or a full install?

 Try to run /usr/sbin/sshd from a command prompt, what output do you get?


  Here is the crash report
  Crash report begins.  Anonymous machine information:
 
  i386
  10.1-RELEASE-p13
  FreeBSD 10.1-RELEASE-p13 #0 c77d1b2(releng/10.1)-dirty: Tue Jun 23
 17:02:27
  CDT 2015 root@pfs22-i386-builder
  :/usr/obj.i386/usr/pfSensesrc/src/sys/pfSense_SMP.10
 
  Crash report details:
 
  PHP Errors:
  [21-Jul-2015 02:12:45 America/New_York] PHP Fatal error:  Call to
 undefined
  function is_service_running() in /usr/local/pkg/siproxd.inc on line 67

 That's a different line number from the current package. Guessing that
 was maybe from an older package version that was there before package
 reinstall. Is it still occurring, or was that just during the
 post-upgrade reboot?
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] SquidGurad Service Stopped

2015-05-05 Thread A Mohan Rao 
use pfsense 2.1.3

On Tue, May 5, 2015 at 1:50 PM, pratap koppal pratap.kop...@gmail.com
wrote:

 Dear All,

 I need urgent help regarding SquidGuard, as service has stopped. I tried
 many times to start the service (statusservicessquidgurad), but no luck.

 I am using Pfsense box as Firewall+Squid+Squidguard+Light Squid. Please
 help for the same.

 Regards,
 Pratap Koppal
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] SquidGurad Service Stopped

2015-05-05 Thread A Mohan Rao 
no its works great u can retry or remove squid package then install.

its work good i think

On Tue, May 5, 2015 at 1:55 PM, pratap koppal pratap.kop...@gmail.com
wrote:

 Thanks Mohan Sir for reply, but i am using 2.1.3 version. Any tweaks so
 that service can start and run.

 Regards,
 Pratap Koppal
 9769611491




 On Tue, May 5, 2015 at 1:52 PM, A Mohan Rao mohanra...@gmail.com wrote:

  use pfsense 2.1.3
 
  On Tue, May 5, 2015 at 1:50 PM, pratap koppal pratap.kop...@gmail.com
  wrote:
 
   Dear All,
  
   I need urgent help regarding SquidGuard, as service has stopped. I
 tried
   many times to start the service (statusservicessquidgurad), but no
  luck.
  
   I am using Pfsense box as Firewall+Squid+Squidguard+Light Squid. Please
   help for the same.
  
   Regards,
   Pratap Koppal
   ___
   pfSense mailing list
   https://lists.pfsense.org/mailman/listinfo/list
   Support the project with Gold! https://pfsense.org/gold
  
  ___
  pfSense mailing list
  https://lists.pfsense.org/mailman/listinfo/list
  Support the project with Gold! https://pfsense.org/gold
 
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Squid + Squidguard

2015-04-21 Thread A Mohan Rao 
i m facing same issue from last 6 months but still no one can give positive
solution.

then i m move to 2.1.3 there was working well my squid3-squid gurad etc...
new version is not good have lots of problems..


On Wed, Apr 22, 2015 at 1:47 AM, compdoc comp...@hotrodpc.com wrote:

  The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure' returned
 exit
 code '1'
 ...
 squid: ERROR: No running copy'


 If you type the following on the command line, do you get any output?


  squid -k shutdown

 Use your browser to start squid again.


 useful log:

 /var/squid/logs/cache.log


 Also, you might try squidGuard-devel if you have the 'squid' package
 installed, instead of squid3.



 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] 2.2 Packages

2015-01-30 Thread A Mohan Rao 
I also revert back to 2.1.5 or 2.1.
Its pretty good.
At present i m facing only squid guard service not starting problem..
 On Jan 31, 2015 1:38 AM, Brian Caouette bri...@dlois.com wrote:

 Where is a good place to monitor for package updates for 2.2? I had to
 revert back to 2.1.5 after a fatal error shut me down.


 Sent from my U.S. Cellular® Smartphone

 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] 2.2-RELEASE now available!

2015-01-29 Thread A Mohan Rao 
[pfSense] 2.2-RELEASE now available!
with lots of problem like squid and squid guard not working properly.


Thanks

A Mohan Rao

+91 98260 61122

On Sat, Jan 24, 2015 at 7:54 AM, Chris Buechler c...@pfsense.com wrote:

 Details on the blog:
 https://blog.pfsense.org/?p=1546
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] user certs

2015-01-29 Thread A Mohan Rao 
any bod help which version is use squid and squid guard in pfsense 2.2 amd
64

On Thu, Jan 29, 2015 at 11:25 PM, Chris Buechler c...@pfsense.com wrote:

 On Thu, Jan 29, 2015 at 9:12 AM, Randy Bush ra...@psg.com wrote:
  Randy (and I, since I suggested it to him) was under the impression
  that it was possible to use client-side certificates to access the
  UI, since password authentication, however filtered, is not always
  good / secure enough.
 
  seems downright quaint to have a security product that uses passwords
 

 Ok, that's more along the lines of what I was thinking. Yeah that
 would be a nice feature, definitely something we're interested in
 supporting in the future.
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] squidGuard Stopped

2015-01-27 Thread A Mohan Rao 
Hello,

After i upgrade pfsense from 2.1.5 to 2.2-i386 squidGuard service is
stopped i already uninstall then install with 5 times still its not started
please give any idea.


Also i m not get package squid3-dev on 2.2


Thanks
mohan
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Road Warrior open vpn

2015-01-22 Thread A Mohan Rao 
someone more ..

On Thu, Jan 22, 2015 at 12:45 PM, Geoff Nordli geo...@gnaa.net wrote:

  On 15-01-21 10:02 PM, A Mohan Rao wrote:

 windows xp or windows 7 already do that *RUN AS ADMINISTRATOR*



 On Wed, Jan 21, 2015 at 7:18 PM, Vittorio Milazzo 
 vittorio.mila...@gmail.com wrote:

 What is the OS on client? If it's windows, try to execute OpenVPN client
 as administrator.
 Il 21/gen/2015 11:31 A Mohan Rao mohanra...@gmail.com ha scritto:

  Hello,

  successfully configured Road Warrior OpenVpn also vpn client is
 connected from remote area but not able to access server end LAN or
 server's.


  Thanks


 Hi Mohan.

 Can you actually see any traffic coming down the vpn link?

 If you can log on to the ssh command line, then do a

 tcpdump -n -i ovpns1

 I assume your vpn interface is ovpns1.

 If you get a lot of traffic, then filter based on the expected client ip
 address:

 tcpdump -n -i ovpns1 host 10.0.8.22

 Where 10.0.8.22 is the host of the client connecting.


 Geoff


 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Road Warrior open vpn

2015-01-22 Thread A Mohan Rao 
yes sir..

On Thu, Jan 22, 2015 at 4:55 PM, Seth Mos seth@dds.nl wrote:

 A Mohan Rao schreef op 22-1-2015 om 10:18:
  someone more ..

 Are you sure that the devices on the LAN are using the same gateway as
 the pfSense machine, could be assymetric routing.

 Regards,
 Seth
 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Road Warrior open vpn

2015-01-21 Thread A Mohan Rao 
windows xp or windows 7 already do that *RUN AS ADMINISTRATOR*



On Wed, Jan 21, 2015 at 7:18 PM, Vittorio Milazzo 
vittorio.mila...@gmail.com wrote:

 What is the OS on client? If it's windows, try to execute OpenVPN client
 as administrator.
 Il 21/gen/2015 11:31 A Mohan Rao mohanra...@gmail.com ha scritto:

 Hello,

 successfully configured Road Warrior OpenVpn also vpn client is connected
 from remote area but not able to access server end LAN or server's.


 Thanks

 Mohan

 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold


 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] Road Warrior open vpn

2015-01-21 Thread A Mohan Rao 
Hello,

successfully configured Road Warrior OpenVpn also vpn client is connected
from remote area but not able to access server end LAN or server's.


Thanks

Mohan
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Road Warrior open vpn

2015-01-21 Thread A Mohan Rao 
i already make a rule on wan interface source ANY destination WAN address
port 1194.
then openvpn interface any to any

Firewall: Rules https://172.16.100.1/firewall_rules.php
https://172.16.100.1/status_filter_reload.php
https://172.16.100.1/diag_logs_filter.php
https://172.16.100.1/help.php?page=firewall_rules.php


   - Floating https://172.16.100.1/firewall_rules.php?if=FloatingRules
   - WAN https://172.16.100.1/firewall_rules.php?if=wan
   - LAN https://172.16.100.1/firewall_rules.php?if=lan
   - OpenVPN https://172.16.100.1/firewall_rules.php?if=openvpn

  IDProtoSourcePortDestinationPortGatewayQueueScheduleDescription
https://172.16.100.1/firewall_rules_edit.php?if=openvpnafter=-1
https://172.16.100.1/firewall_rules.php?if=openvpnact=toggleid=4**
none   https://172.16.100.1/firewall_rules_edit.php?id=4
https://172.16.100.1/firewall_rules.php?act=delif=openvpnid=4
https://172.16.100.1/firewall_rules_edit.php?dup=4

On Wed, Jan 21, 2015 at 4:13 PM, Seth Mos seth@dds.nl wrote:

 A Mohan Rao schreef op 21-1-2015 om 11:30:
  Hello,
 
  successfully configured Road Warrior OpenVpn also vpn client is
  connected from remote area but not able to access server end LAN or
  server's.

 Add firewall allow rules on the OpenVPN Server interface


 
 
  Thanks
 
  Mohan
 
 
  ___
  pfSense mailing list
  https://lists.pfsense.org/mailman/listinfo/list
  Support the project with Gold! https://pfsense.org/gold
 

 ___
 pfSense mailing list
 https://lists.pfsense.org/mailman/listinfo/list
 Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] Boradcast network

2015-01-13 Thread A Mohan Rao 
Dear Experts,

Good Morning

i m using pfsense since last 3 years its working great.

but before some days i have facing very different issue.

from any client machine when i *ping my firewall LAN or WAN ip address *its
given *bytes=32 time1ms TTL=64, *its good but when i access internet like
youtube or any downloading its going to very high latency ping like 1000 to
4000 ms.

i also try to reinstall of my firewall with same machine and also tried
with 3-4 different machines but still facing same problem.

i could not understand why this happening suddenly before 1 week its
working good.


please give any idea.


Thanks

A Mohan Rao

+91 98260 61122
mohanra...@gmail.com
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] https filtering

2014-11-25 Thread A Mohan Rao 
thanks for all to suggest me with forum.

my https filtering with transparent proxy works good.

also i m using capative portal but before i m using squid3-dev my capative
portal properly provide to bandwidth each user what i give on mac filtering
but now after enable https filter bandwidth is not working.



On Sat, Nov 22, 2014 at 11:07 AM, A Mohan Rao mohanra...@gmail.com wrote:

 This is my ca cert pls find attached file.


 Thanks

 Mohan


 On Sat, Nov 22, 2014 at 11:07 AM, A Mohan Rao mohanra...@gmail.com
 wrote:



 On Fri, Nov 21, 2014 at 6:53 PM, Jason Pyeron jpye...@pdinc.us wrote:

  -Original Message-
  From: Mohan Rao
  Sent: Friday, November 21, 2014 6:08
 
  Hello, all!
 
  Squid3-dev + Squidguard set up, and they're blocking pages
  through HTTP and HTTPS just fine. The problem is, it's
  throwing certificate errors at about every secure page that
  is opened, despite having the CA trusted.

 Can you post an example certificate?

 
  For example, if they try going to mail.google.com, it throws
  this error:

 Have you tested with openssl from the command line of a client?

 
  Technical Details
 
  accounts.google.com uses an invalid security certificate.
 
  The certificate is not trusted because no issuer chain was provided.

 Sounds like the root CA was not delivered with the generated
 certificate, can you post the squid configs?

 
  (Error code: sec_error_unknown_issuer)
 
 
  Any idea how to make this work?

 Which browsers is this happening in?



 --
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 -   -
 - Jason Pyeron  PD Inc. http://www.pdinc.us -
 - Principal Consultant  10 West 24th Street #100-
 - +1 (443) 269-1555 x333Baltimore, Maryland 21218   -
 -   -
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 This message is copyright PD Inc, subject to license 20080407P00.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list




___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] https filtering

2014-11-21 Thread A Mohan Rao 
Hello, all!

Squid3-dev + Squidguard set up, and they're blocking pages through HTTP and
HTTPS just fine. The problem is, it's throwing certificate errors at about
every secure page that is opened, despite having the CA trusted.

For example, if they try going to mail.google.com, it throws this error:

Technical Details

accounts.google.com uses an invalid security certificate.

The certificate is not trusted because no issuer chain was provided.

(Error code: sec_error_unknown_issuer)


Any idea how to make this work?
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] https filtering

2014-11-21 Thread A Mohan Rao 
On Fri, Nov 21, 2014 at 6:53 PM, Jason Pyeron jpye...@pdinc.us wrote:

  -Original Message-
  From: Mohan Rao
  Sent: Friday, November 21, 2014 6:08
 
  Hello, all!
 
  Squid3-dev + Squidguard set up, and they're blocking pages
  through HTTP and HTTPS just fine. The problem is, it's
  throwing certificate errors at about every secure page that
  is opened, despite having the CA trusted.

 Can you post an example certificate?

 
  For example, if they try going to mail.google.com, it throws
  this error:

 Have you tested with openssl from the command line of a client?

 
  Technical Details
 
  accounts.google.com uses an invalid security certificate.
 
  The certificate is not trusted because no issuer chain was provided.

 Sounds like the root CA was not delivered with the generated certificate,
 can you post the squid configs?

 
  (Error code: sec_error_unknown_issuer)
 
 
  Any idea how to make this work?

 Which browsers is this happening in?



 --
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 -   -
 - Jason Pyeron  PD Inc. http://www.pdinc.us -
 - Principal Consultant  10 West 24th Street #100-
 - +1 (443) 269-1555 x333Baltimore, Maryland 21218   -
 -   -
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 This message is copyright PD Inc, subject to license 20080407P00.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



https_ssl.crt
Description: application/x509-ca-cert
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] https filtering

2014-11-21 Thread A Mohan Rao 
This is my ca cert pls find attached file.


Thanks

Mohan


On Sat, Nov 22, 2014 at 11:07 AM, A Mohan Rao mohanra...@gmail.com wrote:



 On Fri, Nov 21, 2014 at 6:53 PM, Jason Pyeron jpye...@pdinc.us wrote:

  -Original Message-
  From: Mohan Rao
  Sent: Friday, November 21, 2014 6:08
 
  Hello, all!
 
  Squid3-dev + Squidguard set up, and they're blocking pages
  through HTTP and HTTPS just fine. The problem is, it's
  throwing certificate errors at about every secure page that
  is opened, despite having the CA trusted.

 Can you post an example certificate?

 
  For example, if they try going to mail.google.com, it throws
  this error:

 Have you tested with openssl from the command line of a client?

 
  Technical Details
 
  accounts.google.com uses an invalid security certificate.
 
  The certificate is not trusted because no issuer chain was provided.

 Sounds like the root CA was not delivered with the generated certificate,
 can you post the squid configs?

 
  (Error code: sec_error_unknown_issuer)
 
 
  Any idea how to make this work?

 Which browsers is this happening in?



 --
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 -   -
 - Jason Pyeron  PD Inc. http://www.pdinc.us -
 - Principal Consultant  10 West 24th Street #100-
 - +1 (443) 269-1555 x333Baltimore, Maryland 21218   -
 -   -
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 This message is copyright PD Inc, subject to license 20080407P00.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list





https_ssl.crt
Description: application/x509-ca-cert
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Https blocking

2014-09-24 Thread A Mohan Rao 
How can i completely and properly block https facebook, torrentz, exe
download and proxy sites through transparent proxy.

Thanks
Mohan
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Https blocking

2014-09-24 Thread A Mohan Rao 
Actually due to wasting of time employees... management need to block these
sites if have any solutions pls give..
I really very appritiate ..
On Sep 24, 2014 9:00 PM, Ryan Coleman ryanjc...@me.com wrote:

  Block port 443 in the Firewall rules outbound - no need for a transparent
 proxy.

 That said - why do you need to block them? Because you're snooping 100% of
 the traffic to see what people are reading/sending?


 On 9/24/2014 10:16 AM, A Mohan Rao wrote:

 How can i completely and properly block https facebook, torrentz, exe
 download and proxy sites through transparent proxy.

 Thanks
 Mohan


 ___
 List mailing 
 listList@lists.pfsense.orghttps://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Https blocking

2014-09-24 Thread A Mohan Rao 
Hello
If u really a expert so then pls resolve bmy problem. I have do all the
things but still people can access blocked website in pfsense.
 On Sep 24, 2014 9:50 PM, Ryan Coleman ryanjc...@me.com wrote:

  You've asked this question many times and we've given many options for
 resolving it but you keep coming back.

 https://duckduckgo.com/?q=blocking+torrents+in+pfsense
 https://duckduckgo.com/?q=blocking+facebook+in+pfsense
 https://doc.pfsense.org/index.php/Blocking_websites
 https://forum.pfsense.org/index.php?topic=36274.0

 A little web searching will go a long way.


 On 9/24/2014 11:10 AM, A Mohan Rao wrote:

 Actually due to wasting of time employees... management need to block
 these sites if have any solutions pls give..
 I really very appritiate ..
 On Sep 24, 2014 9:00 PM, Ryan Coleman ryanjc...@me.com wrote:

  Block port 443 in the Firewall rules outbound - no need for a
 transparent proxy.

 That said - why do you need to block them? Because you're snooping 100%
 of the traffic to see what people are reading/sending?


 On 9/24/2014 10:16 AM, A Mohan Rao wrote:

 How can i completely and properly block https facebook, torrentz, exe
 download and proxy sites through transparent proxy.

 Thanks
 Mohan


 ___
 List mailing 
 listList@lists.pfsense.orghttps://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing 
 listList@lists.pfsense.orghttps://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Pftop confusion.

2014-09-24 Thread A Mohan Rao 
Ok thnx i will ...
On Sep 24, 2014 10:51 PM, Walter Parker walt...@gmail.com wrote:

 To see which client is eating your bandwidth, when using Traffic Graph,
 switch from WAN to LAN. Then the dynamic list of hosts will show client IP
 addresses and not your link address.

 On Wed, Sep 24, 2014 at 7:55 AM, Muhammad Yousuf Khan sir...@gmail.com
 wrote:

 Exactly this is how i learn that my whole link is eaten by someone. now i
 want to check which client is eating all the bandwidth.
 Traffic graph is showing whole link activity. what i want to find is
 which client IP is using most of it.

 Thanks,
 MYK


 On Wed, Sep 24, 2014 at 7:33 PM, Oliver Hansen oliver.han...@gmail.com
 wrote:

 Status -  Traffic Graph is where I usually look in the GUI.
 On Sep 24, 2014 7:25 AM, Muhammad Yousuf Khan sir...@gmail.com
 wrote:

 hi guys actually i want to check which IP is using most of the internet
 traffic. i see pftop a bit confusing i tried changing sorting via o  but
 it is still confusing me . can you guys please guide me how can i viiew
 live monitoring. what i want to check is which one host is eating up the
 whole bandwidth.

 Thanks,
 MYK

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list


 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list




 --
 The greatest dangers to liberty lurk in insidious encroachment by men of
 zeal, well-meaning but without understanding.   -- Justice Louis D. Brandeis

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Https proxy squid3 squidguard squid3 not working

2014-09-19 Thread A Mohan Rao 
Hello experts,

I m struggling with https filtering anybody have idea how to i configured
it all other sites r working good but google and some other reputed sites r
given certificate errors a already check with ie Firefox and chrome etc.
Same error.

Pls give idea how i resolve this prob.

Thanks
Mohan
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Finaly moved to Endian Firewall 3.0

2014-08-10 Thread A Mohan Rao 
Dear Sir,

At present temporary i moved to Endian firewall 3.0 for https proxy its
works good.



Thanks

A Mohan Rao
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Per-user bandwidth restriction by voucher roll?

2014-07-11 Thread A Mohan Rao 
With capative portal it works good.
There u can very easily set per user through mac binding set bandwidth.

Thanks

Mohan Rao
On Jul 11, 2014 9:50 PM, Alberto Moreno ports...@gmail.com wrote:

 Hi.

 Is possible to setup Per-user bandwidth restriction by voucher roll?

 Maybe I want to sell, 7 days voucher for VIP users and other with normal
 bandwidth.

 Thanks.

 --
 LIving the dream...

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Per-user bandwidth restriction by voucher roll?

2014-07-11 Thread A Mohan Rao 
So u can use traffic shaping!
On Jul 11, 2014 10:11 PM, Alberto Moreno ports...@gmail.com wrote:




 On Fri, Jul 11, 2014 at 9:24 AM, A Mohan Rao mohanra...@gmail.com wrote:

 With capative portal it works good.
 There u can very easily set per user through mac binding set bandwidth.

 Thanks

 Mohan Rao
 On Jul 11, 2014 9:50 PM, Alberto Moreno ports...@gmail.com wrote:

 Hi.

 Is possible to setup Per-user bandwidth restriction by voucher roll?

 Maybe I want to sell, 7 days voucher for VIP users and other with normal
 bandwidth.

 Thanks.

 --
 LIving the dream...

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list


 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 In a Hotel by example, is impossible to manage MAC's.
 Don't u think?

 LIving the dream...

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] HELP

2014-07-10 Thread A Mohan Rao 
Hello mr rao,
Its your work so i will not availble with your conditions and timings.
better is u can take time frim me then we will shortout ur problems..

Thanks
On Jul 10, 2014 6:14 PM, G.T.RAO netwebst...@gmail.com wrote:

 Hi, Mr Mohan Rao , no new update from ur end.



 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22


 On Wed, Jul 9, 2014 at 4:40 PM, A Mohan Rao mohanra...@gmail.com wrote:

 you can give team viewer tomorrow..



 On Wed, Jul 9, 2014 at 4:38 PM, G.T.RAO netwebst...@gmail.com wrote:

 hi, can u help me regarding non-transparent proxy.



 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22


 On Wed, Jul 9, 2014 at 4:31 PM, A Mohan Rao mohanra...@gmail.com
 wrote:

 At present u can only block with transparent proxy http sites whatever
 u want like social networks movies downloading etc with groupwise.

 If u want to block https sites u can use non-transparent proxy..

 Thnx

 MOHAN RAO
 On Jul 9, 2014 4:26 PM, G.T.RAO netwebst...@gmail.com wrote:

 Greetings all,
 I ma new to pfsense , pl help me out  pfsense firewall  Nat
 configuration for small education network.

  I am Using  pfsense 2.1.4-reease for (i386)

 1. interface  on WAN (wan) - em0  -   v4/DHCP4 : 192.168.0.16/24
 https://mailtrack.io/trace/link/534a165f0ca4acef44b1e7988788a911e92f3dca
 2. interface  on LAN  (lan  ) - em1 -   v4/DHCP4 : 192.168.0.15/24
 https://mailtrack.io/trace/link/dd33c3e23c8532810f5b3e33a98e30e033508345

 Webconfigurator is not working, So how can i block [ social media
 sites : facebook,youtube.etc).


 Regards,

 G.T.RAO

 A free software fund-a-mentaL-isT.

 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list


 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list




 --




 G.T.RAO

 A free software fund-a-mentaL-isT.
 http://fossyatra.wordpress.com
 http://paper.li/GTRao/1342070958
 mobile:9953506651
 लिनक्स: नि:शुल्क और खुले स्रोत सॉफ्टवेयर आप के लिए और दुनिया के लिए
 अच्छा है. ना कोई adware,ना कोई spyware, सिर्फ अच्छा सॉफ्टवेयर.
 Linux(લિનક્ષ ): મુક્ત અને નિઃશુલ્ક(મફત) ઓપન સોર્સ સોફ્ટવેર તમારા માટે
 અને વિશ્વ માટે સારું છે. ના કોઈ એડવેર , ના કોઈ  સ્પાયવેર, માત્ર સારું
 સોફ્ટવેર.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list




 --




 G.T.RAO

 A free software fund-a-mentaL-isT.
 http://fossyatra.wordpress.com
 http://paper.li/GTRao/1342070958
 mobile:9953506651
 लिनक्स: नि:शुल्क और खुले स्रोत सॉफ्टवेयर आप के लिए और दुनिया के लिए अच्छा
 है. ना कोई adware,ना कोई spyware, सिर्फ अच्छा सॉफ्टवेयर.
 Linux(લિનક્ષ ): મુક્ત અને નિઃશુલ્ક(મફત) ઓપન સોર્સ સોફ્ટવેર તમારા માટે અને
 વિશ્વ માટે સારું છે. ના કોઈ એડવેર , ના કોઈ  સ્પાયવેર, માત્ર સારું સોફ્ટવેર.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] HELP

2014-07-10 Thread A Mohan Rao 
Okey...!
On Jul 10, 2014 7:46 PM, Ryan Coleman ryanjc...@me.com wrote:

 PLEASE take this conversation off the list.

 --
 Ryan Coleman
 ryanjc...@me.com
 m. 651.373.5015
 o. 612.568.2749

 On Jul 10, 2014, at 9:15, A Mohan Rao mohanra...@gmail.com wrote:

 Hello mr rao,
 Its your work so i will not availble with your conditions and timings.
 better is u can take time frim me then we will shortout ur problems..

 Thanks
 On Jul 10, 2014 6:14 PM, G.T.RAO netwebst...@gmail.com wrote:

 Hi, Mr Mohan Rao , no new update from ur end.



 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22


 On Wed, Jul 9, 2014 at 4:40 PM, A Mohan Rao mohanra...@gmail.com wrote:

 you can give team viewer tomorrow..



 On Wed, Jul 9, 2014 at 4:38 PM, G.T.RAO netwebst...@gmail.com wrote:

 hi, can u help me regarding non-transparent proxy.



 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22


 On Wed, Jul 9, 2014 at 4:31 PM, A Mohan Rao mohanra...@gmail.com
 wrote:

 At present u can only block with transparent proxy http sites whatever
 u want like social networks movies downloading etc with groupwise.

 If u want to block https sites u can use non-transparent proxy..

 Thnx

 MOHAN RAO
 On Jul 9, 2014 4:26 PM, G.T.RAO netwebst...@gmail.com wrote:

 Greetings all,
 I ma new to pfsense , pl help me out  pfsense firewall  Nat
 configuration for small education network.

  I am Using  pfsense 2.1.4-reease for (i386)

 1. interface  on WAN (wan) - em0  -   v4/DHCP4 : 192.168.0.16/24
 https://mailtrack.io/trace/link/534a165f0ca4acef44b1e7988788a911e92f3dca
 2. interface  on LAN  (lan  ) - em1 -   v4/DHCP4 : 192.168.0.15/24
 https://mailtrack.io/trace/link/dd33c3e23c8532810f5b3e33a98e30e033508345

 Webconfigurator is not working, So how can i block [ social media
 sites : facebook,youtube.etc).


 Regards,

 G.T.RAO

 A free software fund-a-mentaL-isT.

 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list


 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list




 --




 G.T.RAO

 A free software fund-a-mentaL-isT.
 http://fossyatra.wordpress.com
 http://paper.li/GTRao/1342070958
 mobile:9953506651
 लिनक्स: नि:शुल्क और खुले स्रोत सॉफ्टवेयर आप के लिए और दुनिया के लिए
 अच्छा है. ना कोई adware,ना कोई spyware, सिर्फ अच्छा सॉफ्टवेयर.
 Linux(લિનક્ષ ): મુક્ત અને નિઃશુલ્ક(મફત) ઓપન સોર્સ સોફ્ટવેર તમારા માટે
 અને વિશ્વ માટે સારું છે. ના કોઈ એડવેર , ના કોઈ  સ્પાયવેર, માત્ર સારું
 સોફ્ટવેર.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list




 --




 G.T.RAO

 A free software fund-a-mentaL-isT.
 http://fossyatra.wordpress.com
 http://paper.li/GTRao/1342070958
 mobile:9953506651
 लिनक्स: नि:शुल्क और खुले स्रोत सॉफ्टवेयर आप के लिए और दुनिया के लिए अच्छा
 है. ना कोई adware,ना कोई spyware, सिर्फ अच्छा सॉफ्टवेयर.
 Linux(લિનક્ષ ): મુક્ત અને નિઃશુલ્ક(મફત) ઓપન સોર્સ સોફ્ટવેર તમારા માટે અને
 વિશ્વ માટે સારું છે. ના કોઈ એડવેર , ના કોઈ  સ્પાયવેર, માત્ર સારું સોફ્ટવેર.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list


 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] HELP

2014-07-09 Thread A Mohan Rao 
At present u can only block with transparent proxy http sites whatever u
want like social networks movies downloading etc with groupwise.

If u want to block https sites u can use non-transparent proxy..

Thnx

MOHAN RAO
On Jul 9, 2014 4:26 PM, G.T.RAO netwebst...@gmail.com wrote:

 Greetings all,
 I ma new to pfsense , pl help me out  pfsense firewall  Nat
 configuration for small education network.

  I am Using  pfsense 2.1.4-reease for (i386)

 1. interface  on WAN (wan) - em0  -   v4/DHCP4 : 192.168.0.16/24
 https://mailtrack.io/trace/link/534a165f0ca4acef44b1e7988788a911e92f3dca
 2. interface  on LAN  (lan  ) - em1 -   v4/DHCP4 : 192.168.0.15/24
 https://mailtrack.io/trace/link/dd33c3e23c8532810f5b3e33a98e30e033508345

 Webconfigurator is not working, So how can i block [ social media sites :
 facebook,youtube.etc).


 Regards,

 G.T.RAO

 A free software fund-a-mentaL-isT.

 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] HELP

2014-07-09 Thread A Mohan Rao 
you can give team viewer tomorrow..



On Wed, Jul 9, 2014 at 4:38 PM, G.T.RAO netwebst...@gmail.com wrote:

 hi, can u help me regarding non-transparent proxy.



 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22


 On Wed, Jul 9, 2014 at 4:31 PM, A Mohan Rao mohanra...@gmail.com wrote:

 At present u can only block with transparent proxy http sites whatever u
 want like social networks movies downloading etc with groupwise.

 If u want to block https sites u can use non-transparent proxy..

 Thnx

 MOHAN RAO
 On Jul 9, 2014 4:26 PM, G.T.RAO netwebst...@gmail.com wrote:

 Greetings all,
 I ma new to pfsense , pl help me out  pfsense firewall  Nat
 configuration for small education network.

  I am Using  pfsense 2.1.4-reease for (i386)

 1. interface  on WAN (wan) - em0  -   v4/DHCP4 : 192.168.0.16/24
 https://mailtrack.io/trace/link/534a165f0ca4acef44b1e7988788a911e92f3dca
 2. interface  on LAN  (lan  ) - em1 -   v4/DHCP4 : 192.168.0.15/24
 https://mailtrack.io/trace/link/dd33c3e23c8532810f5b3e33a98e30e033508345

 Webconfigurator is not working, So how can i block [ social media sites
 : facebook,youtube.etc).


 Regards,

 G.T.RAO

 A free software fund-a-mentaL-isT.

 Sent with MailTrack
 https://mailtrack.io/install?source=signaturelang=enreferral=netwebst...@gmail.comidSignature=22

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list


 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list




 --




 G.T.RAO

 A free software fund-a-mentaL-isT.
 http://fossyatra.wordpress.com
 http://paper.li/GTRao/1342070958
 mobile:9953506651
 लिनक्स: नि:शुल्क और खुले स्रोत सॉफ्टवेयर आप के लिए और दुनिया के लिए अच्छा
 है. ना कोई adware,ना कोई spyware, सिर्फ अच्छा सॉफ्टवेयर.
 Linux(લિનક્ષ ): મુક્ત અને નિઃશુલ્ક(મફત) ઓપન સોર્સ સોફ્ટવેર તમારા માટે અને
 વિશ્વ માટે સારું છે. ના કોઈ એડવેર , ના કોઈ  સ્પાયવેર, માત્ર સારું સોફ્ટવેર.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Squid3-dev and Squidguard-squid3 with transparent proxy

2014-06-29 Thread A Mohan Rao 
Dear experts,

Squid3-dev and Squidguard-squid3 with ssl transparent proxy really works
yes or no.
If no then can i again move to my previous setup squid and squid guard with
only http transparent proxy.

Thanks

Mohan Rao
IPS ACADEMY
NETWORK ADMINISTRATOR
INDORE (M.P.)
INDIA
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] https transparent proxy project failed...

2014-06-26 Thread A Mohan Rao 
i think squid3-dev https transparent proxy project failed...
still no body gave positive feedback.



Thanks

 Mohan
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Squid3 with https filtering

2014-06-18 Thread A Mohan Rao 
I m using squid3-dev and squardguard-squid3 with transparent proxy with
https proxy.
All works fine but gmail or goole not open. Other sites working good.
When i try to access google or gmail its given certificate error. i checked
my level best also many times create or delete certificates then also
import that certificate on browser but still m having same problem...
Really very appritiate and lots of thanks in advance if give any positive
IDEA.

Thanks
Mohan
+91 98260 61122
On Jun 18, 2014 1:02 PM, Jan j...@agetty.de wrote:

 On 06/17/2014 05:32 PM A Mohan Rao wrote:
  actually i need to block https sites like https facebook or https youtube
  etc with transparent proxy.
 
  now pls give any idea...!

 You may want to try using the CONNECT method in order to filter HTTPS
 requests. Those happen before a secure connection is being established.
 This way you can filter

 I usually run dansguardian which has a quite complex but very effective way
 of filtering SSL related traffic.

 From its documentation:

 Blanket SSL blocking so you can block SSL anonymous proxies and allow
 access to legitimate SSL sites such as banking by whitelisting

 = http://dansguardian.org/

 But be aware using CONNECT method based filtering requires the proxy to be
 explicitly configured on respective devices and therefore won't work with a
 transparent proxy.

 Additional information on the CONNECT method:

 http://wiki.squid-cache.org/Features/HTTPS

 Cheers


 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Squid3 with https filtering

2014-06-16 Thread A Mohan Rao 
Hello,
Had anybody successfully configured squid3-dev with squidguard-squid3 with
properly works https filtering...?

Thanks
MOHAN RAO
+91 98260 61122
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Squid3 with https filtering

2014-06-16 Thread A Mohan Rao 
Waiting... For new posts...
On Jun 16, 2014 11:36 PM, A Mohan Rao mohanra...@gmail.com wrote:

 Hello,
 Had anybody successfully configured squid3-dev with squidguard-squid3 with
 properly works https filtering...?

 Thanks
 MOHAN RAO
 +91 98260 61122

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] lots of problem with squid3-dev and squidguard-squid3

2014-06-11 Thread A Mohan Rao 
Dear all experts,

i install only packages in my pfsense firewall one of squid3-dev then
squidguard-squid3 and i alos properly configured it with transparent proxy
because i do not need to go client pc and change to proxy settings on any
browser.

squid and squid guard services are properly started at status -- services

but when i try to check internet at client pc some times it works fine and
main problem is google and gmail is not opening other all sites are open
properly then i block the https facebook and https youtube its only block
http facebook or youtube. https facebook or https youtube are properly
works.


please give any idea where i m wrong.


thanks

A Mohan Rao

Network Administrator
IPS ACADEMY INDORE
MADHYA PRADESH
+91 98260 61122
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] lots of problem with squid3-dev and squidguard-squid3

2014-06-11 Thread A Mohan Rao 
First thanks for reply my email.

for sites blocking i m using proxy filter
 http://www.shallalist.de/Downloads/shallalist.tar.gz

Blacklist options
Blacklist
Check this option to enable blacklistBlacklist proxy

Blacklist upload proxy - enter here, or leave blank.
Format: host:[port login:pass] . Default proxy port 1080.
Example: '192.168.0.1:8080 user:pass'Blacklist URL
Enter the path to the blacklist (blacklist.tar.gz) here. You can use FTP,
HTTP or LOCAL URL blacklist archive or leave blank. The LOCAL path could be
your pfsense (/tmp/blacklist.tar.gz).



On Wed, Jun 11, 2014 at 10:42 PM, faisal.gill...@akesp.org 
faisal.gill...@akesp.org wrote:

 How are you blocking websites ? Use blacklist option for the websites you
 want blocked .

 HTH
 Faisal Gillani
 Pakistan


 Sent from my Verizon Wireless 4G LTE Smartphone

 - Reply message -
 From: A Mohan Rao mohanra...@gmail.com
 To: pfSense Support and Discussion Mailing List List@lists.pfsense.org
 Subject: [pfSense] lots of problem with squid3-dev and squidguard-squid3
 Date: Wed, Jun 11, 2014 9:54 PM

 Dear all experts,

 i install only packages in my pfsense firewall one of squid3-dev then
 squidguard-squid3 and i alos properly configured it with transparent proxy
 because i do not need to go client pc and change to proxy settings on any
 browser.

 squid and squid guard services are properly started at status -- services

 but when i try to check internet at client pc some times it works fine and
 main problem is google and gmail is not opening other all sites are open
 properly then i block the https facebook and https youtube its only block
 http facebook or youtube. https facebook or https youtube are properly
 works.


 please give any idea where i m wrong.


 thanks

 A Mohan Rao

 Network Administrator
 IPS ACADEMY INDORE
 MADHYA PRADESH
 +91 98260 61122

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] lots of problem with squid3-dev and squidguard-squid3

2014-06-11 Thread A Mohan Rao 
still i m not get any success no body can still help...


On Wed, Jun 11, 2014 at 10:45 PM, A Mohan Rao mohanra...@gmail.com wrote:

 First thanks for reply my email.

 for sites blocking i m using proxy filter
  http://www.shallalist.de/Downloads/shallalist.tar.gz

  Blacklist options
 Blacklist
 Check this option to enable blacklist Blacklist proxy

 Blacklist upload proxy - enter here, or leave blank.
 Format: host:[port login:pass] . Default proxy port 1080.
 Example: '192.168.0.1:8080 user:pass' Blacklist URL
 Enter the path to the blacklist (blacklist.tar.gz) here. You can use FTP,
 HTTP or LOCAL URL blacklist archive or leave blank. The LOCAL path could be
 your pfsense (/tmp/blacklist.tar.gz).



 On Wed, Jun 11, 2014 at 10:42 PM, faisal.gill...@akesp.org 
 faisal.gill...@akesp.org wrote:

 How are you blocking websites ? Use blacklist option for the websites you
 want blocked .

 HTH
 Faisal Gillani
 Pakistan


 Sent from my Verizon Wireless 4G LTE Smartphone

 - Reply message -
 From: A Mohan Rao mohanra...@gmail.com
 To: pfSense Support and Discussion Mailing List List@lists.pfsense.org
 
 Subject: [pfSense] lots of problem with squid3-dev and squidguard-squid3
 Date: Wed, Jun 11, 2014 9:54 PM

 Dear all experts,

 i install only packages in my pfsense firewall one of squid3-dev then
 squidguard-squid3 and i alos properly configured it with transparent proxy
 because i do not need to go client pc and change to proxy settings on any
 browser.

 squid and squid guard services are properly started at status -- services

 but when i try to check internet at client pc some times it works fine
 and main problem is google and gmail is not opening other all sites are
 open properly then i block the https facebook and https youtube its only
 block http facebook or youtube. https facebook or https youtube are
 properly works.


 please give any idea where i m wrong.


 thanks

 A Mohan Rao

 Network Administrator
 IPS ACADEMY INDORE
 MADHYA PRADESH
 +91 98260 61122

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] squid3

2014-05-21 Thread A Mohan Rao 
dear all,

today i fresh installed squid 3 then i rebooted my pfsense firewall then i
try to access pfsense firewall its not access i have gettting msg
pls help ...

ERRORThe requested URL could not be retrieved
--

The following error was encountered while trying to retrieve the URL:
https://172.16.100.4/

*Unable to forward this request at this time.*

This request could not be forwarded to the origin server or to any parent
caches.

Some possible problems are:

   - An Internet connection needed to access this domains origin servers
   may be down.
   - All configured parent caches may be currently unreachable.
   - The administrator may not allow this cache to make direct connections
   to origin servers.

Your cache administrator is
admin@localhostadmin@localhost?subject=CacheErrorInfo%20-%20ERR_CANNOT_FORWARDbody=CacheHost%3A%20localhost%0D%0AErrPage%3A%20ERR_CANNOT_FORWARD%0D%0AErr%3A%20%5Bnone%5D%0D%0ATimeStamp%3A%20Wed,%2021%20May%202014%2007%3A11%3A03%20GMT%0D%0A%0D%0AClientIP%3A%20172.16.103.21%0D%0A%0D%0AHTTP%20Request%3A%0D%0AGET%20%2F%20HTTP%2F1.1%0AHost%3A%20172.16.100.4%0D%0AConnection%3A%20keep-alive%0D%0ACache-Control%3A%20max-age%3D0%0D%0AAccept%3A%20text%2Fhtml,application%2Fxhtml+xml,application%2Fxml%3Bq%3D0.9,image%2Fwebp,*%2F*%3Bq%3D0.8%0D%0AUser-Agent%3A%20Mozilla%2F5.0%20(Windows%20NT%205.1)%20AppleWebKit%2F537.36%20(KHTML,%20like%20Gecko)%20Chrome%2F34.0.1847.137%20Safari%2F537.36%0D%0ADNT%3A%201%0D%0AReferer%3A%20https%3A%2F%2F172.16.100.4%2F%0D%0AAccept-Encoding%3A%20gzip,deflate,sdch%0D%0AAccept-Language%3A%20en-US,en%3Bq%3D0.8,hi%3Bq%3D0.6%0D%0ACookie%3A%20PHPSESSID%3Dfa4f5cafcf48504aa166d52db63b38d6%0D%0A%0D%0A%0D%0A
.

--

Generated Wed, 21 May 2014 07:11:03 GMT by localhost (squid/3.1.20)
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] pfSense Routing - VPN's

2014-05-16 Thread A Mohan Rao 
its very simple...!
first u have to configure a main vpn site to site vpn server at your main
branch then u can easily configure a b c etc.
with share key and tunnel network.


On Fri, May 16, 2014 at 2:53 AM, Alex Threlfall a...@cyberprog.net wrote:

 Hi All,



 I currently have a number of sites which have VPN’s
 between them, with each site having a VPN to one another. This is becoming
 harder to manage, we currently have 5 sites, (6 if you include my home) and
 it would make sense to me to adopt more of a star architecture with a
 central site.



 However, I can’t work out how to configure this! Each site
 has it’s own /24 of private address, and I have a central branch. How can I
 configure things so that the if branch B needs to get to branch C, it knows
 that it must go via branch A?



 Branch A has the best connectivity – bonded FTTC’s, so
 would make sense as well as it being our “hub” branch for the stock control
 system also.



 Any advice would be appreciated!



 --

 Alex Threlfall

 Cyberprog New Media

 www.cyberprog.net



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] roll back ....

2014-04-08 Thread A Mohan Rao 
Have u take ur previous version  firewall backup if its not important u can
better reinstall.
I also faced problem and have backup but new version 2.1.1 is not properly
restore like captive portal firewall rules then i deside to reinstall.

Thanks

Mohan
On Apr 9, 2014 12:13 AM, compdoc comp...@hotrodpc.com wrote:

  Is there a way to roll back from 2.1.1 to the previous stable 2.1
 version?



 I may need to go back as well. My connections aren't stable since the
 2.1.1 upgrade. The system seems to spontaneously reboot.









 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] pfSense version 2.1.1 has been released

2014-04-07 Thread A Mohan Rao 
I also faceing same issue after update. Then i reset factory then i restore
my previous backup but backup is not restore properly. Like captive portal
is not restore alias is not restore etc..
Finally i format my core 2 duo 4 GB RAM with 260GB HDD firewall then
recreate all policy etc. I suggest b4 is upgrade ur live pfsense everyone
need to test with another pc.

Thanks now i feel good after 6  hours steuggling..
On Apr 7, 2014 10:55 PM, Brian Caouette bri...@dlois.com wrote:

  I noticed everything stopped working after update. After a few days
 pulling hair I've found that disabling captive portal allows me to surf the
 net again. Problem being we no longer have security without the Captive
 Portal.

 On 4/4/2014 11:58 AM, Jim Thompson wrote:


  Please see the blog post
 https://blog.pfsense.org/?p=1238

  or changelog
 https://doc.pfsense.org/index.php/2.1.1_New_Features_and_Changes

  for details.

  Happy upgrading.

  Jim



 ___
 List mailing 
 listList@lists.pfsense.orghttps://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] pfSense version 2.1.1 has been released

2014-04-05 Thread A Mohan Rao 
I m not satisfied with new release 2.1.1 before i upgrade my firewall
working fine after upgrade facing lots of problems like broadcasting etc...
On Apr 5, 2014 11:43 PM, Jeppe Øland jol...@gmail.com wrote:

 On Fri, Apr 4, 2014 at 8:58 AM, Jim Thompson j...@netgate.com wrote:
  Please see the blog post
  https://blog.pfsense.org/?p=1238

 Hmmm... mine gives an error that it can't verify the image signature...
 (I'm on 4gb 2.1 nano vga 64bit)

 Regards,
 -Jeppe
 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] DNS resolution issues under heavy load

2014-03-25 Thread A Mohan Rao 
Pls share ur load with two pfsense server 1 is too much heavy users
load i have 1200 users thats why i install two pfsense boxes in my network.
After i never face this type of problem.
On Mar 25, 2014 7:15 PM, David Noel david.i.n...@gmail.com wrote:

 Well, it looks like it's the cable modem after all. Under load I'm
 unable to connect to it's admin panel, even when I'm directly
 connected to it. I called Comcast's technical support and had them run
 their diagnostics on it while everything was running and it failed
 miserably. The tech agreed with the conclusion that the modem was
 incapable of handling the load. So it looks like I'm in the market for
 a new cable modem. I'm not sure how to find one that will meet my
 needs though. Any DOCSIS 3 compatible modem will work on Comcast's
 network.

 Does anyone know of any models that are designed for heavy load? I'd
 probably need something that was built for networks of ~10,000 users.
 I'm not sure what sort of load 10,000 users generates, but I suspect
 it would peak around the 10-100 requests per second that my crawlers
 are putting out.

 If not, can anyone recommend a place where I might be able to find an
 answer to this question? Mailing list? Web forum? IRC channel, even?
 I'd really rather not have to pull specs on every DOCSIS 3 compatible
 modem and make a best guess based on microcontrollers/CPUs.

 Many thanks,

 -David



 On 3/18/14, David Noel david.i.n...@gmail.com wrote:
  Well, I bumped Maximum State Table from the default of 23,000 to
  75,000, and now it's throwing fewer UnknownHostException's. But
  they're still being thrown. My resource utilization is getting pretty
  high though. I don't think these ALIX boards can handle much more of a
  load, and I still have 2 more servers I need to scale these crawlers
  out to. I do see there's a Firewall Adaptive Timeouts setting in the
  web configurator.. this seems like it might be useful. Can anyone
  recommend any settings I should try to free up some system resources?
  I'm not clear on the consequences of purging pf state entries and
  whether that's something I'd want to do though.
 
  The state table on my primary router (alix1) is at roughly 50%
  utilization, or 40,000 states. The state table on my secondary router
  (alix2) is at 0%, roughly 250 states. This seems odd. Is this to be
  expected under CARP? Why is the load not distributed evenly?
 
  Memory usage on my primary router (alix1) is hovering around 55% (of
  235MB). On my backup (alix2) it's pushing 85-90%. Does this make sense
  to anyone? Top output looks roughly the same... and now alix2 has gone
  down. 95% packet loss. Web Configurator unresponsive. ... It's back up
  but throwing 500 - Internal Server Errors periodically. I've ssh'd
  in to alix2 and am looking at top output.. tcpdump seems to be running
  for pflog purposes.. and it's hogging quite a bit of CPU. Is this
  necessary? Can I disable it somehow?
 
  -David
 
  On 3/18/14, David Noel david.i.n...@gmail.com wrote:
  I've encountered a strange issue while scaling a Java project that I'm
  not quite sure how to resolve. Any thoughts would be appreciated.
 
  The code is a crawler that uses HTMLUnit to crawl a bunch of pages
  concurrently. It uses HTMLUnits getPage method to do the crawling. I'm
  running 100 threads per instance. When I have 1 instance up and
  running on 1 machine everything is fine. When I scale it to a second
  machine though I start having trouble. Calls to getPage keep throwing
  UnknownHostException's (DNS resolution error). With 2 servers running,
  roughly 1 out of every 20 calls to getPage throw this exception. For
  some reason it's unable to resolve domain names.. and it's not just
  the crawlers, my entire network starts to bug on DNS queries. On
  different systems on the same network I get 'unable to resolve host'
  errors in my web browser periodically when loading URL's. Usually when
  I retry it goes through, but it keeps happening sporadically as long
  as the crawlers are running.
 
  So many things could be going wrong here. Thinking maybe it was my
  provider throttling DNS queries I've tried changing DNS servers, but
  that's done nothing. Thinking it might be a bandwidth issue I checked
  systat, but the cumulative load is well under what my line can handle.
  What else could be causing this? My network is pretty simple: Provider
  -- modem -- 2 ALIX boards running pfSense -- Servers and
  workstations. The servers are running FreeBSD, and the workstations
  run FreeBSD, Windows, and OSX.
 
  Has anyone encountered this before? Does anyone have any thoughts on
  what might be causing it?
 
  My only other thought is that maybe pfSense is doing something strange
  so if I can't come up with any better ideas I'll try plugging the
  servers directly into the modem. I'd rather have them behind the
  routers though, so this would be a less-than-ideal solution.
 
  UPDATE: Ok, so it seems to be a pfSense issue. I

Re: [pfSense] Sending logs to external server

2014-03-24 Thread A Mohan Rao 
Please guide me how u do this on pfsense firewall
. We've already managed to block one user who lives in close proximity for
stealing internet (500MB of Youtube videos in less than 3 hours during a
very busy time of day*)

Thnx
Mohan
On Mar 25, 2014 12:14 AM, Ryan Coleman ryanjc...@me.com wrote:

 Now that I have the network stable (thank you so much!) I have another
 task I need/want to accomplish:

 Does anyone have recommendations or suggestions for off-loading log files
 at the end of the day to another server? Specifically I'm wanting the
 system log and the squid logs sent out and rotated afterwards. We've
 already managed to block one user who lives in close proximity for stealing
 internet (500MB of Youtube videos in less than 3 hours during a very busy
 time of day*) but I would like to set up something that crawls through the
 raw files automatically every night and report back via email.

 I can write the script to crawl the data - that's not a problem - it's
 just that the ALIX board is not powerful enough to handle the needs I have.

 Thanks again,
 Ryan

 * I still have a few stages to hit on the deployment but that user will
 eventually be unblocked. We had to rollback the throttling configuration
 while we were having stability issues. Right now we're at 60 hours and
 counting and I plan to re-implement that limiter tomorrow morning.

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Android apps block

2014-03-24 Thread A Mohan Rao 
I need to block whatsapp facebook etc android apps of pfsense users.
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Android apps block

2014-03-24 Thread A Mohan Rao 
For blocking i m using urlblocklist.com. Also i do the same deny chats but
still users can able to chat with gtalk whatsapp facebook apps etc.
On Mar 25, 2014 1:54 AM, Chris Bagnall pfse...@lists.minotaur.cc wrote:


 On 24 Mar 2014, at 19:19, A Mohan Rao mohanra...@gmail.com wrote:
  I need to block whatsapp facebook etc android apps of pfsense users.

 Given that you seem to want to block everything under the sun (though I
 still don't understand why), how about doing it the other way round? Why
 not decide what you *do* want your users to be allowed to do, permit that,
 then deny everything else?

 I can understand blocking things to keep bandwidth requirements down when
 you have a limited amount to go around, as Ryan's trying to do, but I can't
 see why you'd block something like Whatsapp, which seems to be (admittedly,
 I don't use it, so I could be mistaken) a text chat tool - its bandwidth
 usage is going to be negligible.

 Kind regards,

 Chris
 --
 This email is made from 100% recycled electrons

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] After install squid and squid guard internet slow down

2014-03-22 Thread A Mohan Rao 
Dear pfsense experts,

After install squid and squid guard internet was very slow down.
I ready googled and change loader.conf file.
Still internet not perform before install squid or squid guard.

Pls suggest ...

Thanks

Mohan
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Proxy filter

2014-03-20 Thread A Mohan Rao 
Ok,
Actually i have 600 internet users and i have 22 Mbps leased line.
I m not gave any users to full permission but some users are go to out of
the way with lots of free proxy sites download videos or movies thats why i
need to watch that user https and ftp traffic.

Regards
Mohan
On Mar 21, 2014 12:59 AM, Chris Bagnall pfse...@lists.minotaur.cc wrote:

 On 20/3/14 7:19 pm, A Mohan Rao wrote:

 Ok thanks but if i need how i maintain ftp traffic logs.


 Not really relevant to the question, I appreciate, but I can't think of a
 good reason why you'd want to do that, unless of course you're running the
 FTP server, in which case your FTP server should have that ability in its
 settings.

 You might be able to do something using a span port on a switch and some
 clever logging rules, but that's outside my scope. Perhaps there's another
 pfSense package that'll do what you want?

 Kind regards,

 Chris
 --
 This email is made from 100% recycled electrons
 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] http://pfsense.org/ip.php and wget

2014-03-19 Thread A Mohan Rao 
Hello,
i have configured openvpn road warrior also client is properly connected
from outside internet network.
but not able to access server end network and servers's.

can anybody give any help where is do any wrong steps.

thanks

Mohan


On Wed, Mar 19, 2014 at 2:45 PM, Stefan Baur newsgroups.ma...@stefanbaur.de
 wrote:

 Am 19.03.2014 10:09, schrieb Stefan Baur:
  Hi List,
 
  is there a particular reason why wgetting http://pfsense.org/ip.php
  gives a blank result? Works just fine when using a regular GUI browser
  like Firefox, but not on the command line with wget.

 Oh. I just noticed it's redirecting to https, and wget throws this error:

 ERROR: The certificate of `www.pfsense.org' is not trusted.

 What do I have to install to make it work?
 I do have the ca-certificates bundle installed, but it seems you're
 requiring something else?

 -Stefan
 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] pfsense openvpn Road Warrior

2014-03-19 Thread A Mohan Rao 
Hello Team,

Hello,
 i have configured openvpn road warrior also client is properly connected
 from outside internet network.
 but not able to access server end network and servers's.
 can anybody give any help where is do any wrong steps.

Thanks

Mohan
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] pfsense openvpn Road Warrior

2014-03-19 Thread A Mohan Rao 
yes client is properly connected from windows computer system.
also show that client name in tab open vpn status page .
but not able to communication between.

thanks

Mohan


On Wed, Mar 19, 2014 at 3:37 PM, rajan agarwal rajanagarwa...@gmail.comwrote:

 Hi Mohan,

 Are you using windows for connections? Can you see if routes were added
 when client connected to VPN or not.




 On Wed, Mar 19, 2014 at 2:54 PM, A Mohan Rao mohanra...@gmail.com wrote:

 Hello Team,

 Hello,
  i have configured openvpn road warrior also client is properly connected
  from outside internet network.
  but not able to access server end network and servers's.
  can anybody give any help where is do any wrong steps.

 Thanks

 Mohan

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] pfsense openvpn Road Warrior

2014-03-19 Thread A Mohan Rao 
Hello RAJAN JI,
No, can u pls guide me where i see or configure internal routes.
Have u successfully configured Road Warrior open vpn or it is running any
where.
If u want any other info pls tell me i will provide u immidiately. Like gui
or any viewer.
Thanks
Mohan
On Mar 19, 2014 4:01 PM, rajan agarwal rajanagarwa...@gmail.com wrote:

 Hi Mohan,

 Can you see if the internal routes of your network are pushed to the
 client using route print command in cmd?


 On Wed, Mar 19, 2014 at 3:55 PM, A Mohan Rao mohanra...@gmail.com wrote:

 yes client is properly connected from windows computer system.
 also show that client name in tab open vpn status page .
 but not able to communication between.

 thanks

 Mohan


 On Wed, Mar 19, 2014 at 3:37 PM, rajan agarwal 
 rajanagarwa...@gmail.comwrote:

 Hi Mohan,

 Are you using windows for connections? Can you see if routes were added
 when client connected to VPN or not.




 On Wed, Mar 19, 2014 at 2:54 PM, A Mohan Rao mohanra...@gmail.comwrote:

  Hello Team,

 Hello,
  i have configured openvpn road warrior also client is properly
 connected
  from outside internet network.
  but not able to access server end network and servers's.
  can anybody give any help where is do any wrong steps.

 Thanks

 Mohan

 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list



 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] 2.0-RELEASE now available!

2011-09-17 Thread A Mohan Rao 
I have to format my  pfsense firewall and reinstall only squid and
squid guard package. still my problem is there group based (ACL)
content filtering is not  working. Any idea why its suddenly happen i
could not understand...  Before 3 days i had facing this problem
otherwise its working very fine

On 9/18/11, Glenn Kelley gl...@typo3usa.com wrote:
 decade maybe :-)

 Awesome !!!


 On Sat, Sep 17, 2011 at 6:40 PM, Diego Barrios
 s...@techsystem.com.brwrote:

 Ae

 Thank you very much for this precious piece of software!

 Congratulations, i`d like to say it`s gonna be the milestone of the year!

 Cheers!





 --
 *From: *Chris Buechler c...@pfsense.org
 *To: *pfSense support and discussion list@lists.pfsense.org
 *Sent: *Saturday, September 17, 2011 3:58:18 PM

 *Subject: *[pfSense] 2.0-RELEASE now available!

 for those who don't watch the blog:
 http://blog.pfsense.org/?p=598
 ___
 List mailing list
 List@lists.pfsense.org brhttp://lists.pfsense.org/mailman/listinfo/list

 ___
 List mailing list
 List@lists.pfsense.org
 http://lists.pfsense.org/mailman/listinfo/list




-- 
Sent from my mobile device
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list