Re: [pfSense] IPSec nat issue

On 5/26/2016 1:23 PM, Mark Wiater wrote: On 5/26/2016 2:09 PM, Rosen Iliev wrote: The other end has a conflict with our LAN addressing(192.168.1.0/24). So in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 for the local Network. NAT/BINAT network of 192.168.85.0/24. Their remote network

Re: [pfSense] IPSec nat issue

but am not able to come up with a working answer. Just not even sure what you guys need from me to help troubleshoot this. Thanks in advance, Lyle Giese LCR Computer Services, Inc. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] IPSec nat issue

That's a typo. All routes/subnets are rfc 1918, 192.168.x.x Lyle On 5/26/2016 9:40 AM, Steve Yates wrote: Jumping in midway through, 193.168.1.0/24 belongs to Universite du Luxembourg. If that's not you then the other end could be routing packets there. -- Steve Yates ITS, Inc.

Re: [pfSense] IPSec nat issue

I was running packet capture on the IPSec interface looking for traffic to/from 192.168.75.x and 192.168.85.x and only saw traffic when I pinged their server. Lyle On 5/26/2016 9:32 AM, ED Fochler wrote: I agree. I typically ssh in as root and tcpdump to get a more interactive view of the

Re: [pfSense] IPSec nat issue

I think they would ping 192.168.85.x and incoming pfSense would forward that traffic to 192.168.1.x, doing a 1:1 type NAT. Lyle On 5/26/2016 7:44 AM, Vick Khera wrote: On Wed, May 25, 2016 at 8:54 PM, Lyle wrote: The other end has a conflict with our LAN

Re: [pfSense] Client-Side 1:1 NAT for IP address conflicts w/ VPN

Chris, Maybe Karl needs to read RFC 1918. It can be enlightening to find out he does not 'own' 10.0.0.0/8 Yes, VPN's require unique subnets on both sides of the VPN server, but that is the price you pay for using a VPN with RFC 1918 addresses. Lyle Giese LCR Computer Services, Inc. On 12

Re: [pfSense] Client-Side 1:1 NAT for IP address conflicts w/ VPN

ATT/SBC used 2wire brand DSL routers and there was a version of FW in them that used 172.16/12 for the LAN. I used to see that model frequently just before they started pushing Uverse instead. Lyle Giese LCR Computer Services, Inc. On 12/10/14 06:34, Chris Bagnall wrote: On 10/12/14 6:36 am

Re: [pfSense] After upgrading 2.1.3-2.1.5 the SNMP.pm can't be found for Nagios anymore

This is not a Nagios or pfsense error. It's a PERL error and it can not find SNMP.pm You may want to try CPAN to re-install Net::SNMP Lyle On 10/02/14 05:04, Rens wrote: Nobody that can help me with this? *From:*Rens [mailto:r...@autempspourmoi.be] *Sent:* maandag 22 september 2014 13:53

[pfSense] updating issues with signature on image

or is there something wrong with the update process? Lyle Giese LCR Computer Services, Inc. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] IPv6 Default Gateway

Typos are a terrible thing. I often put in a ; instead of a : in IPv6 addresses. Depending on the font, it can be VERY hard to see that. Plus we can not see what you thought you typed in or what you really typed in, it's very hard to guess what's wrong. Lyle On 07/09/14 10:17, Mark Tinka

Re: [pfSense] squid load so slow

On 10/28/12 04:47, Mark wrote: I notice that eveytime I make changes on my settings in Proxy Server, it takes time (almost 5-10 mins.) before it stop from loading. I don't know if it take effect immediately or what but what makes me concern is that it loads so slow. I don't have this issue

Re: [pfSense] Detecting Torpig with pfsense?

table in pfsense and see who has a connection open to the CD server? Lyle Giese LCR Computer Services, Inc. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] DynDNS/No-IP question, cascaded NAT

On 01/06/12 14:09, Stefan Baur wrote: Hi List, some of my customers are switching to No-IP, as DynDNS.org doesn't seem to offer free accounts any more. So far, they had used their ISP-provided routers for DynDNS.org with the pfSense box plugged into the LAN side of that router: