Re: [pfSense] pfSense 2.3.2-p1 RELEASE Now Available

2016-10-10 Thread Morten Christensen
You should consider to state clearly in such announcements, if the 
upgrade includes a reboot of the box.




Den 06-10-2016 21:29, skrev Jim Thompson:

Details are here: https://blog.pfsense.org/?p=2122 
<https://blog.pfsense.org/?p=2122>
___



--
Morten Christensen
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


Re: [pfSense] 2.2.6 - Lost LAN conection when IPSEC tunnel is conected only first time booting

2016-03-20 Thread Morten Christensen

Den 15/03/2016 15.14, skrev Nicolas Fabris:

Good morning everyone.

I have an strange issue.

Details:
LAN IP pfSense: 10.133.30.1

TUNNEL IPSEC: Phase 2
Local Network LAN Subnet
Remote Network 10.0.0.0/8



Any idea ?
My bet is, that the "/8" on the remote network routes all traffic to the 
whole 10.x.x.x-block throug the tunnel including the 10.133.30.x LAN.


--
mvh Morten Christensen
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


[pfSense] How to change driver for NIC

2015-01-04 Thread Morten Christensen

As mentioned in another thread, pfSense 2.2 is not usable on a XenServer.

In the forum
https://forum.pfsense.org/index.php?topic=85797.0
it was mentioned, that I could try to change the driver away from xn, 
but I can not find a way to change the NIC driver on my virtualised 
pfSense 2.2.


Can anyone give me a description of, how to change driver ?

--
Morten Christensen
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


Re: [pfSense] How to change driver for NIC

2015-01-04 Thread Morten Christensen

Den 04-01-2015 kl. 15:55 skrev compdoc:

Can anyone give me a description of, how to change driver ?

Well, you would need to change the NIC itself. I haven't tried this, but the
following url explains the problem and might help fix the problem.

http://www.netservers.co.uk/articles/open-source-howtos/citrix_e1000_gigabit

I switched to KVM because of the limitations of XenServer's networking.


Thanks for your answer.

Are you saying that I can only try to change driver in XenServer.

Is it impossible to try to improve on pfSense 2.2's problem in pfSense ?

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


Re: [pfSense] How to change driver for NIC

2015-01-04 Thread Morten Christensen


Den 04-01-2015 kl. 18:57 skrev compdoc:

Is it impossible to try to improve on pfSense 2.2's problem in pfSense

You might not be the only person having the problem, but I haven't
researched to know for sure.

Sometimes, it's possible to do the work and discover the problem yourself.
There are a few areas of experimentation that might lead to the problem, or
to the solution...

First of all, it's possible that there is a problem with that version of
pfSense. Something that may be fixed before or after its release.

Or, its possible there is a problem with the drivers for the virtual nics in
that version of freebsd. Guess that would be either the 100baseT Realtek NIC
emulation, or the xenserver NIC drivers if you have managed to install
those.

You can see if a better or newer driver exists. I have compiled realtek's
newest freebsd drivers myself and used them, for example.

If I could find drivers, I have no idea, how to install them on pfSense.

If you were to try the e1000 emulation as suggested in the url I posted and
saw no improvement, that knowledge might be a great help to the community.
I tried to make the cange from your link in the xenserver, and installed 
a new pfSense 2.2.
The pfSenses nic's ware called xn like before, so I have no idea, if it 
had any effect.


The iperf network speed from another VM on the same Xenserver through 
pfSense was 1,4 Kbits/sec. As unusable as before with pfSense 2.2.




Finally, there's the actual server hardware itself. Its takes a certain
speed and type cpu to host virtual machine firewalls. Also, certain brands
of network cards perform better than others. Maybe you can describe these...

It don't think it is the hardware.
On the same hardware and the same Xenserver-install both pfSense 2.1, 
IPCop and Zentyal is acting normal.
It is only pfSense 2.2, that has this not usuable speed from other VM's 
in the Xenserver.



As said in the other thread. Speed from behind the xenserver is normal.

--
Morten Christensen
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


Re: [pfSense] Very slow traffic from other VM's through pfSense on XenServer

2014-12-27 Thread Morten Christensen


Den 22-12-2014 kl. 20:43 skrev Morten Christensen:


Den 20-12-2014 23:33, Morten Christensen skrev:
I have 2 XenServers, 1 with XenServer 6.2 and one with Xenserver 
Creedence beta 3.


Both have a pfSense 2.2 RC as router/firewall and a couple of Ubuntu 
Linux VM's and a windows-VM.


Traffic through both the physical xenserver-box and the virtual 
pfSense firewall goes at expected speeds.
But traffic from the other VM's on the same server through the 
pfSense out on wan/internet goes very, very slow.

It goes so bad they cannot update themselve with apt-get.

When I try with iperf from a linux VM through the pfSense's WAN the 
speed is 3,82 KBits/sec.
The VM's and pfSense are connected with an internal single-server 
network (as OPT1), and tests to iperf server run on pfSense from a 
linux VM shows gigabit-speed.


One of the pfSense' has xen-tools installed. The other has not. I 
cannot se improvements with the tools installed.


One of my XenServers can get several public IP'numbers. On that I now 
have installed VM's with both an IPCop firewall and a Zentyal firewall.
When one of those new firewall-VMs' is default gateway for the 
ordinary VM's on the XenServer, theirm...@moseboelle.dk is normal.


So it must be a configuration-problem om pfSense.

Still no ideas how to find the problem ?


Tried to install a pfSense 2.1.5 as VM.
With 2.1.5 as default gateway other VM's on the Xenserver have normal 
wan/internet-speed.


But very slow speeed through 2.2RC continues.

--
Morten Christensen
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


[pfSense] Very slow traffic from other VM's through pfSense on XenServer

2014-12-22 Thread Morten Christensen


Den 20-12-2014 23:33, Morten Christensen skrev:
I have 2 XenServers, 1 with XenServer 6.2 and one with Xenserver 
Creedence beta 3.


Both have a pfSense 2.2 RC as router/firewall and a couple of Ubuntu 
Linux VM's and a windows-VM.


Traffic through both the physical xenserver-box and the virtual 
pfSense firewall goes at expected speeds.
But traffic from the other VM's on the same server through the pfSense 
out on wan/internet goes very, very slow.

It goes so bad they cannot update themselve with apt-get.

When I try with iperf from a linux VM through the pfSense's WAN the 
speed is 3,82 KBits/sec.
The VM's and pfSense are connected with an internal single-server 
network (as OPT1), and tests to iperf server run on pfSense from a 
linux VM shows gigabit-speed.


One of the pfSense' has xen-tools installed. The other has not. I 
cannot se improvements with the tools installed.


One of my XenServers can get several public IP'numbers. On that I now 
have installed VM's with both an IPCop firewall and a Zentyal firewall.
When one of those new firewall-VMs' is default gateway for the ordinary 
VM's on the XenServer, their wan/internet-speed is normal.


So it must be a configuration-problem om pfSense.

Still no ideas how to find the problem ?


--
Morten Christensen
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


[pfSense] Very slow traffic from other VM's through pfSense on XenServer

2014-12-20 Thread Morten Christensen
I have 2 XenServers, 1 with XenServer 6.2 and one with Xenserver 
Creedence beta 3.


Both have a pfSense 2.2 RC as router/firewall and a couple of Ubuntu 
Linux VM's and a windows-VM.


Traffic through both the physical xenserver-box and the virtual pfSense 
firewall goes at expected speeds.
But traffic from the other VM's on the same server through the pfSense 
out on wan/internet goes very, very slow.

It goes so bad they cannot update themselve with apt-get.

When I try with iperf from a linux VM through the pfSense's WAN the 
speed is 3,82 KBits/sec.
The VM's and pfSense are connected with an internal single-server 
network (as OPT1), and tests to iperf server run on pfSense from a linux 
VM shows gigabit-speed.


One of the pfSense' has xen-tools installed. The other has not. I cannot 
se improvements with the tools installed.


Anobody with experience on pfSence and XenServer, that can give me in a 
direction to experiment in?



--
Morten Christensen
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


Re: [pfSense] Limit bandwith pr user / ip

2014-11-02 Thread Morten Christensen


Den 02-11-2014 06:12, Chris L skrev:

On Nov 1, 2014, at 4:07 PM, Morten Christensen mc-m...@g.mc.cx wrote:


I am going to setup pfSense as gateway/firewall in front of a small wireless 
broadband system with 10 to 20 houses connected.

We want to prevent one single house from taking up all bandwith, when other 
users can use their share, but not to restrict anyone unnessessary, when demand 
is low.

I have found howto's that make permanent limits on each users or ip-numbers 
bandwith, They seems to make that limitation without taking care of, if the 
limitations is needed.
Other howto's shows how to make smarter QOS limitations based on different 
applications like telephones versus http-download that is only active, when a 
service actually needs the bandwith.

Do you know of howto's that can limit users bandwith, when the line is under 
heavy use, but not, when that user is alone on the line, and that do not care 
if the user is downloading an ISO, streaming HDTV or making a video-conference ?



You create a limiter for the total amount of bandwidth available, then create a 
child limiter that masks on IP addresses.

Make a limiter for uploads masked on source addresses and a limiter for 
downloads masked by destination addresses.

Everyone has the full capacity unless/until there is contention.

The steps are outlined starting here:

https://forum.pfsense.org/index.php?topic=63531.msg364520#msg364520
I have tried to follow the screenshots from foxale08 (took some time to 
understand, the the images is only shown, when you are loged  in to the 
forum).


I lost the track between no. 22 and no. 23. Can anybody tell, how I come 
to those options, or if they are still needed ?



--
Morten Christensen




___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


[pfSense] Limit bandwith pr user / ip

2014-11-01 Thread Morten Christensen
I am going to setup pfSense as gateway/firewall in front of a small 
wireless broadband system with 10 to 20 houses connected.


We want to prevent one single house from taking up all bandwith, when 
other users can use their share, but not to restrict anyone 
unnessessary, when demand is low.


I have found howto's that make permanent limits on each users or 
ip-numbers bandwith, They seems to make that limitation without taking 
care of, if the limitations is needed.
Other howto's shows how to make smarter QOS limitations based on 
different applications like telephones versus http-download that is only 
active, when a service actually needs the bandwith.


Do you know of howto's that can limit users bandwith, when the line is 
under heavy use, but not, when that user is alone on the line, and that 
do not care if the user is downloading an ISO, streaming HDTV or making 
a video-conference ?



--
Morten Christensen


___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


[pfSense] webConfigurator authentication error

2014-08-27 Thread Morten Christensen

I try to setup pfSence for the first time.

It is running on a XenServer 6.2, but I don't suspect that to be the 
problem.


I have never succeeded to log in to the web interface. Every time I try 
with username admin and password pfsence, there a message like this on 
the console:

Message from syslogd@pfSence at Aug 27 12:26:56 ...
pfSence php: /index.php: webConfigurator authentification error for 
'admin' from 172.17.1.110


I have tried with 2 installs og 2.1.4 and one of 2.2 and reset 
webConfiguratoor password several times.


From console I can go to Shell and change password for root and admin 
and after that log in with ssh. But that is not giving med GUI-access.


Any help ?

--
Morten Christensen
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list