Re: [pfSense] Port forwards don't work on one machine

2018-02-12 Thread Steven Spencer 
On 02/12/2018 11:43 AM, Marco wrote:
> On Mon, 12 Feb 2018 10:21:08 -0600
> Steven Spencer <steven.spen...@kdsi.com> wrote:
>
>> On 02/11/2018 03:29 PM, Marco wrote:
>>> On Sun, 11 Feb 2018 20:46:41 +
>>> "Joseph L. Casale" <jcas...@activenetwerx.com> wrote:
>>>  
>>>> -Original Message-
>>>> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of
>>>> Chris L Sent: Sunday, February 11, 2018 1:43 PM
>>>> To: pfSense Support and Discussion Mailing List
>>>> <list@lists.pfsense.org> Subject: Re: [pfSense] Port forwards don't
>>>> work on one machine
>>>>  
>>>>> What interface is that taken on? Take one on the interface the
>>>>> destination server is connected to (WLAN?) and test again. While
>>>>> you’re capturing also do another Diagnostics > Test Port from the
>>>>> local pfSense itself. Please include the capture of both events
>>>>> (from outside and using test port.)
>>>>>
>>>>> It looks like the server is not responding.
>>>> I'd also suggest running a capture on the destination, if it's
>>>> actually receiving traffic and/or sending it elsewhere (routing
>>>> rule) this will provide some insight.  
>>> I ran a wireshark on the destination and it received packets when
>>> “port testing” from the pfSense, but not when using external access
>>> (e.g. canyouseeme.org)
>>>
>>> Marco
>>> ___
>>> pfSense mailing list
>>> https://lists.pfsense.org/mailman/listinfo/list
>>> Support the project with Gold! https://pfsense.org/gold  
>> Marco,
>>
>> Just curious, but what is the target machine's OS?
> The actual server is FreeBSD, but I run the tests with a Linux
> laptop as the behaviour is the same.
>
> Marco
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold

I know you've stated that you have no firewall on these machines. So
iptables -L shows empty on the Linux laptop and (sorry not familiar with
FreeBSD) and equiv on FreeBSD? No selinux in play on the Linux laptop or
at least if in play, policies are in use? I looked at your screen shots
and I can't see anything that leaps out at me. We have a number of
PfSense firewalls in use (15) within our organization and I've used port
forwarding on every one of them and have never run into a problem-unless
the receiving machine refuses the connection. I've been bitten by
selinux before and more recently, by firewalld.

Thanks,

Steven G. Spencer

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Restoring at remote location before deployment

2017-05-19 Thread Steven Spencer 
Mark,

Thanks very much for the reply. We should be able to accomplish this
using this method as well.

Steve

On 05/18/2017 08:26 AM, Mark Wiater wrote:
>
>
> On 5/17/2017 3:44 PM, Steven Spencer wrote:
>> All,
>>
>> When restoring a configuration for a site, we often do so from the home
>> office and then deploy after we are sure hardware is working as
>> expected. That means that we are restoring a backup and then on reboot,
>> their is no active WAN (because the WAN IP is set for the remote
>> location on restore)
>
> I do the same, build up the system in the home office for testing.
>
> I've created a separate environment within the home office that allows
> for the unit under test to hit the internet after getting natted to
> the home office's ip addr.
>
>
>
>
>
>
>
>
> esses.
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>

-- 
-- 
Steven G. Spencer, Network Administrator
KSC Corporate - The Kelly Supply Family of Companies
Office 308-382-8764 Ext. 1131
Mobile 402-765-8010 

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] pfSense 2.3.2-p1 RELEASE Now Available

2016-10-10 Thread Steven Spencer 
Never mind. On further inspection, we were in error. :/

On 10/10/2016 05:37 PM, Steven Spencer wrote:
> Are we the only ones here who are seeing a checksum issue with the download?
>
> On 10/10/2016 12:19 PM, Morten Christensen wrote:
>> You should consider to state clearly in such announcements, if the
>> upgrade includes a reboot of the box.
>>
>>
>>
>> Den 06-10-2016 21:29, skrev Jim Thompson:
>>> Details are here: https://blog.pfsense.org/?p=2122
>>> <https://blog.pfsense.org/?p=2122>
>>> ___
>>>
>> -- 
>> Morten Christensen
>> ___
>> pfSense mailing list
>> https://lists.pfsense.org/mailman/listinfo/list
>> Support the project with Gold! https://pfsense.org/gold
>>
>


-- 
-- 
Steven G. Spencer, Network Administrator
KSC Corporate - The Kelly Supply Family of Companies
Office 308-382-8764 Ext. 1131
Mobile 402-765-8010 

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] pfSense 2.3.2-p1 RELEASE Now Available

2016-10-10 Thread Steven Spencer 
Are we the only ones here who are seeing a checksum issue with the download?

On 10/10/2016 12:19 PM, Morten Christensen wrote:
> You should consider to state clearly in such announcements, if the
> upgrade includes a reboot of the box.
>
>
>
> Den 06-10-2016 21:29, skrev Jim Thompson:
>> Details are here: https://blog.pfsense.org/?p=2122
>> 
>> ___
>>
>
> -- 
> Morten Christensen
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>


-- 
-- 
Steven G. Spencer, Network Administrator
KSC Corporate - The Kelly Supply Family of Companies
Office 308-382-8764 Ext. 1131
Mobile 402-765-8010 

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Dandy pfSense appliance

2013-04-25 Thread Steven Spencer 

On 04/24/2013 01:18 PM, Chris Bagnall wrote:

On 24/4/13 7:05 pm, Mathieu Simon wrote:

Depends what you think about high specs many 1 GE ports or even 10 GE,
lots of cores etc?


This. You also have to decide whether you actually need high specs in
a router. There's little point in paying for multiple GigE or 10GE ports
if your internet connection is in the sub-100Mbps range.

FWIW, we've been using the ALIX boards for several years, and despite
their apparently low spec, they'll happily route an FTTC 80Mbps/20Mbps
connection without breaking too much of a sweat.

Obviously if you're looking at datacentre applications you'll want
something a bit beefier, but in that case, you probably aren't bothered
about having a Netgear WiFi router size unit.

Also worth mentioning that in my experience, WiFi is best done with a
separate access point (or access points). It enables you to position it
in the best location for signal dispersion, which might not be the same
location as your internet connection's ingress.

Kind regards,

Chris


We started buying small form factor PC's (about the size of two 
dictionaries) and using SSD drives. The biggest unit we have (same 
specs, just different configuration port wise) is one of these units 
with 2 GB RAM and 128 GB HHD with 5 10/100 Ethernet ports.


--
--
Steven G. Spencer, Network Administrator
KSC Corporate - The Kelly Supply Family of Companies
Office 308-382-8764 Ext. 231
Mobile 308-380-7957
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list