Greetings-
I've run into what appears to be a bug in pfSense. When changing interface
assignments, if those interfaces are part of a bridge, the bridge will not be
updated. Instead a reboot is required, or going to each bridge affecting and
re-saving it's parameters.
A specific case I've exper
- Original Message -
>
> One, the problem first appeared with the Tranquilnet unit. Two, I
> forgot
> to mention that I noticed that the heat problem (it's hard to miss if
> you
> don't read the directions -- the units are almost hot enough to burn
> skin
> :) and am using a laptop cooler
- Original Message -
> Greetings all,
> I ma new to pfsense , pl help me out "pfsense firewall & Nat
> configuration" for small education network.
> I am Using pfsense 2.1.4-reease for (i386)
> 1. interface on WAN (wan) -> em0 - > v4/DHCP4 : 192.168.0.16/24
> 2. interface on LAN (lan
- Original Message -
> Greetings-
> I'm experiencing an odd situation. On a system running pfSense
> 2.1.3-RELEASE on i386 (6x Intel NICs, Intel G2030 CPU, 1GB RAM,
> etc), the use case lends the unit's LAN to be physically
> disconnected (think lab environment). If the interface is left
Greetings-
I'm experiencing an odd situation. On a system running pfSense 2.1.3-RELEASE on
i386 (6x Intel NICs, Intel G2030 CPU, 1GB RAM, etc), the use case lends the
unit's LAN to be physically disconnected (think lab environment). If the
interface is left down overnight, upon reconnecting th
- Original Message -
> I'll put here the amount of info that I can before my server's
> security may be compromised.
> I want to install pfsense to an server that's hosted by ProfitBrick
> and using KVM as virtualization enviroment which may became a
> problem.
> It has two nics. One for
Greetings-
Hot on the heels of the OpenSSL debacle, and a fresh new release of pfSense
(THANK YOU), I'm curious about the Heartbleed vulnerabilitie's actual surface
attack area. All of the relevant information, reports, and PoC's are pointing
at exploit only via an affected HTTPS webserver. Ho
Alright, I understand IPv6 is a 'different animal'. BUT, I'm trying to do
something that seems logical, but not working. Hoping someone can shed light on
it?
I have an IPv6 tunnel from Hurricane Electric. The /64 is routed to my GIF
interface. I requested another /48 for assignment internally.
Greetings-
I've just (unsuccessfully) tried setting up an Atheros AR5280 based mPCIe card
for use with pfSense 2.0.2. The results were not spectacular. Errors included
randomly dropping traffic, dropping carrier, and the infamous scrolling errors
'ath0: stuck beacon...'.
So, I'm on a quest for
- Original Message -
> On Tue, Jan 22, 2013 at 11:24 AM, Tim Nelson < tnel...@rockbochs.com
> > wrote:
> > I have two hosts in a CARP setup, working as expected for failover.
> > States are set to sync between the primary system and the secondary
> > syste
Greetings-
I have two hosts in a CARP setup, working as expected for failover. States are
set to sync between the primary system and the secondary system. However, when
I look at the state table of the slave system, it does not match that of the
master system. For example, the master shows 1187
- Original Message -
> On 1/22/2013 9:27 AM, Vick Khera wrote:
> > the SMTP alerts will tell you when a carp cluster change occurs,
> > but no
> > details on what exactly it was.
>
> On 2.1 the message is quite a bit more informative:
>
> Carp cluster member "192.168.x.y - (wan_vip241)"
Greetings-
I have an installation where two pfSense 2.x systems are configured with CARP
IPs on 6 interfaces. This is working quite well after I resolved some OpenVPN
oddities. CARP works as expected when simulating failure (link, power, etc).
BUT, the question is, how do I know when a CARP fai
- Original Message -
> info here:
> http://blog.pfsense.org/?p=676
And just in time for ! Fantastic! Thanks
for your amazing software, and brilliant work!
--Tim
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listi
- Original Message -
>
> That was my hope, to save public subnet IP space. The answer appears
> to be no, but now that I have a couple of boxen in my test lab, it
> would be easy to find out. I'll post to the list with the results
> later, although my hopes aren't very high for the intende
- Original Message -
> On 12/5/2012 10:11 AM, Tim Nelson wrote:
> > I've successfully setup 2x pfSense boxen with CARP. It is working
> > properly, with ~1 second failover. The following test scenarios
> > work well:
> >
> > -Unplugging a link (WA
- Original Message -
> 2012/12/5 Tim Nelson < tnel...@rockbochs.com >
> > - Original Message -
>
> > > 1: You need 3 IPs in the same subnet.
>
> hello, to clearify this answer:
> Is following correct ?:
> - on WAN SIDE you need:
&
I've successfully setup 2x pfSense boxen with CARP. It is working properly,
with ~1 second failover. The following test scenarios work well:
-Unplugging a link (WAN, LAN, etc)
-Causing system crash (kill -9 1)
-Unplugging both SAS HDDs (actually carp doesn't come into play, system keeps
routing
- Original Message -
> 1: You need 3 IPs in the same subnet.
>
> 2: For site-to-site i would honestly set up 2 separate tunnels (one
> on
> each WAN) and create an internal loadbalancer/failover pool for the
> other side via the two gateways of the openVPN tunnels.
>
Thank you for the IP
I'm looking at implementing a new CARP setup for a couple of sites, but have a
few questions before I dive in:
1. For two pfSense systems, is it confirmed that 3 IPs will be needed on each
subnet/interface? My understanding is one IP per host, plus the 'floating' IP
managed by CARP, for a total
- Original Message -
> > I'm looking at possibly running a CARP setup between 2x Dell 1950's
> > in a failover configuration. My perusal of the mailing list
> > archives, and the pfSense forum seems to indicate they should work
> > just fine, no 1950 specific issues on the latest pfSense re
I'm looking at possibly running a CARP setup between 2x Dell 1950's in a
failover configuration. My perusal of the mailing list archives, and the
pfSense forum seems to indicate they should work just fine, no 1950 specific
issues on the latest pfSense releases.
Is anyone out there running pfSen
- Original Message -
> e.g. I will be getting an internal IP of 192.168.0.20, 0.102, 0.87
> and then 1.101 for example, however all the 0.'s will have the same
> 0.1 gateway yet be totally different connections to the web… Not
> sure if that would matter…
Every WAN needs to have a unique
- Original Message -
> I guess you could tcp dump on the sync interface.
> Or set the advertise frequency to something really high. If it
> switches
> to slave there is somewhere a higher priorised slave which became
> master.
>
> However a lot people are running CARP VIP's simply to get a
Greetings-
I have access to some virtual pfSense 2.0-RC1 hosts that need to be upgraded to
the latest RELEASE. All hosts are setup with CARP, but it appears some of them
do not have any slave systems. Meaning, of these systems, there are some that
are setup as CARP masters for various IPs/VHIDs
- Original Message -
> Greetings list,
>
> For many years I've been deploying pfSense on ALIX boards. They've
> proven to be reliable and a good balance between cost and
> performance.
> Price in the UK is about 120 GBP (including PSU and chassis), which
> means that they're cost-comparabl
- Original Message -
> On Fri, Jun 01, 2012 at 02:36:21PM -0400, Sean Cavanaugh wrote:
> > If provider is providing you NATed internet access...my best guess
> > is you
>
> It's not NATed. They're rewriting the packet headers. The only
> NAT there is is our own.
>
Isn't rewriting of the
- Original Message -
> Ooh, I have a bunch of E450s I'd love to give away! :-)
> (Shipping would still be expensive, though.)
> -Adam
>
I gave my E450s and other Enterprise line stuff away a couple years back to
another BSD project, and a local youngster interested in such things. Ah, th
- Original Message -
> Op 10 mei 2012, om 22:09 heeft Tim Nelson het volgende geschreven:
>
> > - Original Message -
> >> I was not aware of the fact the OpenBSD runs natively on Sun Server
> >> with SPARC architecture.
> >> It's because
- Original Message -
> I was not aware of the fact the OpenBSD runs natively on Sun Server
> with SPARC architecture.
> It's because i bought the V100 few months ago, so that's why i would
> like to integrate it,...and with OpenBSD - of -course- are quite a few
> possibilities.
Last I chec
Greetings-
I remember around the time of the 2.0 betas (or as an addon to the 1.x branch),
there was a way to see the bandwidth used per host. It was displayed next to
the SVG graph for the selected interface. However, I'm completely unable to see
how this was previously done. Am I missing some
- Original Message -
> - Original Message -
> > On Thu, Jan 12, 2012 at 1:00 PM, Tim Nelson
> > wrote:
> > > Greetings-
> > >
> > > I understand the functionality of the OpenVPN Status package from
> > > the 1.x versions is n
- Original Message -
> On Thu, Jan 12, 2012 at 1:00 PM, Tim Nelson
> wrote:
> > Greetings-
> >
> > I understand the functionality of the OpenVPN Status package from
> > the 1.x versions is now integrated into the 2.x versions. *However*,
> > let'
Greetings-
I understand the functionality of the OpenVPN Status package from the 1.x
versions is now integrated into the 2.x versions. *However*, let's say...
"hypothetically" a 1.2.2 config was uploaded to a fresh 2.0.1 installation, and
the OpenVPN Status package XML(every package XML for tha
- Original Message -
> In 2.0 each interface is renamed in a unique way so you do not need
> dev
> tun or any similar entries in the options.
>
> You can assign the interfaces if you want (set an IP type of 'none' on
> them) and filter individually if you want, too.
>
> I run with two of
- Original Message -
> On Thu, Oct 13, 2011 at 16:03, Tim Nelson
> wrote:
> > I would expect it to work this way also. However, I've removed the
> > OPT interfaces corresponding to the OpenVPN servers. Next, I've
> > added one rule to 'Allow all
- Original Message -
> On 10/12/2011 5:48 PM, Vassilis V. wrote:
> > Tim Nelson wrote on 12.10.2011 23:37:
> >>
> >> Ah yes, that does in fact work, thanks. However, I like the idea of
> >> having each VPN appear as a separate OPT for ease of rule
> &
- Original Message -
> I havent been using pfsense for very long, but under Firewall-Rules
> you
> should have a tab "OpenVPN". Try putting there some rules, it works
> for me.
Ah yes, that does in fact work, thanks. However, I like the idea of having each
VPN appear as a separate OPT for
Greetings-
I'm attempting to filter traffic on an OpenVPN interface. However, the rules
don't seem to be working. Steps I've taken:
1. Disabled 'Audo Added VPN Rules' on System->Advanced->Firewall/NAT page
2. Assigned VPN (ovpns3) as OPT1 interface
3. Enabled new OPT1 interface, type 'None'
4. A
Greetings-
Is it possible to send multicast traffic over OpenVPN using pfSense (1.x or 2.x
flavors)? If so, does it "just work" or are multicast proxies, etc involved?
Thanks!
--Tim
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org
So, if your antennas are pointed straight
up(vertically), signal should be coming horizontally. This is an oversimplified
view, but roughly correct.
I'm not a wireless "expert", but I hope these tips give you a few items to go
on for better performance.
Tim Nelson
Systems/Netw
You could very well have channel spacing issues. There are only a few channels
that do not overlap. Please see details here for specific wifi
implementations:http://en.wikipedia.org/wiki/IEEE_802.11#Channels_and_international_compatibility
Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218
42 matches
Mail list logo
