Re: [pfSense] IPSec nat issue

2016-05-26 Thread Steve Yates
Jumping in midway through, 193.168.1.0/24 belongs to Universite du Luxembourg. If that's not you then the other end could be routing packets there. -- Steve Yates ITS, Inc. -Original Message- > On Wed, May 25, 2016 at 8:54 PM, Lyle wrote: > >> The other end has

Re: [pfSense] IPSec nat issue

2016-05-26 Thread ED Fochler
I agree. I typically ssh in as root and tcpdump to get a more interactive view of the network, but packet capture should give you the same data. You should be seeing traffic even if it is rejected or dropped by your firewall rules. If you’re not seeing ping, it’s not showing up at your

Re: [pfSense] USB3 to ethernet adaptor

2016-05-26 Thread RB
On Thu, May 26, 2016 at 10:42 AM, WebDawg wrote: > I posted this a while ago: > > > http://seclists.org/fulldisclosure/2016/Jan/77 > > http://seclists.org/fulldisclosure/2016/Mar/25 I see, but that has nothing to do with the security of the VLAN implementation, rather of the

Re: [pfSense] USB3 to ethernet adaptor

2016-05-26 Thread RB
On Wed, May 25, 2016 at 6:25 PM, Volker Kuhlmann > I disagree. While it'll work, its security is nowhere near the same. It > depends on the VLAN switch's firmware being bugfree (we all know about > how likely that is), it adds complexity, and it mixes physically > separate networks together on one

[pfSense] enabling authenticated ntp ?

2016-05-26 Thread Valerio Bellizzomi
Is it possible to do from the web interface? thanks ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] IPSec nat issue

2016-05-26 Thread Rosen Iliev
Hi Lyle, Which IP they are pinging exactly? Rosen Lyle wrote on 5/25/2016 6:54 PM: I am trying to install a new pfSense appliance running 2.3 Release. works fine until I setup a IPSec tunnel. The other end has a conflict with our LAN addressing(192.168.1.0/24). So in phase 2, we setup a

Re: [pfSense] IPSec nat issue

2016-05-26 Thread Peder Rovelstad
On 5/26/2016 2:09 PM, Rosen Iliev wrote: > The other end has a conflict with our LAN addressing(192.168.1.0/24). > So in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 for the > local Network. NAT/BINAT network of 192.168.85.0/24. Their remote > network is 192.168.75.0/24. It's

Re: [pfSense] IPSec nat issue

2016-05-26 Thread Mark Wiater
On 5/26/2016 2:09 PM, Rosen Iliev wrote: > The other end has a conflict with our LAN addressing(192.168.1.0/24). > So in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 for the > local Network. NAT/BINAT network of 192.168.85.0/24. Their remote > network is 192.168.75.0/24. It's probably

Re: [pfSense] IPSec nat issue

2016-05-26 Thread Vick Khera
On Wed, May 25, 2016 at 8:54 PM, Lyle wrote: > The other end has a conflict with our LAN addressing(192.168.1.0/24). So > in phase 2, we setup a Tunnel IPv4 using 193.168.1.0/24 > > for the local Network. NAT/BINAT network of 192.168.85.0/24. Their > remote network is

Re: [pfSense] Strange fe80::1:1 link-local address on LAN interface

2016-05-26 Thread Olivier Mascia
By the way, this is on a pfSense/Netgate device and I still have at least 2 support incidents available. I'd happily burn at least one of them to have someone remotely check this. I'll be back on site within 2 hours from this post, I'll check the web by then for the proper procedure to open a

[pfSense] Strange fe80::1:1 link-local address on LAN interface

2016-05-26 Thread Olivier Mascia
LAN Interface (lan, igb0) Status up MAC Address 00:08:a2:09:58:96 IPv4 Address10.32.0.1 Subnet mask IPv4255.255.0.0 IPv6 Link Local fe80::1:1%igb0 (???) IPv6 Address2a02:578:4d07::1 Subnet mask IPv664 MTU