On Mon, Sep 12, 2011 at 9:26 AM, Ray r...@renegade.zapto.org wrote:
Hi,
I have trouble with the NAT configuration on 2.0RC3. Can someone help?:
Are you trying to get internet via pfsense's WAN or via the vpn?
Do any of your hosts on any of the local interfaces (vrX) have
internet
On Wed, Sep 21, 2011 at 8:46 AM, Jim Pingle li...@pingle.org wrote:
Although for my network I use pfSense at the edge and an Asus RT-N16
running Tomato for my wireless N needs.
Ditto, except Netgear WNR3500L + Tomato. Also seriously considered
buying a couple Ubiquiti Unifi for the vlan
On 2011 9 22 11:09, Nathan Eisenberg nat...@atlasnetworks.us wrote:
Hey List,
I was just handed a sprint 3g/4g hotspot manufactured by Sierra Wireless,
which includes connectivity over USB. I was curious if anyone has tried
getting BSD to recognize such a device as an interface.
I think
I'd like to do some updating and clean-up in the wiki, but I don't see
anywhere to register a user account. Is this something the devs can
grant to me? Please?
db
___
List mailing list
List@lists.pfsense.org
I have the SIP client in my Android 2.3 phone set up to register to my
local Askozia (Asterisk) PBX. The problem I'm having is that if I use
the FQDN of the PBX server, the SIP client only registers when I'm off
the network. In order to have the SIP client register successfully
when on the local
On Tue, Nov 29, 2011 at 9:27 AM, Ugo Bellavance u...@lubik.ca wrote:
I attached a diagram of what I would like to achieve.
You can achieve that without NAT. Simply set up pfsense with two
interfaces, addressed 172.30.100.254/24 and 192.168.99.4/24
respectively. Now, depending on whether you
2012/1/25 Jürgen Echter j.ech...@echter-kuechen-elektro.de:
You're using Reject rather than Block, which operates only on TCP/UDP.
Any other packet type will not match that rule.
db
___
List mailing list
List@lists.pfsense.org
On Wed, Jan 25, 2012 at 12:11 PM, Moshe Katz mo...@ymkatz.net wrote:
He said he can access web pages so it's not even rejecting TCP.
Thanks. I missed that.
Jürgen, are you using a transparent proxy, like squid? I believe this
will bypass your firewall rules for ports and interfaces that it
On Wed, Feb 8, 2012 at 5:07 PM, Jason T. Slack-Moehrle
slackmoeh...@gmail.com wrote:
I do see that: 'Automatic outbound NAT rule generation' is indeed on.
Right, so your public IPs are getting NATed on their way through
pfsense. Turn it off (ie, from automatic to advanced).
db
On Wed, Feb 8, 2012 at 5:13 PM, Jason T. Slack-Moehrle
slackmoeh...@gmail.com wrote:
So then I would create a rule from from WAN to a specific IP on the
DMZ for any 80? I have had that rule in place but I dont get the site
when I hit it.
I think you're still talking about inbound NAT (aka,
On Sat, Feb 18, 2012 at 11:00 PM, Chris Buechler c...@pfsense.org wrote:
it's not able to be limited by the advanced options on a firewall
rule.
Some managed switches provide the ability to limit traffic at layer 2.
It might be worth looking into that option as well.
db
On Sat, Feb 25, 2012 at 11:31 PM, Tom S pfsense-l...@y-tech.co.il wrote:
The server is IBM with onboard Broadcoms, 3.0ghz Xeon CPU with 2 cores. We
have average of 9000-1 states on the state table, something like
1000-1500 users.
Your CPU numbers look high to me. I have a system here
On Mon, Feb 27, 2012 at 1:35 AM, David Burgess apt@gmail.com wrote:
On Sat, Feb 25, 2012 at 11:31 PM, Tom S pfsense-l...@y-tech.co.il wrote:
The server is IBM with onboard Broadcoms, 3.0ghz Xeon CPU with 2 cores. We
have average of 9000-1 states on the state table, something like
1000
On Mon, Feb 27, 2012 at 1:36 AM, David Burgess apt@gmail.com wrote:
Your CPU numbers look high to me. I have a system here with very
similar traffic and pps numbers to yours, albeit with fewer users
(~200). Pfsense here is running on an Atom D510 with on-board Intel
GBE NICs. 7 vlans
On Mon, Mar 19, 2012 at 11:56 AM, Ugo Bellavance u...@lubik.ca wrote:
Hi,
The system I inherited of denies all ICMP requests by default, even
internally. Is that a good idea? I think that echo/reply should at least
be allowed internally. Opinions?
I'm probably wrong, but I'm not aware
On Mon, Mar 19, 2012 at 12:07 PM, David Burgess apt@gmail.com wrote:
I have it enabled on all my interfaces
I should clarify by saying that I allow ICMP echo requests on all
interfaces, not all ICMP. This does not appear to prevent me from receiving
other types of ICMP packets, as I can
On Wed, Mar 21, 2012 at 11:08 AM, Adam Piasecki apiase...@midatlanticbb.com
wrote:
What hard drive is recommended for pfSense. Or can someone tell me what
your running.
I use a Lexar Professional 2G and 4G compact flash with the embedded
version in a couple of pfsenses. I deployed about a
I hate to resurrect an old thread, but this was never resolved for me, and
the workaround that I was using is no longer valid due to a change in the
situation.
The old thread is here:
http://www.mail-archive.com/list@lists.pfsense.org/msg00260.html, but just
to quickly recap, I have a web server
On Thu, Mar 22, 2012 at 12:17 AM, Chris Buechler c...@pfsense.org wrote:
That's not the same scenario you described in the previous thread
unless it's just not explained as thoroughly.
In the previous thread I included a second pfsense, but didn't mention
it this time since the traffic in
On Thu, Mar 22, 2012 at 9:15 AM, Adam Piasecki
apiase...@midatlanticbb.com wrote:
1) Windows has TRIM support for ware-leveling. Does FreeBSD include this?
I can't speak to FreeBSD, but pfsense does not as of 2.0
2) If 8.1 does not support ware-leveling, would it be recommend that we not
On Thu, Mar 22, 2012 at 6:32 AM, Jim Pingle li...@pingle.org wrote:
Is this your only WAN?
No. It is one of a load-balanced pair.
Does your rule passing out traffic to this server
have a gateway set?
Yes. All traffic from the LAN to this server is policy routed through
the correct gateway.
On Fri, Mar 23, 2012 at 12:53 AM, David Burgess apt@gmail.com wrote:
Is this the part
where I activate Bypass firewall rules for traffic on the same
interface? And which pfsense do I need to do that on?
I checked that box on both pfsenses separately and neither fixed the
problem
On Fri, Mar 23, 2012 at 1:14 AM, David Burgess apt@gmail.com wrote:
I'm not sure how to fix this, so hints are most welcome.
Well, I think I have a solution. It appears that it is as simple as
not setting a gateway in the policy routing rule for destinations that
are on an attached subnet
On Mon, Apr 23, 2012 at 8:28 AM, justino garcia jgarciaitl...@gmail.comwrote:
Hi Group,
I noticed Checkpoint, Cisco, Sonicwall, and bunch of other firewalls have
a App for SmartPhones and Tabelts.
Any idea for Pfsense, IPSEC ssl vpn app???
I would like simple setup for vpn
Cyanogenmod
The docs (http://doc.pfsense.org/index.php/VMwareAppliance) state that
there is no longer a current vmware appliance for download. Is there a
particular reason for this? Are there plans to reinstate that at some
point?
db
___
List mailing list
On Tue, May 1, 2012 at 10:10 AM, Moshe Katz mo...@ymkatz.net wrote:
If you look at the Snapshots server, it seems that there are VMWare
snapshots.
Good. Thank you.
db
___
List mailing list
List@lists.pfsense.org
Hi all,
I don't have much experience with captive portal, so I'm doing some
testing with 2.0.1 in a vm. It's a bog standard WAN-LAN setup with CP
enabled on the LAN. I don't want any authentication, I simply want to
present a small html page with links to a couple of web sites. I have
created
On Tue, May 1, 2012 at 10:54 AM, David Burgess apt@gmail.com wrote:
When the LAN user clicks on the link the browser just times
out. I changed the link to http://www.paypal.com, but the browser
still times out, and I believe it's because paypal is redirecting to
https.
To answer my own
On Thu, May 3, 2012 at 11:05 AM, Noam Birnbaum
n...@maccentricsolutions.com wrote:
Is pfSense the right choice for this environment?
You didn't mention the (arguably) most important feature of your
proposed environment, which would be throughput expectations.
For the feature set you mentioned
On Thu, May 3, 2012 at 11:55 AM, Noam Birnbaum
n...@maccentricsolutions.com wrote:
Good call, David --
They current have dual WAN -- 40/40 WiMAX and 50/10 cable. I expect that as
they grow these pipes will at least double.
pfsense should do fine, but last I looked most of the netgate stuff
On Tue, Jun 5, 2012 at 9:42 AM, Jens Kühnel pfse...@jens.kuehnel.org wrote:
Sorry, I forgot to mention. The interrupt load happens when no traffic
is going through. It's not a traffic problem.
What you're describing is odd, but I will echo Chris' point, which is
that the ALIX has no hope
On Jun 9, 2012 12:47 PM, Larry Sampas la...@larrysampas.com wrote:
For my small-office installs the Supermicro Atoms are doing great, but I
have not yet had one at scale (thousands of concurrent states running at
20Mbps).
I have that same board on a 30/3 connection that hits 30,000 states on a
On Tue, Jun 26, 2012 at 1:46 PM, Paul Cockings
opensourceproje...@mail26.com wrote:
1. (broad question... beat me up if like..) Are microwave links hackable
and therefore I should consider some type of encryption on that link
Unless it's a laser, wireless transmitter is broadcasting to the
On Thu, Jun 28, 2012 at 10:11 PM, Paul Gear p...@gear.dyndns.org wrote:
What should be my next troubleshooting step?
memtest? Different NICs?
Have you looked at your MBUF usage (netstat -m)? I get similar
symptoms after running out of MBUFs, but if you followed the first
step in the doc you
On Wed, Aug 8, 2012 at 10:00 AM, Karmstrong karmstr...@kyronex.com wrote:
We have run into the common problem of web site access randomly stopping.
For instance, at one of our locations google.com no longer works. At
others, yahoo.com can not be accessed. We can not pull the sites up in a
On Sep 26, 2012 4:50 AM, İhsan Doğan ih...@dogan.ch wrote:
the built in Via Rhine ethernet interfaces do not support VLAN
HW tagging
News to me. I have one running with vlans just fine. You may have other
issues.
db
___
List mailing list
On Sep 26, 2012 5:50 AM, Chris Bagnall pfse...@lists.minotaur.cc wrote:
Update: a quick read of its spec sheet indicates it only supports 3.3v:
http://soekris.com/products/net5501.html
So it might be that your Intel NIC is expecting 5v signalling, especially
if it's an old (pre-PCI 2.2) card.
On Oct 5, 2012 7:57 AM, Ståle Johnsen stale.john...@gmail.com wrote:
Hi.
I don't think that is possible since the logged incident was a couple of
days ago and I as far as I know torpig does not send data to the CC server
all the time?
As suggested earlier, I would block everything to those
After rebooting pfsense this morning the dashboard is displaying CPU
TypeIntel(R) Core(TM) i3 CPU 540 @ 3.07GHz. Whereas it used to
display the actual CPU frequency (powerd is enabled), now it does not.
Any idea why?
db
___
List mailing list
On Tue, Nov 6, 2012 at 12:30 PM, Jim Pingle li...@pingle.org wrote:
I have a Sandisk 200x (30MB/s) 4gb card here that is very speedy.
However, it has an annoying quirk with the disk layout that makes
FreeBSD spit an error message on every rw mount. Annoying log spam, but
it's still speedy.
On Wed, Nov 7, 2012 at 9:46 AM, Jim Thompson j...@netgate.com wrote:
We've also never had a Kingston CF fail that I know of.
Thanks, everybody, for the feedback. I settled on a Sandisk 200x 8GB. There
were some Kingston's available with much faster ratings, but after reading
some reviews of
On Sat, Dec 8, 2012 at 9:20 AM, David Lawley dlaw...@carolina.rr.com wrote:
Been thinking about updating to current 2.1 Beta.
Curious what issues folks have run into, if any. I'm sure there might be
one or two gotchas along the way...
Some CF cards are exceptionally slow to change from ro
On Sat, Dec 8, 2012 at 11:10 AM, Chris Bagnall
pfse...@lists.minotaur.cc wrote:
You, sir, have my thanks.
Good news:
http://forum.pfsense.org/index.php/topic,48256.msg302923.html#msg302923
I haven't tried it myself yet.
db
___
List mailing list
On Mon, Dec 24, 2012 at 2:04 AM, Chris Buechler c...@pfsense.org wrote:
Renato (rbgarga), a long time contributor on
the open source side, is starting full time with us on January 2. His
first month will largely be dedicated to 2.1, and a month of work will
be enough to get it to RC1 status
2.0.2-RELEASE (amd64)
Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
I have a traffic graphs applet running on the dashboard. This machine
has 16 interfaces, but only 6 graphs are expanded by default. The
graphs update every 1 second. Under 2.0 (and the betas) these graphs
worked well, even when running
On 2013-01-05 4:59 AM, Eugen Leitl eu...@leitl.org wrote:
With the speed of courrent connections (100+ MBit/s)
lulz. You noticed Hugo is in Canada, eh? To be fair, we can get up to 250
Mbps in a few urban centres, but 6/1 DSL is way more common by my
accounting.
That said, I ran pfSense on an
On 2013-01-05 10:16 AM, David Burgess apt@gmail.com wrote:
Hugo
Sorry, Ugo, autocorrect.
db
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Thu, Jan 31, 2013 at 12:29 PM, j...@millican.us j...@millican.us wrote:
Hello,
Probably a newbish question but I would like a sanity check before I go down
a blind alley. I have a /27 from my provider feeding into a pfSense 2.0.2
box. I was hoping to be able to Bridge the WAN to one of
On Thu, Feb 21, 2013 at 11:03 AM, Gerald Waugh
gwa...@frontstreetnetworks.com wrote:
I must be missing something basic.
I have setup several pfSense systems, but my latest one in not blocking.
this current firewall
I have several firewall rules for the WAN port, and none are working.
stupid
On Thu, Feb 21, 2013 at 2:12 PM, Gerald Waugh
gwa...@frontstreetnetworks.com wrote:
No rules are currently defined for this interface
All incoming connections on this interface will be blocked until you add
pass rules.
Are you using squid or some other proxy? If your hosts are talking to
a
On Fri, Feb 22, 2013 at 9:22 AM, b...@todoo.biz b...@todoo.biz wrote:
Hi,
I was wondering if It is normal that snort takes ages to reload after each
modification we are doing ?
It takes an average of 1 to 5 minutes to reload and give back the control
through the GUI.
Which version of
On Mon, Apr 29, 2013 at 10:01 AM, Chris Bagnall
pfse...@lists.minotaur.ccwrote:
On 29/4/13 2:35 pm, j...@millican.us wrote:
I have a task to connect a number of small/home offices via VPN (OpenVPN
is preferred but could be IPSEC) to a central location that has a
pfSense box as its FW/Router.
On Mon, Apr 29, 2013 at 10:35 AM, Chris Bagnall
pfse...@lists.minotaur.ccwrote:
On 29/4/13 5:11 pm, David Burgess wrote:
It could just be my own ignorance, but I have had little success trying to
connect a pair of pfsense firewalls via OpenVPN.
Really? I must admit it's always Just Worked
I'm sure this is documented somewhere, but I just can't find it, so I
apologize for asking again.
There appear to be two delays when booting pfsense, the first at the F1
prompt, the second at the menu of 10 ways to boot pfsense. I'm running
nanoBSD, so I don't want to remove the F1 prompt, but I
On 2013-05-21 10:28 PM, Makara chanmak...@gmail.com wrote:
Hi List,
We are using pfsense for NAT purpose, around 1000 customers concurrent
and the bandwidth is around 500MBPS. We have problem the pfsense is stuck
around 1 or 2 week always.
You may want to try some of these:
On Tue, Jun 4, 2013 at 9:36 AM, Nishant Sharma codemarau...@gmail.comwrote:
On 4 Jun 2013 20:59, Ermal Luçi e...@pfsense.org wrote:
That means probably mbuf exhaustion.
Can you try up kern.ipc.nmbclusters=131072
That is already in place. I increased it after few crashes 3 months
Let me keep an eye on MBUF utilisation tomorrow.
Does anyone know the SNMP OID for MBUF, if it can be monitored over it?
Maybe not as handy as SNMP, but I have used the following cron job to
monitor mbufs.
00***root/bin/date /conf/netstat-m.log ;
/usr/bin/uptime
*2.1-BETA1 * (amd64)
built on Wed May 1 12:20:46 EDT 2013
FreeBSD 8.3-RELEASE-p8 https://fv.tfcg.co:444/#
I've had a couple of lock-ups in the past month where pfsense is
unresponsive on all interfaces, at least at layer 3. This is a remote site
so I don't have access to layer 2 or the vga
On Sat, Jun 8, 2013 at 8:36 PM, Jason Pyeron jpye...@pdinc.us wrote:
**
The only time I have observed that type of problem was when the power
supply was browning out, ensure that your power supply is of a good quality
and sufficient amperage.
Thanks for the input. My power supply is
Use an alias as your source. Aliases can be created in Firewall:
Aliases and can reference multiple addresses, ranges, and/or subnets.
db
On Tue, Sep 3, 2013 at 2:30 PM, Marc R. Meshurle Jr. m...@katotech.com wrote:
I have a situation where I am doing external LDAP authentication with a mail
On Tue, Sep 3, 2013 at 2:38 PM, David Burgess apt@gmail.com wrote:
Use an alias as your source. Aliases can be created in Firewall:
Aliases and can reference multiple addresses, ranges, and/or subnets.
db
Sorry for the previous top-post. Gmail is sneaky.
db
On Wed, Sep 25, 2013 at 2:17 PM, Adam Thompson athom...@athompso.net wrote:
If I'm not mistaken, this is the rule that prevents me from reaching the
remote subnet via 184.70.48.188. Unfortunately, this is a system-generated
rule. Suggestions?
Are you suggesting that all of the traffic
In a recent thread there was mention of a RRD bug when upgrading to 2.1 on
nanobsd systems where the /tmp filesystem would fill up, resulting in a
sytem with no valid interfaces.
I have two production systems to be upgraded, one running 2.0.1 and the
other running 2.1RC0, both nanobsd, so this
On Tue, Oct 1, 2013 at 3:45 AM, Seth Mos seth@dds.nl wrote:
No idea why it isn't doing that for you. I only know of issues on nanobsd.
Cheers,
Seth
That's twice in 12 days you've mentioned that. Care to elaborate? I've done
some searching and found nothing that looks like what you've
Are there any plans to implement this in pfsense? I do a lot of PtP links
and this would be handy.
db
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Wed, Oct 9, 2013 at 10:38 AM, Jim Thompson j...@netgate.com wrote:
So asking the question is stupid(*), because a lie is indistinguishable
from the truth.
I disagree on that point. Even if one is sure to get a no answer,
regardless of the truth, it is still useful to ask the question for
On Oct 9, 2013 7:05 PM, Jens Kühnel pfse...@jens.kuehnel.org wrote:
NanoBSD, update 2.1 and embedded, but could not find anything.
I also checked the forum, but I could only find file system full when
I too came up dry when researching this issue. I ended up grabbing a spare
system and
On Fri, Oct 11, 2013 at 2:58 PM, Jens Kühnel pfse...@jens.kuehnel.orgwrote:
and are where are possibilities to change that? It's not in the fstab!
/etc/rc.embedded
___
List mailing list
List@lists.pfsense.org
On Fri, Oct 11, 2013 at 3:25 PM, Jim Pingle li...@pingle.org wrote:
On 2.1 you can adjust the /var and /tmp sizes under System Advanced on
the Miscellaneous tab.
Right! I had forgot about that.
So following the original topic, could one more probably ensure a
successful upgrade to 2.1 by
On Jan 22, 2014 6:59 PM, Brian Caouette bri...@dlois.com wrote:
What would cause CPU to run high on pfSense? I'm not running any extra
packages. I am back to the base install. I doubled my memory thinking it
would help with performance. It didn't. Is there a way to see everything
running and
pfsense 2.1 amd64
I'm using the shaper with the priq scheduler and a WAN bandwidth of
2100 kbit/s. Looking at my RRD Quality graphs, latency to my next hop
on WAN gets really high and packet loss tops 50% during a period of
time where the WAN out max speed is showing 2.27 Mbps.
How is the WAN
pfsense 2.1
I have internal subnets in the 10.0.0.0/14 address space and also a
public subnet x.x.x.240/28 that is routed statically to pfsense's WAN
address. pfsense sits at the edge of the network and I have another
router whose only internet access is through pfsense. The x.x.x.240/28
public
On Feb 11, 2014 5:55 AM, Jim Thompson j...@netgate.com wrote:
Thanks for this.
As before, we'll supply a solution for pfSense on the ERL after 2.2
(based on FreeBSD 10) after 2.2 drops.
-- Jim
That's great news. Does anybody care to speculate whether FreeBSD will be
able to take advantage
On Wed, Feb 12, 2014 at 8:30 AM, Jim Thompson j...@netgate.com wrote:
you know it’s ipv4-only, right? (there should be a layer2 version as well,
but you can’t run both.)
If I had a choice between v4-only acceleration and no acceleration,
I'd take the former.
I'm using two of these devices
On Thu, Feb 13, 2014 at 9:54 AM, Andrew Hull l...@coffeebreath.org wrote:
My knee jerk reaction is that this is A Bad Thing(tm), and I reloaded the
devices with images from ESF. Does anyone here have a strong opinion one way
or the other?
My first reaction is that the branding is a good
pfsense 2.1
Sometimes I want to make multiple changes to a portion of my config,
such as static routes. Rather than plowing through the GUI, I just
download that portion of the config, edit, and upload again.
At this point the GUI tells me the config has been uploaded, but the
new static routes
pfsense 2.1 amd64
When I enter an alternative monitoring IP and hit save, pfsense takes
me back to the list of gateways and the monitoring IP is listed as the
default. I've tried entering a couple of addresses in there and they
don't stick after hitting Save or Apply. What am I missing?
db
On Thu, Feb 20, 2014 at 9:39 PM, Ryan Coleman ryanjc...@me.com wrote:
I saw this today with 2.0.3 and it was caching the page. Have you tried a
different browser?
Yes, and from a different computer. I've also tried force reloading the page.
db
___
On Fri, Feb 21, 2014 at 7:50 AM, tibz ti...@tibir.net wrote:
Basically, we are protecting a /24 public network and would like to limit
some IPs to some bandwidht, ie:
IP-1 to IP-10 at 1mbps each
IP11 to IP-20 at 2mbps each
IP21 to IP-30 at 5mbps each
the rest default up to 10mbps each
I
On Sun, Feb 23, 2014 at 3:37 AM, Chris Buechler c...@pfsense.org wrote:
Do you by chance have duplicate gateway entries in your config?
There was a duplicate entry in the config. I deleted it and all is
working as expected now. Thanks for the tip.
On a related note, is there no partial config
I have a gateway on a local link (via wireless bridge) that is being
reported as down. When I attempt to ping that gateway from the shell I
get
[2.1-RELEASE][root@pfsense]: ping 10.1.0.253
PING 10.1.0.253 (10.1.0.253): 56 data bytes
ping: sendto: Invalid argument
but if I 'arping' the same host
On Mon, Feb 24, 2014 at 3:19 PM, Brian Candler b.cand...@pobox.com wrote:
Do you see anything in 'dmesg' when you do this?
Yes. Thanks for the tip. I see nothing but a sea of arpresolve: can't
allocate llinfo for 10.1.0.253. Some googling turns up this:
https://redmine.pfsense.org/issues/337
On Tue, Feb 25, 2014 at 2:20 AM, Brian Candler b.cand...@pobox.com wrote:
This looks wrong. I don't see why destination 10.1.0.253 has a static route
to 10.1.0.253.
I agree. I'm not sure why that's there. Here's some additional info.
Action -- Result
1. set all gateways to default -- no
After some playing with it I've learned a few things. The gateway
groups appear to be irrelevant to my problem. Setting a gateway as DNS
server breaks the system. Reversing the setting doesn't fix the
problem because the self-referring route remains. I tried deleting the
route in the shell but I
On Tue, Feb 25, 2014 at 10:11 AM, Brian Candler b.cand...@pobox.com wrote:
Regards,
Brian.
Thanks for your input. I have decided to eliminate 10.1.0.253 as a DNS
resolver altogether, since the possiblity exist to create a DNS loop
due to the way my network is configured. I have opted instead
pfsense 2.1 amd64
From the RFC:
When a DHCP client requests the Classless Static Routes option and
also requests either or both of the Router option and the Static
Routes option, and the DHCP server is sending Classless Static Routes
options to that client, the server SHOULD NOT
On Tue, Feb 25, 2014 at 11:45 AM, David Burgess apt@gmail.com wrote:
If I didn't get it wrong, this is how it breaks down:
Ok, so I did get it wrong. The RFC states that with a mask width of 0,
there are 0 significant octets in the destination descriptor, so my
string had an extra 00
On Tue, Feb 25, 2014 at 4:59 PM, Jeremy Porter
jpor...@electricsheepfencing.com wrote:
The correct fix, is don't use the Static Route option, as class full routes
haven't made any sense since 1993.
DHCP option 121 is specifically for classless routes.
I've always seen the server side
Pic attached. This situation has survived many reboots. Is there are
remedy for this?
db
attachment: blanks.PNG___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
On Wed, Feb 26, 2014 at 3:46 PM, Ryan Coleman ryanjc...@me.com wrote:
Did you update the software before they started appearing? I’ve seen things
from 2.0 to 2.1 not carry over all their information.
I believe this system was a fresh install of 2.1 with config by hand.
I know that I did
It's funny how something can dog you for a long time, and as soon as
you ask for help, you get new insight.
I found and deleted three staticmap/ tags in the DHCP config file,
uploaded it again, and the lines are gone.
db
___
List mailing list
On Wed, Mar 5, 2014 at 11:31 AM, Ryan Coleman ryanjc...@me.com wrote:
It appears I can throttle individual users on the Captive Portal, but how can
I limit the speed of that entire network? Is that through Traffic Shaping?
And how would I do that?
Create a limiter (up and down, if desired)
On Mar 19, 2014 2:33 PM, Brian Candler b.cand...@pobox.com wrote:
(1) MTU problem / PMTU discovery / blocked ICMP
Was my first thought.
db
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
On Thu, Mar 20, 2014 at 10:12 AM, Ryan Coleman ryanjc...@me.com wrote:
So I’m going to try and fix it if there’s someone that is willing to help me
out today.. this just blows my mind - it’s like it loses the firewall
configuration and then falls to a default.
None of the VLANs are passing
On Wed, Mar 26, 2014 at 9:57 AM, Vick Khera vi...@khera.org wrote:
it should work. it will prompt you for the new NICs to map into
WAN/LAN and you're good to go.
I'm just getting a generic error. I don't see anything in the system
log or dmesg to indicate what went wrong. I did edit the config
On Wed, Mar 26, 2014 at 10:12 AM, David Burgess apt@gmail.com wrote:
I'm just getting a generic error.
I found a missing xml tag using N++'s XML plugin from where I had
manually added some vlan interfaces. You learn something every day.
db
On Thu, Mar 27, 2014 at 1:37 PM, greg whynott greg.whyn...@gmail.com wrote:
if you RDP to: you'll land on the internal server:
host1.foo.com 10.101.1.2
host2.foo.com 10.101.3.4
host3.foo.com 10.101.1.8
If you're using pfsense's DNS forwarder you can add host overrides
Anyone else seeing apinger losing packets while ping doesn't?
For many days now the gateway widget on my 2.1 box has been reporting
packet loss in the 300-500% range. Meanwhile ping and RRD show no packet
loss.
This same system was recently showing a baseline of 2% loss in RRD while
ping showed
I just upgraded a nanoBSD system from 2.1 to 2.1.3. All appeared to go
well, except that the Quagga OSPF package was not automatically
reinstalled after the reboot. Four other packages were automatically
reinstalled.
I thought I saw Quagga OSPF being installed when I reloaded the
dashboard
On Sat, May 3, 2014 at 4:23 AM, David Burgess apt@gmail.com wrote:
I just upgraded a nanoBSD system from 2.1 to 2.1.3. All appeared to go
well, except that the Quagga OSPF package was not automatically
reinstalled after the reboot. Four other packages were automatically
reinstalled.
Just
1 - 100 of 113 matches
Mail list logo
