Thanks. Do you have this device running pfsense?
--
Eero
2016-05-03 17:51 GMT+03:00 WebDawg <webd...@gmail.com>:
> On Tue, May 3, 2016 at 2:08 AM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
> > Hi,
> >
> > Does anyone has instructions how to
Hi,
Does anyone has instructions how to install pfsense on watchguard XTM 810?
which image is requires? is console cable required? what type of console
cable is needed?
--
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Any ideas where to find perfect pfsense box for home usage.
Must be cheap and silent? netgate device? shuttle box?
--
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
Well, that sounds like lifetime setting is not correct on another endpoint?
Eero
3.8.2016 3.07 ap. "Francois Roussy" kirjoitti:
> Hi,
>
> I have a ipsec tunnel between a pfsense 2.3.2 and a fortigate 200d
>
> Every ~24h, there is a small disruption because it seem the
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: Wednesday, August 03, 2016 2:37 AM
> To: pfSense Support and Discussion Mailing List <list@lists.pfsense.org>
> Subject: [pfSense] looking for perfect pfse
<alfred.ta...@gmail.com>:
> Any documentation about vlan ? Do u have some to share?
>
> Perhsps my pfsrnse have two nics lan and wan so u mean to get the third nic
> for vlan?
>
> Alfredo Tapia Sabogal
> El jul. 19, 2016 1:47 AM, "Eero Volotinen" <eero.voloti
What is wrong with UniFI AC "square models" ?
Currently running three of them at office -- they work fine :)
Eero
2016-07-18 17:51 GMT+03:00 Jeppe Øland :
> On Sun, Jul 17, 2016 at 3:13 PM, WebDawg wrote:
>
> > UniFi AP-AC-Pro is a great AP. Though to
AP to the lan switcher and create a fw rule where this AP
> comming from i guess so is the best way to simplify the headaches
>
> Regards
>
> Alfredo Tapia Sabogal
> El jul. 19, 2016 1:21 AM, "Eero Volotinen" <eero.voloti...@iki.fi>
> escrib
Provide also logs from Cisco ASA.
NO_PROPOSAL_CHOSEN usually means that cipher specs does not match on both
sides. Could you provide screenshot from cipher settings.
--
Eero
2016-07-15 22:08 GMT+03:00 Marc R. Meshurle Jr. :
> x.x.x.x is the PFSense and y.y.y.y is the Cisco
>
it depends on ipsec configuration.
Eero
4.2.2017 12.16 ip. "Chris" kirjoitti:
> WebDawg wrote:
> > On Sun, Jan 15, 2017 at 7:57 AM, Chris wrote:
> >
> >> is a client able to change his assigned OpenVPN or IPSec IP?
> >>
> >> Are packets still
how about disabling pfs?
Eero
2017-02-03 13:25 GMT+02:00 Roland Giesler <roland@greentree.systems>:
> On Fri, Feb 3, 2017 at 1:19 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
>> It's a bit antique selection of ciphers.
>>
>
> It is indeed.
It's a bit antique selection of ciphers.
Problem is in DH group. try enabling same DH also in pfsense.
--
Eero
2017-02-03 13:17 GMT+02:00 Roland Giesler <roland@greentree.systems>:
> On Tue, Jan 24, 2017 at 8:16 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
>
What hardware is other side running? Why you are trying to use 3des?
Eero
2017-01-17 16:36 GMT+02:00 Roland Giesler :
> We've battled all afternoon to establish an IPSec site-to-site connection.
> Here's what happens:
>
> TimeProcessPIDMessage
> Jan 17 15:58:53
The process will require 14 MiB more space.
73 MiB to be downloaded.
Fetching php56-5.6.30.txz: .. done
pkg: php56-5.6.30 failed checksum from repository
something wrong with the packages?
--
Eero
___
pfSense mailing list
for some reason my pfsense crashed & corrupted fs during upgrade :(
Eero
23.2.2017 2.57 ap. "Dave Warren" <da...@hireahit.com> kirjoitti:
> On Wed, Feb 22, 2017, at 10:23, Eero Volotinen wrote:
> > The process will require 14 MiB more space.
> >
> >
Who is reselling lanner units in europe?
I just bought one lanner unit from china.it looks perfect for my home
usage..
Eero
21.8.2016 10.22 ap. "Kendrick Vargas" kirjoitti:
> Don't know how late I am to the game on this suggestion, but I am quite
> happy with the Lanner Inc.
Err. Impossible.
Eero
2.9.2016 12.25 ip. "A Mohan Rao" kirjoitti:
> I need https transparent squid3 without import CA Certificate at
> client computer with https squid reports.
>
> pls give idea if any body already configured it.
>
>
> Thanks
> Mohan
>
> On Fri, Sep 2,
how to configure this kind of setup to pfsense?
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
https://doc.pfsense.org/index.php/Create_a_Software_RAID1_(gmirror)
.. backup and config restore works from management gui..
eero
24.10.2016 5.47 ip. "Chris" kirjoitti:
> All,
>
> 1. I've a pfSense installation without software raid. Is it possible to
> re-install
ok. does it also sync all settings like ipsec and openvpn keys?
Eero
16.11.2016 7.14 ap. "Chris L" <c...@viptalk.net> kirjoitti:
> > On Nov 15, 2016, at 1:50 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
> >
> > same ports? you mean that same por
I think it is possible to use lagg interface for workaround with interface
naming?
Eero
2016-11-16 7:14 GMT+02:00 Chris L <c...@viptalk.net>:
> > On Nov 15, 2016, at 1:50 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
> >
> > same ports? you mean tha
Hi List,
What are requirements for pfsense ha clustering? does any of x86 hardware
work with ha? does hardware need to be identical?
--
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold!
ility
> Sync/Configuration Synchronization Settings (XMLRPC Sync)" there is a
> "Remote System Username" field. That field is ignored, and "admin" is
> always used.
>
> --
>
> Steve Yates
> ITS, Inc.
>
> -----Original Message-
> From: Lis
Well, it just don't find any updates. (from console or from webgui)
Eero
2016-11-02 19:29 GMT+02:00 Renato Botelho <ga...@freebsd.org>:
> > On 2 Nov 2016, at 14:59, Eero Volotinen <eero.voloti...@iki.fi> wrote:
> >
> > thanks.
> >
> > Any idea why I
Nanobsd on 2GB cf card.
Eero
2016-11-02 20:18 GMT+02:00 Renato Botelho <ga...@freebsd.org>:
> On 2 Nov 2016, at 15:40, Eero Volotinen <eero.voloti...@iki.fi> wrote:
>
> Well, it just don't find any updates. (from console or from webgui)
>
>
> What is your pla
fixed problems by reinstalling whole system with 2.3 release.
eero
2.11.2016 8.51 ip. "Eero Volotinen" <eero.voloti...@iki.fi> kirjoitti:
> Nanobsd on 2GB cf card.
>
> Eero
>
> 2016-11-02 20:18 GMT+02:00 Renato Botelho <ga...@freebsd.org>:
>
&g
Hi All,
Is there nowdays 32bit version of pfsense 2.3.x available?
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
Just configure radius with two factor authentication and point
authentication server to it:
sample how to configure two factor radius under linux:
http://www.supertechguy.com/help/security/freeradius-google-auth
I am using it with minor modifications for vpn and console+gui
authentication..
--
gt; I have a SG-2220, which is silent and adequate for most needs. Most are
> silent/fanless!
>
> Regards,
>
> Ian Jacobs
>
>
> > On 28 Mar 2017, at 07:59, Eero Volotinen <eero.voloti...@iki.fi> wrote:
> >
> > Hi List,
> >
> > Looking for pfsens
Hi List,
Looking for pfsense hardware that can handle 1000M/1000M internet
connection with NAT.
Any recommendations? It must be silent..
--
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold!
Well, I don't know PPS values :) This is just home gigabit connection for
.. surfing/movies/4K streaming :)
Eero
2017-03-28 15:13 GMT+03:00 Vick Khera <vi...@khera.org>:
> On Tue, Mar 28, 2017 at 2:59 AM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
> > L
ok. that sounds really bad: http://dilbert.com/strip/1998-08-24
Eero
30.3.2017 5.40 ip. "Claudio M." kirjoitti:
> In data mercoledì 29 marzo 2017 10:13:36, WebDawg ha scritto:
> > You can do two different subnets on one network, but it is not the way to
> > do things.
How about using vlan tagging?
Eero
2017-03-29 13:55 GMT+03:00 Claudio M. :
> Hi
> I've migrated a linux firewall to a 2.3.3-RELEASE-p1 pfsense.
> The old configuration was with 2 interfaces connected to adsl routers and
> an
> interface for the lan. Was configurated also a
http/https, vpn, torrent and 4k streaming :)
28.3.2017 7.50 ip. "Matthew Hall" <mh...@mhcomputing.net> kirjoitti:
> On Tue, Mar 28, 2017 at 09:59:05AM +0300, Eero Volotinen wrote:
> > Hi List,
> >
> > Looking for pfsense hardware that can handle 1000M/1
maybe you need something like this
https://doc.pfsense.org/index.php/Siproxd_package
Eero
20.3.2017 11.56 ap. "Martin Fuchs" kirjoitti:
> Hi !
>
> I have a Fritz!Box (router) connected to the internet (no other
> possibility).
>
> In i have NATted ESP, GRE, 4500, 500,
It's netgate pfsense SG-4860 running 2.4 final release
Eero
2017-10-17 17:23 GMT+03:00 <rai...@ultra-secure.de>:
> Am 2017-10-17 15:36, schrieb Eero Volotinen:
>
>> Hi All,
>>
>> Tried to configure lagg0 interface with vlans. Looks like traffic is not
>>
So, you mean that it is not working?
Eero
2017-10-17 17:32 GMT+03:00 <rai...@ultra-secure.de>:
> Am 2017-10-17 16:28, schrieb Eero Volotinen:
>
>> It's netgate pfsense SG-4860 running 2.4 final release
>>
>
>
> So, these are intel nics?
>
> Can you loo
Hi All,
Tried to configure lagg0 interface with vlans. Looks like traffic is not
passing in the interface.
Any ideas? It works fine, if I just configure interface with vlan, but not
with lagg interface
Setup is like this:
-> Lagg0 with two interfaces in failover mode and vlan tagging top of
so sad. how to downgrade to 2.3?
Eero
2017-10-17 17:57 GMT+03:00 :
> Am 2017-10-17 16:54, schrieb Ivo Tonev:
>
>> Even if your vlan dont bright up you can capture traffic on physical
>> interfaces with tcpdump.
>> See what you can capture before any other move.
>>
>
>
en two VMs running on the
> same hypervisor, more recently at a different ISP.
> Use iperf or something (anything!) better to make more accurate
> measurements before questioning pfSense, IMHO.
> -Adam
>
> On September 3, 2017 3:59:24 AM CDT, Eero Volotinen <eero.voloti...@iki.f
over 800Mbit/s, why it cannot upload at same speed?
(tester is speedtest-cli)
Eero
2017-09-03 13:52 GMT+03:00 Alexandre Paradis <alexandre.para...@gmail.com>:
> it might be your desktop cpu that is too weak.
>
> not enough info here.
>
> On Sun, Sep 3, 2017 at 4:
Hi,
Is there any setting to optimize pfsense nat speed?
Tried with speedtest and upload speed is abit slow?
Retrieving speedtest.net configuration...
Testing from Suomi Communications (77.246.193.181)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by
well. you cannot import config to different device without manually editing
the xml configuration
Eero
2017-10-24 14:03 GMT+03:00 Adrian Zaugg :
>
> Hi
>
> When loading a configuration file from a different device (with other
> NICs) to a freshly installed pfSense, it
rough the NetGate and it can not
> handle the load.
> >
> >
> > In other words, based on the limited info you provided, you have not
> provided proof that it's a problem with the NetGate.
> >
> >
> > Lyle Giese
> >
> >> On 11/25/17 06:34, Eero
just planning to upgrade my sg-8860 from pfsense 2.3 to 2.4. is there any
known issues?
it's not so complex setup, but running as our hq main firewall. so, some
ipsec and openvpn connections are running against it.
Eero
___
pfSense mailing list
traffic through the NetGate and it can not
> handle the load.
>
>
> In other words, based on the limited info you provided, you have not
> provided proof that it's a problem with the NetGate.
>
>
> Lyle Giese
>
>
> On 11/25/17 06:34, Eero Volotinen wrote:
>
>
thanks for links. looks like it might be wise to upgrade pfsense 2.4 and
enable --cipher AES-256-GCM on openvpn?
Eero
2017-11-25 20:01 GMT+02:00 Joseph L. Casale <jcas...@activenetwerx.com>:
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Be
an do, as indicated, is to run the “MTU” up such that
> the (OpenVPN) packet size increases, which reduces the overhead of both the
> TUN/TAP interface, as well as some of the overhead of handing relatively
> short packets to OpenSSL for encryption/decryption.
>
> Jim
>
Hi Ryan,
Ipsec is the way you want to go. We have multiple sites connecting our HQ
running sg-8860 with similar setup.
Please note that you need different ip ranges on each site. (for example
site1: 192.168.2.0/24, site2: 192.168.3.0/24 and hq site with 192.168.4.0/24
)
--
Eero
2017-11-22
Take look of this how to:
https://doc.pfsense.org/index.php/Routing_internet_traffic_through_a_site-to-site_IPsec_tunnel
adding site is simple, just replicate site A with different lan addressing.
Eero
2017-11-23 8:19 GMT+02:00 Eero Volotinen <eero.voloti...@iki.fi>:
> Hi Ryan,
Well. I have similar issue on my sg-8860. it complains about missing ssl
and php libraries :)
well. at least it boots from usb .. so I can do full reinstall + config
restore..
Eero
2017-11-23 18:59 GMT+02:00 Ryan Coleman :
> There’s likely a package you added to your
rewalls all without any problems.
>
>
>
> Am 26.11.17, 13:04 schrieb "List im Auftrag von Eero Volotinen" <
> list-boun...@lists.pfsense.org im Auftrag von eero.voloti...@iki.fi>:
>
> just planning to upgrade my sg-8860 from pfsense 2.3 to 2.4. is there
> any
&
Hi list,
We are running pfsense 2.3 on netgate sg-8860.
Device is connected to internet with gigabit link, but openvpn speed is
very slow (about 50Mbit/s). Any idea how to get more speed to vpn clients?
Eero
___
pfSense mailing list
reinstall with factory factory image from usb stick?
23.11.2017 18.09 "Elijah Savage" kirjoitti:
> I know it is an older model but after my attempt to upgrade my APU4 it
> would
> not reboot. I let it sit for 24 hours as it was still passing traffic but
> no
> reboot.
from usb stick?
Eero
23.11.2017 23.25 "Elijah Savage" <esav...@digitalrage.org> kirjoitti:
> Can't get it to boot on any image.
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: T
ges for "major" version upgrades but (per my past thread
> here ) I would think point versions are minor upgrades.
> >
> > --
> >
> > Steve Yates
> > ITS, Inc.
> >
> > -Original Message-
> > From: List [mailto:list-boun...@lists.p
I got similar problems on my device :) reinstalled it with 2.4.2 and did
restore from backup.
Anyway, do you have strace or similar tools installed in the box?
Eero
2017-12-04 21:57 GMT+02:00 Pete Boyd <petes-li...@thegoldenear.org>:
> On 04/12/2017 19:52, Eero Volotinen wrote:
> &
It might be possible to transfer static version of strace to box via ssh.
this might a bit tricky, but ..
--
Eero
2017-12-04 22:11 GMT+02:00 Pete Boyd :
> strace isn't installed, no packages are installed.
>
> Ideally I'd like to recover this to 2.3.5 or 2.4.2 if
well. for temporary fix, try hardcoding needed hostnames in /etc/hosts and
check also that your firewall rules allow access to dns server 53/udp and
tcp.
Eero
4.12.2017 22.41 "Pete Boyd" kirjoitti:
> On 04/12/2017 20:39, Adam Thompson wrote:
> > Do you have
Can you ssh into device and drop to shell?
Eero
2017-12-04 21:19 GMT+02:00 Pete Boyd :
> Hi. I upgraded a production SG-2440 running pfSense 64-bit 2.3.5 to
> 2.4.2 using the web GUI. There were no packages installed. It appeared
> to update OK, and rebooted
is dns (nameresolution) working correctly?
Eero
4.12.2017 22.29 "Pete Boyd" kirjoitti:
> On 04/12/2017 20:11, Steve Yates wrote:
> > If you ssh to the device and pick the option to update from its console
> menu, does it update there?
>
> No, those package
well. ssh into box and cat /etc/resolv.conf to see nameserver addresses. if
it contains 127.0.0.1 entry, then it is using dnsmasq/unbound or similar
dns cache.
I think it is under services tab..
Eero
4.12.2017 23.56 "Pete Boyd" kirjoitti:
> I'm not sure where to
Hi List,
After updating and restoring config to my SG-8860, it goes to endless boot
- reboot - crash loop.
Any idea how to test if this is hardware or software issue?
--
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Need to test that tomorrow. Just wondering how to attach remote debugger or
similar to get root cause of crash.
Eero
17.12.2017 19.57 "Joseph L. Casale" <jcas...@activenetwerx.com> kirjoitti:
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.
ok. I might be able to use screen to save output from firewall :) good idea.
Eero
2017-12-17 20:11 GMT+02:00 Joseph L. Casale <jcas...@activenetwerx.com>:
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: S
n stick with latter u can test
> 2.4.2 upgrade.
>
>
> On Sun, Nov 26, 2017 at 4:04 AM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
> > just planning to upgrade my sg-8860 from pfsense 2.3 to 2.4. is there any
> > known issues?
> >
> > it's
is this install image available in net? for netgate devices.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
looks like turning pfsync from on to off resolved this issue.
--
Eero
2017-12-17 20:11 GMT+02:00 Joseph L. Casale <jcas...@activenetwerx.com>:
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: Sunday, Decem
Hi,
installed pfsense ha system on office. it works, but experiencing about 25%
packet loss. any idea why? switch issue? failover works fine.
VIP lan gw ip is .1 but looks like traffic is going to .7 ip (normal ip of
fw) even dhcp offers .1 as gw. is this normal?
Eero
this long standing issue: https://redmine.pfsense.org/issues/4310
:(
Eero
2017-12-18 10:07 GMT+02:00 Eero Volotinen <eero.voloti...@iki.fi>:
> looks like turning pfsync from on to off resolved this issue.
>
> --
> Eero
>
> 2017-12-17 20:11 GMT+02:00 Joseph L. Casale &l
; gateway on a device on the LAN should be .1 (the "CARP" LAN IP).
>
> Are you getting packet loss if you ping the .1 address? The .7 address?
> Or just out to the Internet?
>
> --
>
> Steve Yates
> ITS, Inc.
>
> -Original Message-
> From: List [mailto:list
e
> > gateway on a device on the LAN should be .1 (the "CARP" LAN IP).
> >
> > Are you getting packet loss if you ping the .1 address? The .7 address?
> > Or just out to the Internet?
> >
> > --
> >
> > Steve Yates
> > ITS, Inc.
> >
Hi List,
Running ipv6 with dhcpv6 from isp and it works on my laptop without pfsense,
but on pfsense shell, I cannot even ping other network addresses that gw:
ping6 fe80::208:20ff:fe4e:1c1b
PING6(56=40+8+8 bytes) fe80::ae1f:6bff:fe43:a993%igb3 -->
fe80::208:20ff:fe4e:1c1b
16 bytes from
ftrag von st...@teamits.com>:
>
> Starting at the top level, do you have a firewall rule allowing ICMP
> for IPv6?
>
> --
>
> Steve Yates
> ITS, Inc.
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On B
Hi List,
I just bought two pieces of sg-8860 netgate devices and planning to convert
old unit to ha solution.
Is there simple way to convert units to ha with a bit editing xml backup?
--
Eero
___
pfSense mailing list
s in order to
> sync firewall states (em0 to igb0 won't sync).
>
> --
>
> Steve Yates
> ITS, Inc.
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
> Volotinen
> Sent: Saturday, December 2, 2017 11:04 AM
> To: p
job ;)
Eero
4.12.2017 19.16 "Chris L" <c...@viptalk.net> kirjoitti:
>
>
> > On Dec 4, 2017, at 9:07 AM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
> >
> > well. my plan was to add first carp vip addresses to old configuration
> with
> >
well. Just thinking site to site ipsec :)
anyway. not happy with meraki aes speed, but that might be problem on
meraki device..
Eero
10.12.2017 19.06 "Vick Khera" kirjoitti:
> If you're going to use IPSec mobile client with an iPhone, it does not seem
> to propose the GCM
Hi,
What is the best ipsec ciphers for aes-ni ipsec acceleration?
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
t;c...@viptalk.net>:
> On Dec 4, 2017, at 8:11 AM, Eero Volotinen <eero.voloti...@iki.fi> wrote:
> >
> > Well. is that really so hard?
> >
> > thinking to add carp ip addresses and switching them to main addresses by
> > editing xml backup and then restoring
well. take backup of config and ask operator to reinstall box from usb
stick & restore backup?
Eero
5.12.2017 11.53 "Pete Boyd" kirjoitti:
> It was available to login to again after power cycling.
>
> From the log - General:
>
> check_reload_status
Well. You should use VLANs to segment IoT devices into different network.
Anyway... some commercial vendor might provide a bit better protection ;)
You can replace you apple timemachine with unifi aps.
https://www.ubnt.com/unifi/unifi-ap/
Eero
On Sun, May 13, 2018 at 10:44 PM Richard A. Relph
You should use postscreen/blacklist to block spam?
Eero
pe 18. toukok. 2018 klo 17.43 Alberto José García Fumero <
albe...@ettpartagas.co.cu> kirjoitti:
> Hi all.
>
> I use PfSense 2.2.1. Of course I know it would very convenient to
> upgrade, but right now it isn't possible.
>
> Im trying to
Hi,
Check out firewall / rules / interface_name
Eero
2017-12-23 6:25 GMT+02:00 Antonio :
> Hi,
>
> I'm not sure how you move traffic between the above interfaces. I was
> under the impression that all you needed was a "Default allow LAN to any
> rule" and job done. Yet i'm
you are missing something like ca certificate that is used to verify remote
endpoint
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Dec 24 00:53:16 openvpn 10563 VERIFY ERROR: depth=0,
error=unable to
get local issuer certificate: C=VG, ST=BVI, O=ExpressVPN,
Hi List,
Is there way to configure pfsense as ipsec initiator only? (on some ipsec
connections)
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
See: http://lists.pfsense.org/pipermail/list/2018-January/011620.html
--
Eero
2018-01-05 15:33 GMT+02:00 Roberto Carna :
> Dear, I've moved from pfSEnse 2.4.0 with Squid 0.4.42 to pfSEnse
> 2.4.42 with Squid 0.4.42_1. After the update, the Squid service
> crashes and
from pfSense, but how do I have
> to remove the config files ???
>
> Thanks a lot, regards !!!
>
> 2018-01-03 13:30 GMT-03:00 Eero Volotinen <eero.voloti...@iki.fi>:
> > Fix:https://forum.pfsense.org/index.php?topic=110155.0
> >
> > remove squid+config file &
how about not masking ip addresses?
do you really need nat in phase 2 ? why?
Eero
8.2.2018 18.17 "Roland Giesler" kirjoitti:
> I'm trying to find a solution and know there are quite a few pfSense users
> here, so here goes...
>
> We've set up some IPSec tunnels and
and@greentree.systems>
wrote:
> On 8 February 2018 at 20:40, Eero Volotinen <eero.voloti...@iki.fi> wrote:
>
> > how about not masking ip addresses?
> >
>
> I'm not allowed to show the ip addresses (by my client), hence the
> masking...
>
> I thought I need NAT, b
cannot expose the LAN ip address
> to the tunnel (192.168.110.130), I need to use the public IP...
>
> thanks again
>
>
> On 8 February 2018 at 23:51, Eero Volotinen <eero.voloti...@iki.fi> wrote:
>
> > Well. Maybe You need to hire pfsense consultant with NDA, so
Hi List,
Does anyone know where I can buy this cable:
https://store.netgate.com/Hamakua-VGA-Cable-P350.aspx
Eero
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
Hi,
This hardware can do gigabit (wirespeed) NAT/FW
https://www.amazon.com/gp/product/B016VHBA7C (tested on my home, using
symmetric gigabit line...)
but, I we use NetGate SG-8860 on our main offices:
le.com/search?q=VGA+header+to+15-pin+ribbon;
> source=lnms=shop=X=0ahUKEwiwybq2ma3ZAhVI2oMKHf9zBWwQ_AUICigB <
> https://www.google.com/search?q=VGA+header+to+15-pin+
> ribbon=lnms=shop=X=0ahUKEwiwybq2ma3ZAhVI2oMKHf9zB
> WwQ_AUICigB>
>
> > On Feb 17, 2018, at 3:29 AM,
> I believe I read somewhere that the new version that requires aes-ni will
> be 3.x, and they plan to continue the 2.x line alongside it, as 3.x will be
> a major rewrite
>
>
> -Ed
>
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eer
Please note that next pfsense will not install hardware that is not
supporting aes-ni?
Eero
On Thu, Feb 15, 2018 at 6:37 PM, Kyle Marek wrote:
> This board does round-up gigabit (something like 976 Mb/s) in both
> directions on all 4 interfaces:
> saying "AES-NI CPU Crypto: No".
>
> On 02/15/2018 11:55 AM, Eero Volotinen wrote:
> > Please note that next pfsense will not install hardware that is not
> > supporting aes-ni?
> >
> > Eero
> >
> > On Thu, Feb 15, 2018 at 6:37 PM, Kyle Mar
Thanks. that worked. It was a bit hard without console :)
Eero
On Fri, Feb 16, 2018 at 9:00 PM, Melvin <mel...@sleepydragon.net> wrote:
> I've had good luck in similar cases by installing on a generic machine
> then putting the media in the target box.
>
> On Feb 16, 2018, 13:
Maybe. I think that hardware can still do full gigabit nat and firewalling.
--
Eero
On Mon, Feb 19, 2018 at 7:12 PM, Moshe Katz <mo...@ymkatz.net> wrote:
> On Mon, Feb 19, 2018 at 10:42 AM, Paul Mather <p...@gromit.dlib.vt.edu>
> wrote:
>
> > On Feb 19, 2018,
y. I shouldn't have to replace my hardware to support a
> > feature I will not use...
> >
> > I shame Netgate for such an artificial limitation...
> >
> > Thank you for the information.
> >
> > On 02/15/2018 12:20 PM, Eero Volotinen wrote:
> > > Well:
&g
1 - 100 of 112 matches
Mail list logo