[pfSense] Multiwan with same gateway

2011-10-07 Thread Joseph L. Casale
I have a situation where I need a multiple wan ip addresses, the site has several reserved ip’s handed out by a dhcp server, but they all share the same gateway. I'm not aware of any way this with multiple opt interfaces, a virtual ip won't work as far as I know since its needs it ip

Re: [pfSense] OpenVPN - site to site questions

2012-02-26 Thread Joseph L. Casale
For each tunnel with different ip ranges it's neccessarry to use a unique OpenVPN server. I don't, I have several remote sites that connect to one instance, each has its its own /30 assigned via client configs. There are rules defined with source/dest that control which sites see what on which

Re: [pfSense] VMWare maximum of 10 vnics

2012-03-06 Thread Joseph L. Casale
I'm currently trying to configure pfSense firewall in a VMWare machine. There is apparently a limit of 10 vNICs on Vsphere 5, but I would need this firewall to access 11 networks. Since all the networks in VMWare are already tagged vlans, I don't really how to overcome this limit. Don't see

[pfSense] MTU/stability issues

2012-05-05 Thread Joseph L. Casale
We switched providers and are utilizing a 3 way bonded dsl setup aggregated behind a Mikrotik unit. I am seeing some less than expected throughput and certain types of connections like rdp/rsync are hanging and need to be restarted. The provider suggested to enable an MTU on the wan link to 1460

Re: [pfSense] MTU/stability issues

2012-05-05 Thread Joseph L. Casale
You don't want MTU, you want MSS clamping. Appreciate the confirmation, some reading and trial and error had me try this and I am running at a value of 1360 which has more than tripled my outbound throughput. How does this affect the similar settings available in an Openvpn instance passing

Re: [pfSense] Openvpn site to site problem

2012-12-20 Thread Joseph L. Casale
lan1 192.168.9.0 --- pfsense1 (client openvpn) -- pfsense2 (server openvpn) -- lan 2 192.168.8.0 /var/etc/openvpn/server1.conf route 192.168.9.0 255.255.255.0 push route 192.168.8.0 255.255.255.0 This looks right. /var/etc/openvpn-csc/fw-target iroute 192.168.9.0 255.255.255.0

Re: [pfSense] Question about only routing specific traffic through Mobile VPN connection on pfSense 2

2013-01-02 Thread Joseph L. Casale
Is there any way to change this so only traffic destined for the pfSense  LAN is routed through the mobile IPSEC connection? Certainly, uncheck 'Redirect Gateway', define 'Local Network' as required and push only the applicable additional routes to the client if any... jlc

Re: [pfSense] Question about only routing specific traffic through Mobile VPN connection on pfSense 2

2013-01-03 Thread Joseph L. Casale
Hello,  Thanks, but I believe what you are referring to is only an option for an OpenVPN connection. I am referring to Mobile IPSEC, as described at: http://doc.pfsense.org/index.php/Mobile_IPsec_on_2.0 Oops, my bad. Check 'Provide a list of accessible networks to clients' in the Mobile

Re: [pfSense] pfSense 2.1-RELEASE and Gold Subscription Now Available!

2013-09-15 Thread Joseph L. Casale
I assume this is why snapshots.pfsense.org is offline (or at least not answering) right now? In the release announcement are links to upgrade binaries, not all the mirrors are populated yet, find one. In the same rel announcement is an upgrade guide link that explains how to perform the

[pfSense] Restoring config

2014-07-29 Thread Joseph L. Casale
I had to restore a config from a 2.1.4 system to new hardware. The original system had vlans and as expected the restore prompted to re-assign the opt interfaces as the nic types were different but I had to reset the vlans first. After rebooting, it kept asking for the wan/lan assignment and

Re: [pfSense] Restoring config

2014-07-29 Thread Joseph L. Casale
The new hardware has new MAC Addresses - they are assigned based on the MAC and not LAN1, LAN2 and LAN3. Not from the two systems I just checked... ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list

[pfSense] Backup and rrd option

2014-08-07 Thread Joseph L. Casale
I have a server that includes the rrddata element when choosing not backup this data and duplicates it when you do backup rrd data. I had a look through the issue tracker and did not see anything open or recent that is related. Anyone seen this before? Thanks, jlc

Re: [pfSense] Backup and rrd option

2014-08-07 Thread Joseph L. Casale
I have a server that includes the rrddata element when choosing not backup this data and duplicates it when you do backup rrd data. I had a look through the issue tracker and did not see anything open or recent that is related. Anyone seen this before? Had a chance to look at this again,

Re: [pfSense] Redundant appliances with dynamic wans

2015-08-09 Thread Joseph L. Casale
hi joseph, i use for this scenario two pfsense appliance. the devices are two apu.1d4 with 4 gb ram, 16 gb msata harddisk and 3 nics. internal network ( about 30 vlan ) vlan s are on the core router with default gateway pfsense appliance. for internet access i have two provider.

[pfSense] openvpn topology subnet with pfsense 2.2.6 server/2.3 client

2016-04-14 Thread Joseph L. Casale
I have a 2.2.6 appliance with a server running topology subnet with a pool defined (172.31.1.0/24) which has "Address Pool" unchecked and a ccd for a client with a 'push "ifconfig 172.31.1.42 255.255.255.0"' directive. When a 2.3 client connects, it simply takes the next ip after server. In the

Re: [pfSense] openvpn topology subnet with pfsense 2.2.6 server/2.3 client

2016-04-15 Thread Joseph L. Casale
Does a facility exist to bypass the UI and invoke a static config for an openvpn server? I do not see a means through the web ui to create a configuration which permits static addressing in subnet mode? Thanks, jlc ___ pfSense mailing list

Re: [pfSense] pf rule error

2016-08-10 Thread Joseph L. Casale
> The two are unlikely to be related. > > The "pf wedged" message can happen in some race conditions if multiple > actions are happening, attempting to hit pf in the same way at the same > moment. In most cases it's noteworthy but otherwise harmless. I had made several rule additions, removals

[pfSense] Hardware and usage opinion

2016-08-09 Thread Joseph L. Casale
I have a site that has grown significantly over time and the role pfsense plays went from only providing internet and vpn connectivity to routing between 2 dozen vlans at gig speeds. We are considering replacing the hardware and aren't sure if the site is at the point where dedicated equipment is

[pfSense] pf rule error

2016-08-09 Thread Joseph L. Casale
I recently received an error that the pf table was wedged and had been reset while making changes. A few days later, a vlan stopped passing dhcp traffic and filter reload did not resolve it, I actually had to reboot the unit. Has anyone seen this, are there configurations known to produce this

Re: [pfSense] pf rule error

2016-08-10 Thread Joseph L. Casale
> Check your states table size. Low, right now it is only at %0.002 full and while I don't have that info from the time of the failure I think it is safe to say it wasn't much different. Thanks, jlc ___ pfSense mailing list

[pfSense] dhcp relay in 2.3.2

2016-09-06 Thread Joseph L. Casale
While working on another issue I noticed that on the lan interface which does not have dhcp relay enabled, the pfsense box is receiving and retransmitting dhcp requests. In this case, the dhcp server itself lies on the same vlan and interface that the client exists on hence the relay is not

Re: [pfSense] pfsense openvpn speed?

2017-11-25 Thread Joseph L. Casale
-Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero Volotinen Sent: Saturday, November 25, 2017 5:35 AM To: pfSense Support and Discussion Mailing List Subject: [pfSense] pfsense openvpn speed? > We are running pfsense 2.3 on

Re: [pfSense] pfsense crashing

2017-12-17 Thread Joseph L. Casale
-Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero Volotinen Sent: Sunday, December 17, 2017 5:28 AM To: pfSense Support and Discussion Mailing List Subject: [pfSense] pfsense crashing > After updating and restoring config to

Re: [pfSense] pfsense crashing

2017-12-17 Thread Joseph L. Casale
-Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero Volotinen Sent: Sunday, December 17, 2017 11:02 AM To: pfSense Support and Discussion Mailing List Subject: Re: [pfSense] pfsense crashing > Need to test that tomorrow. Just

Re: [pfSense] Port forwards don't work on one machine

2018-02-12 Thread Joseph L. Casale
-Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Marco Sent: Sunday, February 11, 2018 2:30 PM To: list@lists.pfsense.org Subject: Re: [pfSense] Port forwards don't work on one machine > I ran a wireshark on the destination and it received packets when >

Re: [pfSense] Port forwards don't work on one machine

2018-02-11 Thread Joseph L. Casale
-Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Chris L Sent: Sunday, February 11, 2018 1:43 PM To: pfSense Support and Discussion Mailing List Subject: Re: [pfSense] Port forwards don't work on one machine > What interface is

Re: [pfSense] Port forwards don't work on one machine

2018-02-11 Thread Joseph L. Casale
-Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Marco Sent: Sunday, February 11, 2018 2:30 PM To: list@lists.pfsense.org Subject: Re: [pfSense] Port forwards don't work on one machine > I ran a wireshark on the destination and it received packets when >

Re: [pfSense] Configs or hardware?

2018-02-15 Thread Joseph L. Casale
-Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Kyle Marek Sent: Thursday, February 15, 2018 10:38 AM To: pfSense Support and Discussion Mailing List ; Eero Volotinen Subject: Re: [pfSense] Configs or