Hi Holger, yes it was an IP address that can triggers the IPSec tunnel.
If PING Host is enabled, does it automatically initiate the tunnel? Or
that it has to be manually initiated then maintained by ping host?
Where can I check whether the ping host packet was indeed fired?
Regards,
Kelvin
Watch pftop from the shell. You should see the ping kick in frequently.
It will bring up the tunnel even if there is no other qualifying traffic
from lan to the remote subnet.
Holger
-Original Message-
From: Kelvin Chiang [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 28, 2007
I'm in the process of (hopefully) migrating from a Linux router running
Shorewall to a pfSense box. One of the things we were able to do on our
Linux router was transparently proxy to a separate machine on our
network running Squid.
We accomplished this with a mix of iproute and iptables.
On Tue, Mar 27, 2007, at 19:28:05 -0400, Scott Ullrich wrote:
I have commited a fix that should solve this problem for you. Please
try a snapshot about 2 hours after you receive this.
Scott
With the updated snapshot, incoming FTP traffic still goes into the
qlandef queue instead of qP2PDown
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
With the updated snapshot, incoming FTP traffic still goes into the
qlandef queue instead of qP2PDown but it doesn't seem to kill the other
traffic anymore. Is that what the change was supposed to do?
Please issue this command from a shell:
ps
On Wed, Mar 28, 2007, at 14:08:48 -0400, Scott Ullrich wrote:
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
With the updated snapshot, incoming FTP traffic still goes into the
qlandef queue instead of qP2PDown but it doesn't seem to kill the
other traffic anymore. Is that what the change
So you do not have P2P Catch all option enabled?
Scott
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
On Wed, Mar 28, 2007, at 14:08:48 -0400, Scott Ullrich wrote:
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
With the updated snapshot, incoming FTP traffic still goes into the
qlandef
On Wed, Mar 28, 2007, at 14:28:00 -0400, Scott Ullrich wrote:
So you do not have P2P Catch all option enabled?
I do, and all other traffic gets caught by it fine. Here are
screenshots of the shaper rules and the queues page with an HTTP
download going.
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
On Wed, Mar 28, 2007, at 14:28:00 -0400, Scott Ullrich wrote:
So you do not have P2P Catch all option enabled?
I do, and all other traffic gets caught by it fine. Here are
screenshots of the shaper rules and the queues page with an HTTP
download
I am able to access the internet thru OPT3 using the x.x.x.49/29 for setting
up the interface. It works great, outgoing anyway. I am not able to setup a
port forward. I turned on logging for the port forward firewall rule. It
shows the traffic passing. It just never goes any where. I am
Can't get ntop to work on the latest snapshot.
I did a format/reinstall on this particular PC and no dice (reconfigured
it from scratch as well). Uninstalled/reinstalled package and that
doesn't work either.
Basically, the package installs, I get the ntop settings and ntop menu
option in
In addition to what the webGUI is telling you about NTOP's status, you
can confirm it's status by going to DiagnosticCommand Prompt and using
the ps -A command. You should see NTOP in the resulting list if it's
running.
If it is running, you can also do a netstat -a from DiagnosticCommand
If you search on the forums you should be able to find more information, but
basically you can't currently do this with pfSense because you can't do source
based redirection. The underlying firewall pf can do it just fine but the
functionality is not exposed through the pfSense web gui. I was
I see no mention of ntop, yet the package installer insists that it is
installed (and if I uninstall/reinstall, it states that it started the
service successfully)
$ ps -A
PID TT STAT TIME COMMAND
0 ?? WLs0:00.00 [swapper]
1 ?? ILs0:00.00 /sbin/init --
2 ?? DL
I think I figured out a means of doing it. I created a load balancer
pool with just the Squid server listed as a gateway. Then I created a
firewall rule on the LAN that sends port 80 traffic from any IP but the
Squid box to that load balancer pool. The only part that I haven't
confirmed as
On Wed, Mar 28, 2007, at 15:49:24 -0400, Scott Ullrich wrote:
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
On Wed, Mar 28, 2007, at 14:28:00 -0400, Scott Ullrich wrote:
So you do not have P2P Catch all option enabled?
I do, and all other traffic gets caught by it fine. Here are
16 matches
Mail list logo
