I think it would be an useful feature to have; if you have a pfsense box at
the end of a leased line, private virtual circuit or vpn, it would be good
to check the device at the other has x MAC address to try and rule out any
security features like a MITM attack or something like that...
Just my
Op 29-11-2010 10:51, James Bensley schreef:
I think it would be an useful feature to have; if you have a pfsense box
at the end of a leased line, private virtual circuit or vpn, it would be
good to check the device at the other has x MAC address to try and rule
out any security features like a
On Mon, Nov 29, 2010 at 4:51 AM, James Bensley jwbens...@gmail.com wrote:
I think it would be an useful feature to have; if you have a pfsense box at
the end of a leased line, private virtual circuit or vpn, it would be good
to check the device at the other has x MAC address to try and rule
On 11/29/2010 5:18 AM, Gerald A wrote:
On Mon, Nov 29, 2010 at 4:51 AM, James Bensley jwbens...@gmail.com
mailto:jwbens...@gmail.com wrote:
I think it would be an useful feature to have; if you have a
pfsense box at the end of a leased line, private virtual circuit
or vpn, it
On Mon, Nov 29, 2010 at 8:11 AM, Adam Piasecki
apiase...@midatlanticbb.com wrote:
I understand it's a false sense of security, but I can see how it would be
helpful. Maybe a package can be made with the understanding that its not
100% full proof.
So you have a security feature that works,
I was under the impression that pfsense was layer 3 software. Imo, I don't
think it should be dealing with layer 2. You can always use a switch with
port security.
On Nov 29, 2010 8:21 AM, Vick Khera vi...@khera.org wrote:
On Mon, Nov 29, 2010 at 8:11 AM, Adam Piasecki
I there a way to manually specify an IP to a mac in the ARP tables. That
way you could filter based on IP and if someone changed their IP to avoid
the filters, there internet access wouldn't work. You could then take it a
step further and lockdown the switch port to only that one mac and if they
On 29 November 2010 14:18, stephen at stephenjc step...@stephenjc.com wrote:
I was under the impression that pfsense was layer 3 software. Imo, I don't
think it should be dealing with layer 2. You can always use a switch with
port security.
But as Gerald has pointed out;
On 29 November 2010
pfsense is setup like this:
pfsense--WAN (public IP x)
--OPT1 (public IP y/30)
Connected to OPT1 is client's cisco firewall which is NATing for a
172.21.50/23 subnet. Their dhcp is handing out pfsense's OPT1 address
as DNS server, and pfsense is running DNS forwarder. This works well,
On Mon, Nov 29, 2010 at 4:51 AM, James Bensley jwbens...@gmail.com wrote:
I think it would be an useful feature to have; if you have a pfsense box at
the end of a leased line, private virtual circuit or vpn, it would be good
to check the device at the other has x MAC address to try and rule out
10 matches
Mail list logo
