On 4/6/07, Matthew Grooms [EMAIL PROTECTED] wrote:
This means the protocol is enabled in the kernel. If it was configured
for an IPSEC policy in use, you would see IPCOMP security associations
via 'setkey -D' much the same as ESP or AH security associations. As
traffic passes, the sequence
On 4/5/07, Diego Morato [EMAIL PROTECTED] wrote:
I´m using ipsec to connect three branch offices. There is a issue with the
firewall described below:
I´m not allowing output traffic from LAN subnet to WAN, so I disabled the
default LAN rule Default LAN - any, however disabling this rules causes
On 4/4/07, Tim Nelson [EMAIL PROTECTED] wrote:
In the pfSense forums, it appears there are kernel patches available
that will fix this issue but no one cares to do it:
http://forum.pfsense.org/index.php/topic,1383.0.html
In fact, it was Mr. Ullrich himself that made the comment regarding that.
On 4/2/07, Diego Morato [EMAIL PROTECTED] wrote:
Scott,
The Shared Physical Netork option is not setting
net.link.ether.inet.log_arp_movement in my box. I check and save, and unckek
and save, and this always stay in 1. I´m using sysctl -a to list the
onfigurations. It only print 1 - 0 at
On 4/1/07, Kelvin Chiang [EMAIL PROTECTED] wrote:
Hi, I realized that even though the Client-Specific-Configuration is
deleted, the openvpn-csc directory still have the file in there. This cause
the openvpn server still uses the options stated in this file. Does anyone
experience the same
On 4/2/07, Vaughn L. Reid III [EMAIL PROTECTED] wrote:
Here are the rules for the interface in question that seem to make the
IPSEC tunnel work:
[snip]
Look in /tmp/rules.debug and search for IPSEC.
Do you see rules permitting traffic to the interface?
Scott
Is this correct behavior?
-- Forwarded message --
From: Kelvin Chiang [EMAIL PROTECTED]
Date: Apr 1, 2007 9:48 AM
Subject: [pfSense Support] Client-Specific-Configuration - OpenVPN
To: support@pfsense.com
Hi, I realized that even though the Client-Specific-Configuration is
Woops, disregard. Accidentally clicked reply when I was forwarding it
to someone else.
On 4/1/07, Scott Ullrich [EMAIL PROTECTED] wrote:
Is this correct behavior?
-- Forwarded message --
From: Kelvin Chiang [EMAIL PROTECTED]
Date: Apr 1, 2007 9:48 AM
Subject: [pfSense Support
On 3/31/07, Matthew Grooms [EMAIL PROTECTED] wrote:
IPCOMP is supported. It should work fine with the KAME IPSEC stack. FAST
IPSEC has issues and is disabled via sysctl by default ...
net.inet.ipcomp.ipcomp_enable: 0
I stand corrected. Learn something new every day.
Scott
On 3/31/07, Diego Morato [EMAIL PROTECTED] wrote:
You are right Charles, shared physical network doesn´t apply here. Just for
complement, I installed pfsense in a remote office and I getting this same
problem. In my case this problem occur because I have a Windows Server using
two interfaces as
On 3/31/07, Charles Sprickman [EMAIL PROTECTED] wrote:
I'm not sure that's going to help - I have no interfaces sharing the same
physical network, and the messages are from hosts on the bridged OPT1, not
from pfsense itself.
This suppresses that log mesasge.
In short, the pfsense box seems
Nevermind, we found the problem.
Scott
On 3/31/07, Scott Ullrich [EMAIL PROTECTED] wrote:
On 3/31/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
I'm using the following snapshot:
*1.0.1-SNAPSHOT-03-27-2007 *
built on Sat Mar 31 05:25:36 EDT 2007
After upgrading
On 3/31/07, Charles Sprickman [EMAIL PROTECTED] wrote:
On Sat, 31 Mar 2007, Scott Ullrich wrote:
Just out of curiousity, what does this setting actually do? Does it move
the WAN IP to the bridge interface?
No, it sets sysctl -w net.link.ether.inet.log_arp_movement=0. -HEAD
has different code
On 3/31/07, Charles Sprickman [EMAIL PROTECTED] wrote:
OK, but that's not going to affect other hosts, that's just for the
firewall itself, no?
Charles
That is correct.
Scott
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
this:
LAN = em0
WAN = em1
ATTDSL = em4 -- This is the OPT interface that I was using for the
Computer Support VPN test wireless = em2
Vaughn
Scott Ullrich wrote:
Okay, so that I am on the same page as you. Those $wan rules
should have read $optX ??
Scott
On 3/29/07, Vaughn L. Reid
On 3/30/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
You can add a ping statement tot he ipsec-tunnel so it builds up immediately...
Compression is not used i presume...
Correct. Compression is not a feature in FreeBSD. If someone would
like to port it from OpenBSD that would be fantastic.
On 3/29/07, Vaughn L. Reid III [EMAIL PROTECTED] wrote:
I'm using the 3-27 snapshot on the pfsense box.
I've searched both the forum and the mailing list archives, and I can't
seem to find an updated listing of how to get IPSEC to work over an OPT
interface as well as over WAN at the Same time.
We have docs concerning multi-wan. Please ensure that you have double
checked your settings.
http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing
I run multi-wan at work and it absolutely works.
Scott
On 3/29/07, Robert Goley [EMAIL PROTECTED] wrote:
It seems we are both having the
Is the interface enabled?
On 3/29/07, Robert Goley [EMAIL PROTECTED] wrote:
Here is the message that I am receiving.
Robert
There were error(s) loading the rules: /tmp/rules.debug:54: macro 'opt3' not
defined/tmp/rules.debug:54: syntax error pfctl: Syntax error in config file:
pf rules not
On 3/29/07, Diego Morato [EMAIL PROTECTED] wrote:
Hi All,
I´m folowing the documentation
(http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing) to setup a
Multi-Wan/Load Balancing environment, however after create the pool, I´m
getting a error when I click on Apply button:
Warning:
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
The latest snapshot seems to be the same as the previous one (still
going to qlandef but doesn't seem to affect other traffic much).
1.0.1-SNAPSHOT-03-27-2007
built on Wed Mar 28 21:01:28 EDT 2007
# ps awux | grep pftpx
proxy550 0.0 0.1
On 3/29/07, Vaughn L. Reid III [EMAIL PROTECTED] wrote:
I've set up a test tunnel between my office and my customer site. The
VPN tunnel will work correctly when the pfsense interface is the WAN
interface. When I change the interface to the OPT interface, It doesn't
seem to work. Here are
p2pCatchAll.
Scott
Scott
On 3/29/07, Mark Kane [EMAIL PROTECTED] wrote:
On Thu, Mar 29, 2007, at 12:29:37 -0400, Scott Ullrich wrote:
Please open Diagnostics - Command Prompt and in the PHP command box
type in:
echo isset($config['ezshaper']['step5']['p2pcatchall']);
This didn't return anything
mode.
Mar 29 14:17:02 racoon: INFO: respond new phase 1 negotiation:
75.44.169.169[500]=70.237.44.110[500]
Vaughn
Scott Ullrich wrote:
On 3/29/07, Vaughn L. Reid III [EMAIL PROTECTED] wrote:
I changed the My Identifier on the tunnel definition to IP Address and
then specified
On 3/29/07, Vaughn L. Reid III [EMAIL PROTECTED] wrote:
I didn't get the request, but I'll be happy check to see if rules are
being added. Should I remove the manual rules that I created first
before checking?
Yes, please. Then open up /tmp/rules.debug and look for VPN
Rules.. Below that
) opt1
200.xx.4.65
Firewall: Rules
Proto Source PortDestination PortGateway
TCP/UDP 192.168.0.77* * 80 - 443
WanBalanceOPT1
- Original Message -
From: Scott Ullrich [EMAIL PROTECTED
# enable ftp-proxy
pass in quick on em4 inet proto tcp from any to $loopback port 8022
keep state label FTP PROXY: Allow traffic to localhost
pass in quick on em4 inet proto tcp from any to $loopback port 21 keep
state label FTP PROXY: Allow traffic to localhost
Vaughn
Scott Ullrich wrote
Okay, I see this bug as well. Will get it fixed soon.
Scott
On 3/29/07, Scott Ullrich [EMAIL PROTECTED] wrote:
Okay, so that I am on the same page as you. Those $wan rules should
have read $optX ??
Scott
On 3/29/07, Vaughn L. Reid III [EMAIL PROTECTED] wrote:
Oops! Sorry
On 3/29/07, Vaughn L. Reid III [EMAIL PROTECTED] wrote:
Thanks for your hard work. I appreciate it and I'm sure my customers do
too.
No problem, the bug should be fixed now. Please test a snapshot about
1-2 hours from now.
Scott
This was fixed earlier.
Scott
On 3/29/07, Robert Goley [EMAIL PROTECTED] wrote:
I am entering the failover and load balancing rules. Rules look fine. Should
there be blank rules there by default? There is one for the load balance and
one for the pools.
Robert
Warning: unlink(/tmp/.pool):
On 3/29/07, Robert Goley [EMAIL PROTECTED] wrote:
I found the command. Here are some basics on it.
pfctl
[snip]
Newer snapshots can kill the states from Diagnostics - States without
the command line.
Scott
-
To
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
With the updated snapshot, incoming FTP traffic still goes into the
qlandef queue instead of qP2PDown but it doesn't seem to kill the other
traffic anymore. Is that what the change was supposed to do?
Please issue this command from a shell:
ps
So you do not have P2P Catch all option enabled?
Scott
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
On Wed, Mar 28, 2007, at 14:08:48 -0400, Scott Ullrich wrote:
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
With the updated snapshot, incoming FTP traffic still goes into the
qlandef
On 3/28/07, Mark Kane [EMAIL PROTECTED] wrote:
On Wed, Mar 28, 2007, at 14:28:00 -0400, Scott Ullrich wrote:
So you do not have P2P Catch all option enabled?
I do, and all other traffic gets caught by it fine. Here are
screenshots of the shaper rules and the queues page with an HTTP
download
On 3/27/07, Mark Kane [EMAIL PROTECTED] wrote:
Hi everyone.
I've recently noticed that incoming FTP traffic is not being sent to
the proper queue. I have traffic shaping setup per the wizard with VoIP
traffic going to qVOIPUp/Down and a catch-all for everything else
to qP2PUp/Down. For the most
Fixed. Please test again about 2 hours from now.
On 3/26/07, David Strout [EMAIL PROTECTED] wrote:
I just upgraded to the latest snap -
1.0.1-SNAPSHOT-03-23-2007
I am noticing some errors when editing rules and
then again when I try to save the rule.
The following error shows up when I edit
Download the latest snapshot in about 2 hours and upload it as you did
on the previous one.
Scott
On 3/26/07, David Strout [EMAIL PROTECTED] wrote:
Will I need to reapply the snap or just grab a
file or two from CVS and apply ???
BTW, thanks for the quick reply!!
--
David L. Strout
It will be named the same and the date/time will be different.
On 3/26/07, David Strout [EMAIL PROTECTED] wrote:
Will this be renamed or show up as:
pfSense-Full-Update-1.0.1-SNAPSHOT-03-23-2007.tgz
--
David L. Strout
Engineering Systems Plus, LLC
- Original Message -
Subject: Re: Re:
I don't think he is getting testy, that is a polite way of saying you
do not need to keep emailing the list multiple times about the same
problem.
Scott
On 3/26/07, David Strout [EMAIL PROTECTED] wrote:
Not a problem ... just reporting the symptoms. No
need to get testy.
--
David L. Strout
On 3/26/07, David Strout [EMAIL PROTECTED] wrote:
This is the error I get when trying to change the
interface setting on the newest snapshot -
pfSense.img.gz 2007-Mar-26 14:19:42 23.3M
application/x-gzip
[Mon Mar 26 20:38:28 2007] [apc-error]
apc_fcntl_create: open(/tmp/.apc.gvBOOZ,
On 3/26/07, David Strout [EMAIL PROTECTED] wrote:
The errors are gone and I am able to assign
interface params, but the halt option doesn't seem
to work (seperate issue, maybe it hasn't been
working on the embedded ver.)
Not seeing that here. Maybe it's hardware related.
pfSense console
On 3/26/07, David Strout [EMAIL PROTECTED] wrote:
Running on a Soekris 4801, it has always worked
before ... i just noticed that it didn't work when
i had the console cable connected ... usually I
don't manage it that way except when I upgrade and
have trouble.
This is also a Soekris 266/4801.
It should be okay now going forward. We have hidden the stuff that is
not ready.
Scott
On 3/24/07, Holger Bauer [EMAIL PROTECTED] wrote:
Should already be fixed. Using snapshots currently might not be the best
idea as the work on timebasedrules feature is happening atm and is not
yet
It is nowhere near done. Please hold your bug reports.
On 3/23/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi,
when editing the rules in the 23-3-snapshot it displays
Warning: Invalid argument supplied for foreach() in
/usr/local/www/firewall_rules_edit.php on line 729
Btw: very cool
On 3/18/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
I think it might be an error in captive portal:
When changing some entry and then save them, there appear two apply
buttons:
http://pfsense.trendchiller.com/pics/cp_apply_error.jpg
Thanks, fixed!
Scott
On 3/19/07, Joseph Favia Jr. [EMAIL PROTECTED] wrote:
Why is it that I can't ever load the tutorials in that .ht format ?
Try firefox with Flash plugin installed.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional
On 3/16/07, Ying Wong [EMAIL PROTECTED] wrote:
It sure feels weird to reply to myself but I have found a solution to
this problem in case anybody has to go through this again.
The HOME_NET problem I mentioned in one of the other posts causes the
whitelist to be improperly written to
On 3/16/07, Sloan Miller [EMAIL PROTECTED] wrote:
I can't ping through the WAN interface.
LAN IP 192.168.2.254
WAN IP 192.168.0.108
Outside the WAN IF i have a computer 192.168.0.1
I set up a static route
if =LANNetwork = 192.168.0.0/24 gw
=
Try a snapshot which is based on 6.2. If you find that they are still
not present that means they where added to RELEN_6, not 6.2
Scott
On 3/15/07, Pedro Paulo Oliveira Jr [EMAIL PROTECTED] wrote:
I've noticed that the ral driver in FreeBSD 6.2 support many boards in the
market and the
On 3/15/07, Rainer Duffner [EMAIL PROTECTED] wrote:
Hi,
I imported my config from an older pfSense
(*RELENG_1_SNAPSHOT_03-10-2006*) into a newer version (in a different host)
The newer one (a recent snapshot) complained about the length of the
names of some aliases.
Is there really a
On 3/15/07, Ying Wong [EMAIL PROTECTED] wrote:
Hi all,
I have snort running on the LAN interface instead of a WAN. The reason
for this is so I can block individual users that uses MSN/IM/P2P and not
the other way around.
Snort detects the violations and blocks the private ips accordingly but
On 3/15/07, Ying Wong [EMAIL PROTECTED] wrote:
The latest snort I see is STABLE, 2.6.1.3_2, platform: 1.0. I did a
uninstall , refresh pkg_mgr.php page.
Should I upgrade to the latest PFSense snapshot? Thanks!
Not sure that this is necessary if it works partially. We have only
suggested
On 3/15/07, Ying Wong [EMAIL PROTECTED] wrote:
If a upgrade of pfsense is not necessary, then I did have the latest
snort package installed. I can't seems to find much documentation on
snort2c either, or a sample white list.
Neither could I when I ported snort2c to FreeBSD/pfSense. The source
-2007
built on Mon Mar 12 14:36:20 EDT 2007
and it works here without socket problems, the next openvon client config
uses lport (1194) plus the id oft he client config (1,2,3,...) so it uses
tcp or udo 1195, 1196, 1197 and so on...
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto
Please read this: http://pfsense.blogspot.com/2005/12/obtaining-support.html
On 3/13/07, Bassam A. Al-Khaffaf [EMAIL PROTECTED] wrote:
Dear All,
I am new to pfsense, and would like to have special thanks for all the
people who participated with the development of this package.
I have
Please update http://cvstrac.pfsense.com/tktview?tn=1265 with this information.
On 3/12/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
I saw openvpn-client now uses „lport 1194.
Perhaps it would make sense to create a checkbox to chose the sourceport
(lport) or dynamic source (nobind) !?
No. It requires a package of some sort.
On 3/12/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
Is there the possibility to read hwinfo from pfsense from the shell ?
Temperature or rpm of cpu or coolers ?
Regards, Martin
On 3/12/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
I fixed the openvpn.inc...
Tested and works...
Patch is attached...
Scott, perhaps you can crosscheck and perhaps commit for me ?
Did not want to bother you with my asking... just want to help... sorry...
That is great, thank you! BUT
On 3/8/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
After reinstalling my pfSense systems I want to reinstall NUT also...
But I cannot because it cannot be downloaded...
Does anyone confirm or know anything about it or can check ?
Thanks in advance...
Martin
The package mirror (internap) was down. Try again in 10 minutes.
On 3/8/07, Scott Ullrich [EMAIL PROTECTED] wrote:
The package is apparently broken. I would bring this up in the
packages section on the forum so the author can fix it.
On 3/8/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
How
On 3/7/07, Anil garg [EMAIL PROTECTED] wrote:
Does pfsense use powersave at all. Like slow down CPU, blank out video, spin
down HDD (assuming there is enough RAM) etc.??
No, we do not use power saving functions.
-
To
On 3/7/07, Odd Kåre Qvam Trøen [EMAIL PROTECTED] wrote:
I agree, but since the ftp service I connect to is setup by another
party I must use the settings they dictate. If I were the admin for the
ftpserver port 21 20 would be my pick also.
Then I am afraid this will not work. Port forward
On 3/7/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
I'm running the latest snapshot and have found an issue with IPsec and
with NAT
When applying the latest snapshot NAT (from external) does not work as
well as IPSec does not work as well from my system to pfsense on the
other site...
Can
the other end oft he ipsec-tunnel it answers
immediately...
The new snapshot telly me that the ip was not found...
Do you use prefer old sa's ?
MArtin
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 7. März 2007 20:35
An: support@pfsense.com
Betreff
On 3/6/07, Anil garg [EMAIL PROTECTED] wrote:
Does anyone know if the pfsense will automatically make use of hardware
offloading for 3DES on the Intel PRO/100 Server adapters?
There appears to be no mention of this anywhere.
The last time that I checked FreeBSD does not have support for this
On 3/5/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
What should it read on the fresh install ?
It's a productive system... it's hard to reinstall in between...
Right, but it must work, correct? :) If you could get a reading from
a box that works, it would be most helpful.
Scott
On 3/5/07, Ronald L. Rosson Jr. [EMAIL PROTECTED] wrote:
I have a system setup running bandwithd from snapshot 2/27/2007 and I just
noticed that all my hosts that are assigned their IP addresses dynmically
via DHCP do not resolve and have Configure DNS to reverse this IP). If it
is a hosts that
On 3/5/07, Jared Griffith [EMAIL PROTECTED] wrote:
I was wondering when you are going to have support for Domain names
rather than just ip's for this platform. I like what you guys are
doing, but my biggest complaint is that you don't have domain name
support for your platform. FreeBSD's pf
On 3/5/07, Ronald L. Rosson Jr. [EMAIL PROTECTED] wrote:
I assume you are talking about the DNS servers listed in http://
yourpfsense/system.php.
My setup has public DNS servers listed here. Should it be set to
itself for the DNS servers and have the box checked for Allow DNS
server list to be
On 3/5/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi, Scott !
Fresh install shows the following, but does not work also :-(
[snip]
01100 0 0 allow ip from any to any layer2 mac-type 0x888e
I don't see the traffic counter increasing on this test. Did you
actually test login again?
I found a potential issue. Please test a snapshot around two hours from now.
Scott
On 3/5/07, Scott Ullrich [EMAIL PROTECTED] wrote:
On 3/5/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi, Scott !
Fresh install shows the following, but does not work also :-(
[snip]
01100 0 0 allow
On 3/4/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hmmm, tried the latest snapshot... wpa2 does not seem to work with the captive
portal until now... site cannot be found... :(
Reinstall? The options are definitely back.
# pfsense requires for WPA
add 1100 set 1 pass layer2 mac-type 0x888e
Also, please install a working version and from the shell do a:
ipfw show
Then reinstall the non working version and from a shell do:
ipfw show
Scott
On 3/4/07, Scott Ullrich [EMAIL PROTECTED] wrote:
On 3/4/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hmmm, tried the latest snapshot... wpa2
On 3/3/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
I'm trying to use captive portal on ath0 interface...
WLAN-client gets dhcp-lease and everything bit cannot tonnect to any
network...
If i add the mac-adress to the captive portal it works wothout auth...
But i want auth for this client,
On 3/3/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi, all !
Ist there any possibility to forward broadcast packets over vpn
established between 2 pfsenses ?
The vpn is established by openvpn... (which in pfsense supports only
tun... with tap it should work...)
Any other ideas ?
See advanced
On 3/2/07, Pierre Frisch [EMAIL PROTECTED] wrote:
I am having a problem with the /etc/localtime. After applying the
time zone update the UI came with a blank popup and when I saved the
page it erased the /etc/localtime. I have manually added a link ti
the right timezone (/etc/localtime -
it still looks like my system won't switch to PDT until the first Sunday in
April?
- Original Message
From: Scott Ullrich [EMAIL PROTECTED]
To: support@pfsense.com
Sent: Friday, February 23, 2007 1:33:10 PM
Subject: Re: [pfSense Support] DST 2007-ready?
Both FreeBSD 6.1 and 6.2
On 2/26/07, Vivek Khera [EMAIL PROTECTED] wrote:
On Feb 23, 2007, at 4:33 PM, Scott Ullrich wrote:
If you are in doubt, update to this months snapshot which is based on
6.2 and definitely has support for congresses half-brained decision.
When you upgrade an existing system, you still need
Both FreeBSD 6.1 and 6.2 are already ready for this change IIRC.
If you are in doubt, update to this months snapshot which is based on
6.2 and definitely has support for congresses half-brained decision.
Scott
On 2/23/07, LJ Rand [EMAIL PROTECTED] wrote:
Hi,
How can I tell that my pfsense
On 2/21/07, Andrew Kemp [EMAIL PROTECTED] wrote:
any plans to enable additional SNMP'able items like cpu usage, memory
usage, and disk usage? i know m0n0wall allowed me to graph a few more
values in cacti than pfsense does.
As soon as someone adds the support to bsnmpd, sure.
Scott
On 2/21/07, Adam Armstrong [EMAIL PROTECTED] wrote:
Are there any reasons why pfSense doesn't use net-snmpd?
There are many, and most have been outlined already in the support
forums and list.
Scott
-
To unsubscribe, e-mail:
If you are trying to setup a CARP cluster using pfSense + ESX, please
see the following VMWARE thread:
http://www.vmware.com/community/thread.jspa?messageID=576885
In a nutshell, you need to enable promiscuous mode on each of the
connected vswitch's.
Hope this helps someone in the future, it
On 2/17/07, Eugen Leitl [EMAIL PROTECTED] wrote:
[snip]
Please help me, Obi-Wan, you're my only hope.
Have you seen http://doc.pfsense.org/index.php/Setting_up_CARP_with_pfSense ??
Scott
-
To unsubscribe, e-mail: [EMAIL
On 2/16/07, Adam Armstrong [EMAIL PROTECTED] wrote:
Hi,
If I try to edit a CARP virtual IP, it tells me that the VHID is already in
use and won't let me save the changes. The result is that every time I
change a setting on one of the CARP virtual IPs, I have to change the VHID
on every device.
Start with a MTU of 500 and work your way up. 1400 might not be low enough.
On 2/16/07, Richard [EMAIL PROTECTED] wrote:
Hello Team / Supporters,
i have a very wired problem with pfsense.
Please take some time to read the complete mail.
Infrastructure
4Mbit ADSL Connection / ADSL
).
mtu n Set the MTU [Maximum Transmit Unit] value to n. Unless the peer
requests a smaller value via MRU negotiation, pppd will request
that the kernel networking code send data packets of no more
than n bytes through the PPP network interface.
---%--snap--%--
2007/2/16, Scott Ullrich [EMAIL
On 2/15/07, Chris Buechler [EMAIL PROTECTED] wrote:
On the WAN page. asking that makes me think you're messing around on
the command line, which is a big no no unless you want to break stuff.
Not only is it asking for trouble, we do not support changes from a
command line. If you want this
This one is for the archives.
ESX + Bridged interfaces do not work with CARP currently.
Please see http://www.vmware.com/community/thread.jspa?messageID=576885#576885
Hopefully there is a way around it, if anyone has any ideas, please let me know.
On 2/14/07, Scott Ullrich [EMAIL PROTECTED] wrote:
Here's a short howto.
#1. Setup your tunnels to use IP address and the VIP carp member
#2. Visit Vpn, IPSEC, Failover IPSEC, define the VIP ip address
#3. Visit the other end of the tunnel, make sure the remote gateway is
set as the CARP VIP
#4
Okay now this is making more sense. I have had the backup cache go
nuts on me as well so there is defiantly a bug lurking somewhere in
there.
Scott
On 2/13/07, Angelo Turetta [EMAIL PROTECTED] wrote:
Sean Cavanaugh wrote:
upgrade that thing to one of the new snapshots and try and see if it
On 2/13/07, Richard [EMAIL PROTECTED] wrote:
Hello Team / Supporters,
i have a very wired problem with pfsense.
Please take some time to read the complete mail.
Infrastructure
4Mbit ADSL Connection / ADSL Modem / no other Internet Infrastructure
Problem description:
===
30%
Update to a recent snapshot.
On 2/13/07, kevin hawkins [EMAIL PROTECTED] wrote:
Hello,
I have 2 OpenVPN tunnels coming into a box here at our office. The
problem I'm having is that after a reboot and when OpenVPN starts backup, it
shows in the logs that a tunnel established but I get this
On 2/13/07, Michael Schuh [EMAIL PROTECTED] wrote:
Hello,
i have a question about updating.
One of my Firewalls run's with 1.0-SNAPSHOT-x,
is there any Problem with upgrading this, using
the update-tgz for Version 1.0.1. or better next days 1.0.2?
Or should i better backup and reinstall
On 2/13/07, Michael Schuh [EMAIL PROTECTED] wrote:
Hi Scott,
ok i will try that next days.
Is there an other (newer) place for actual snapshots then
www.pfsense.com/~sullrich ?or exists only the main Updates from
the update-section in Downloadpage.
I remember me that i have prior downloaded
All of your questions have been addressed on the forum. Please search
the forum.
Thanks!
On 2/13/07, Eric W. Bates [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm looking for a basic pfsense/OLSR how to? Anyone who has done this
able to point me to their blog or
On 2/12/07, jseverino [EMAIL PROTECTED] wrote:
hi...
excelent proyect, congratulations.
i help a translate into spanish.
http://www.pfsense.com:8080/
the Version CVS have support for Squid?
Yes it does, but not translatable as of yet since the package is
shared with RELENG_1.
Scott
- Original message -
Hello, Can someone let me know how to install netw...
pkg_add package.tgz .. However I have been down this road recentlly.
This driver dislikes carp.
Scott
On 2/12/07, Alexandre Blardone [EMAIL PROTECTED] wrote:
Hello,
Can someone let me know how to install network
On 2/10/07, Ispánovits Imre [EMAIL PROTECTED] wrote:
Hi,
Can I upgrade the embedded version or should it be reflashed?
Reflash.
Scott
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL
I cannot reproduce this one. I would say something in your XML is
nice and hosed. If you ever accidentally updated to -HEAD then this
is surely part of it.
Scott
On 2/10/07, William Armstrong [EMAIL PROTECTED] wrote:
Warning: Invalid argument supplied for foreach() in
/etc/inc/xmlparse.inc
On 2/10/07, Donovan R. Palmer [EMAIL PROTECTED] wrote:
I have my LAN set up with my workstations 102.168.67/24 and I have a
web/mail server in the DMZ, 10.0.0.10/24. I am running VIP and 1 to 1 Nat,
mapping a public IP to my server. 10.0.0.10
From the office when I go to my webserver, it is
501 - 600 of 2009 matches
Mail list logo