RE: [pfSense Support] 050.2 CARP won't go Master or Backup

2005-09-28 Thread Frimmel, Ivan \(ISS South Africa\)
Ok, so I spent sometime on this, this morning. One of the problems I had yesterday during update_file.sh (on 085.4).. it somehow broke OPT1(sync) and kept making it disabled. So carp would never come up, once I got this sorted by going to 085.6 I could go forward. So .. 1) I brought router2 b

[pfSense Support] How to configure Pfsense to d what i do wit iptables

2005-09-28 Thread Sebastian Rodriguez
First of all, little description of my situation. I am in a Hight school room, where we acces to the lan via dhcp througt a proxy. I have also behind the school connection and adsl connection (ppp0) I am using a Server (connected to the school lan, to the adsl and to my computer) to determine t

[pfSense Support] unexpected dhcp lease

2005-09-28 Thread Imre Ispanovits
Hi, I have a problem with pfSense's dhcp server since 0.85.x (I guess it wasn't an issue in 0.84.6). I have two lan interfaces and both serves as dhcp server, of course not overlapping. My problem is that on lan2 (opt2 - xl0) a dynamic ip address is always issued despite it shouldn't be bec

Re: [pfSense Support] unexpected dhcp lease

2005-09-28 Thread Bill Marquette
Are these two logical networks on the same physical network? I'm noticing the request came in on both fxp0 and xl0 - that seems kinda odd. Sep 28 14:35:03 dhcpd: DHCPREQUEST for 192.168.2.254 (192.168.2.4) from 00:12:79:ad:c6:fc (TRC-dc5100) via fxp0: wrong network. Sep 28 14:35:03 dhcpd: DHCPREQ

Re: [pfSense Support] unexpected dhcp lease

2005-09-28 Thread Imre Ispanovits
On Wed, 28 Sep 2005 08:26:28 -0500 Bill Marquette <[EMAIL PROTECTED]> wrote: > Are these two logical networks on the same physical network? I'm > noticing the request came in on both fxp0 and xl0 - that seems kinda > odd. Yes, both network cards are connected to the same switch, but I guess as t

Re: [pfSense Support] IPv6 tunnel BUG

2005-09-28 Thread Jeroen Geusebroek
On 9/21/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > That is a portion that I have not converted as of yet. I don't have > any type of ipv6 devices to test with, etc. I'll see what I can do > but this may be feature that is marked for removing. Could it be that this is fixed in the latest ve

Re: [pfSense Support] IPv6 tunnel BUG

2005-09-28 Thread Scott Ullrich
Yes, I made some changes to the ipv6 code. I cannot test however so I am driving blindly here. Scott On 9/28/05, Jeroen Geusebroek <[EMAIL PROTECTED]> wrote: > On 9/21/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > > That is a portion that I have not converted as of yet. I don't have > > any

Re: [pfSense Support] 050.2 CARP won't go Master or Backup

2005-09-28 Thread Scott Ullrich
You need to update_file.sh /etc/rc.bootup as well. The carp interfacs are brought up at the very end now. Scott On 9/28/05, Frimmel, Ivan (ISS South Africa) <[EMAIL PROTECTED]> wrote: > Ok, so I spent sometime on this, this morning. > > One of the problems I had yesterday during update_file.sh

Re: [pfSense Support] IPv6 tunnel BUG

2005-09-28 Thread Jeroen Geusebroek
On 9/28/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > Yes, I made some changes to the ipv6 code. I cannot test however so I > am driving blindly here. I'd be happy to test. But you can easily get a free IPv6 tunnel from a broker. Just a suggestion ;) -- Jeroen -

Re: [pfSense Support] CDROM Version Install

2005-09-28 Thread Jeroen Geusebroek
On 9/28/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: > The only thing left to try is: > http://wiki.pfsense.com/wikka.php?wakka=BootTroubleShooting > I had the same problem with different machines. Only in my case if i wait (5 minutes or so) it will finally come through. -- Jeroen --

AW: [pfSense Support] CDROM Version Install

2005-09-28 Thread Holger Bauer
With my machine it just throw out several of these messages but goes through them at once and it's running fine after that. Holger -Ursprüngliche Nachricht- Von: Jeroen Geusebroek [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 28. September 2005 16:34 An: support@pfsense.com Betreff: Re:

RE: [pfSense Support] CDROM Version Install

2005-09-28 Thread Mike
Well I did everything that the wiki support said to do with no luck. Just for the record I went ahead and installed M0n0Wall on it with no issues. I would rather use PFSense and really need to find a fix. I am scheduled to put this box in place tomorrow so any more help would be greatly appreciated

[pfSense Support] Trouble/Questions about the development version.

2005-09-28 Thread Robert Goley
I have been testing pssense to use it to replace a Firebox we currently have on one of our connections. The Firebox currently does webfiltering. I tried to get this working with pfsense and ran into some issues. I installed the pfsense developer version (84 I think). I loaded the ports info and

Re: [pfSense Support] Trouble/Questions about the development version.

2005-09-28 Thread Scott Ullrich
That's rather bizarre. The developer version is not restricted in any way. If anything it could still be missing bits from FreeBSD but I am not sure about that. Scott On 9/28/05, Robert Goley <[EMAIL PROTECTED]> wrote: > I have been testing pssense to use it to replace a Firebox we currently >

RE: [pfSense Support] Trouble/Questions about the development version.

2005-09-28 Thread Fleming, John \(ZeroChaos\)
I'm guessing something from gcc is missing. I've seen this error before when include files are missing (/usr/include). See if something very simple will compile. vi test.c #include main (){ printf("hello yorld\n"); } I think that will compile ;) gcc -o test test.c ./test Should spit out "h

[pfSense Support] Proxy Arp

2005-09-28 Thread James Roberson
First some background. I have a multinat configuration working in monowall (mutiple wan IP addresses to 1 or many internal IPs) so pfsense is not so foreign to me. I've tried setting up a similar environment in pfSense 0.85.2. For simplicity, I first tried a basic http port forwarding nat confi

Re: [pfSense Support] Proxy Arp

2005-09-28 Thread Scott Ullrich
Is choparp running on your system? ps awux | grep chop from a shell will tell us. Scott On 9/28/05, James Roberson <[EMAIL PROTECTED]> wrote: > First some background. I have a multinat configuration working in monowall > (mutiple wan IP addresses to 1 or many internal IPs) so pfsense is not so

Re: [pfSense Support] Trouble/Questions about the development version.

2005-09-28 Thread William Armstrong
I use a squid 2.5.Stable10 ( install from freebsd 6.0-beta3 and ports/ make package ) + SquidGuard ( install from freebsd 6.0-beta3 and ports make package ) + DB3 ( install from freebsd 6.0-beta3 and ports make package ) + bigurlblacklist. Work very well for web filtering and I use a rule on

Re: [pfSense Support] Trouble/Questions about the development version.

2005-09-28 Thread Robert Goley
Just to trying to sum this up, You installed (1)binary packages from freebsd, (2) binary packages compiled on a separate freebsd machine, or (3) binaries compiled from the pfsense development version via the ports system? That was not clear from the pluses and parenthesis. I would appreciate the

[pfSense Support] Source based routing

2005-09-28 Thread Robo.K.
Is the Pfsense capable of source based routing as is described here http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO/iproute2.html? /this is only for description of problem, i know that Pfsense is no Linux :-}/   Thank you. Regards-Robo.   -- No virus found in this outgoing message. Checked by AVG

Re: [pfSense Support] Proxy Arp

2005-09-28 Thread James Roberson
Its running for the VIP, vr0 is the wan (I added the x's). root 485 0.0 0.3 1192 764 ?? Ss1:30PM 0:00.00 /usr/local/sbin/choparp vr0 auto xxx.xxx.149.241/27 At 12:51 PM 9/28/2005, you wrote: Is choparp running on your system? ps awux | grep chop from a shell will tell us.

Re: [pfSense Support] Proxy Arp

2005-09-28 Thread Scott Ullrich
Well that should be responding to proxy arp.. Weird. If you need this working now change the virtual ip to a carp type. In the meantime I'll run some tests. On 9/28/05, James Roberson <[EMAIL PROTECTED]> wrote: > Its running for the VIP, vr0 is the wan (I added the x's). > > root 485 0.0

Re: [pfSense Support] Source based routing

2005-09-28 Thread Scott Ullrich
In a multi-wan environment on pfSense this can be handled using advanced outbound nat. Scott On 9/28/05, Robo.K. <[EMAIL PROTECTED]> wrote: > > Is the Pfsense capable of source based routing as is described here > http://en.tldp.org/HOWTO/IP-Masquerade-HOWTO/iproute2.html? > /this is only for d

Re: [pfSense Support] Proxy Arp

2005-09-28 Thread James Roberson
I think I know what's going on. I just noticed the cidr/27. Should be /32. The subnet is /27, but I'm pretty sure this should be /32 (255.255.255.255). I'll check. At 01:58 PM 9/28/2005, you wrote: Well that should be responding to proxy arp.. Weird. If you need this working now change the

Re: [pfSense Support] Proxy Arp

2005-09-28 Thread James Roberson
It was the subnet. Reset Pfsense back to defaults, added rules (shows /32); works now. Thanks At 02:14 PM 9/28/2005, you wrote: I think I know what's going on. I just noticed the cidr/27. Should be /32. The subnet is /27, but I'm pretty sure this should be /32 (255.255.255.255). I'll check.

Re: [pfSense Support] Proxy Arp

2005-09-28 Thread Marcin Jessa
On Wed, 28 Sep 2005 14:14:32 -0700 James Roberson <[EMAIL PROTECTED]> wrote: > I think I know what's going on. I just noticed the cidr/27. Should > be /32. The subnet is /27, but I'm pretty sure this should be /32 > (255.255.255.255). Yes, aliased IPs allways use /32 if the parent IP is on the sa

Re: [pfSense Support] Proxy Arp

2005-09-28 Thread Bill Marquette
Hmmm, interesting. I'll look into why it's setting a /27. --Bill On 9/28/05, James Roberson <[EMAIL PROTECTED]> wrote: > Its running for the VIP, vr0 is the wan (I added the x's). > > root 485 0.0 0.3 1192 764 ?? Ss1:30PM 0:00.00 > /usr/local/sbin/choparp vr0 auto xxx.xxx.149.2

[pfSense Support] 1:1 NAT loopback

2005-09-28 Thread Simon SZE-To
Hello, I had read the thread at Aug 26 and found that some pfSense's user able to access 1:1 NATTed service in LAN segment, but when I try it today, it's failed. My testing environment: - the public IP xx.xx.xx.46 1:1 NAT to 10.0.138.9 - proxy ARP the xx.xx.xx.46 - allow any to any access to xx.x

RE: [pfSense Support] 1:1 NAT loopback

2005-09-28 Thread Jason J. Ellingson
I got it to work, but did NOT use Proxy ARP.  Just used the 1:1 NAT. Jason J Ellingson From: Simon SZE-To [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 28, 2005 9:43 PMTo: support@pfsense.comSubject: [pfSense Support] 1:1 N

Re: [pfSense Support] CDROM Version Install

2005-09-28 Thread dny
i think, it's the vlan stuffs. if i dont choose to setup vlan, everything went fine. if i choose to setup vlan, it ask to reboot. i think the vlan config is not yet saved when it reboot. so, after reboot, it comes up with vlan setup again... On 9/29/05, Mike <[EMAIL PROTECTED]> wrote: > Well I

[pfSense Support] import monowall xml files

2005-09-28 Thread Jonathan Woodard
i know this has probably been answered in previous posts but i didn't see them. i'm wondering if / how i can move my monowall xml file over to pfsense. i tried to just restore, thinking that i had seen a previous post saying it was ok, it but killed everything and i had to re-install. i would