On Thu, Sep 1, 2011 at 07:48, suresh suresh suresh.notion...@gmail.com wrote:
Hi All,
how to add the wifi in pfsense. i am having the linksys home router.how to
setup wifi in the pf sense. please help me.
Do you have a wifi card in your pfSense machine? Are you wanting it
to be a wireless
On Thu, Sep 1, 2011 at 08:12, suresh suresh suresh.notion...@gmail.com wrote:
No,.. i dont have wifi card.if i configure the wifi router. that goes to the
differnt network. like am pfsense using 192.18.7.10 in wifi coonected
systemshows ip 192.168.1.1 at that time i cant take print or scan both
On Thu, Sep 1, 2011 at 08:19, suresh suresh suresh.notion...@gmail.com wrote:
how to block the bit torrent in pfsense 1.2.3
Don't hijack threads. We know you want to know how to block
bittorrent in 1.2.3, wait until someone answers your question in the
thread you already posted for that.
On Thu, Sep 1, 2011 at 08:31, Ryan Rodrigue radiote...@aaremail.com wrote:
There is not a 100% definite answer to this. What I do is open the ports I
need (80 for http, 25 for smtp, ect and then put a block all rule below
these. This usually works for 99% of the bit torrent traffic. The
On Sat, Jul 23, 2011 at 14:07, William Jimenez wjime...@appdynamics.com wrote:
Is there a way to disable to GUI on pfsense to increase performance, and
then re-enable it when needed?
What performance loss are you seeing? You could disable the httpd,
but if it's sitting idle (not being actively
On Tue, Jul 19, 2011 at 17:35, karlf...@gmail.com wrote:
This hasn't come up in a while. Back in 09 there was a discussion of VPNC
support on pfsense.
IIRC (and I probably don't) VPNC support had a dependence on xauth, which is
a feature in 2.0. Does that mean that pfsense 2.0 has a chance
software is even more so.
Going to try testing this week.
RB
On Mon, Apr 11, 2011 at 14:02, bsd b...@todoo.biz wrote:
Install the open VPN client package on 2.0 - two clicks and you're done !
Viscosity is your best bet.
So straightforward, your grandma could do It.
;-)
Le 11 avr. 2011 à 18:19
On Sat, Mar 26, 2011 at 07:14, Nebojsa Djordjevic djn...@gmail.com wrote:
I'm trying to access http://pfsense.com/ for a some time, but I'm getting
connection reset messages. Anyone else having the same problems?
Both messages you sent came through, and both the pfsense.com and
pfsense.org
On Fri, Feb 25, 2011 at 05:53, Carlos Vicente cjpvice...@gmail.com wrote:
My question is: is there a way of creating a user, without elevated
privileges, to give access only to the reports of LightSquid. I don't want
any client to have access the others features of pfSense.
No, not in pfSense
On Thu, Oct 14, 2010 at 12:22, Mehma Sarja mehmasa...@gmail.com wrote:
I researched an earlier post of SUPERMICRO MBD-X7SPE-H-O Mini ITX Intel
Atom board and it looks like a good option. Albeit a bit expensive. It can
handle 4 GB RAM. So the question is what kinds of enclosures are good for
On Wed, Oct 6, 2010 at 16:27, RB aoz@gmail.com wrote:
Just switched over to bridged mode on the modem and am doing PPPoE
directly from the WAN interface (all simple defaults save user/pw).
Any ideas on this? I'm seeing pretty conclusively that on my end,
even with the dynamic IP terminated
I've noticed this for a while (at least the last two months) and just
had never bothered to jump in and say anything. Currently on the
2.0-BETA4 embedded platform, image dated 2010/09/20 22:40:28.
So far as I can tell, the cron job for updating the DDNS entries isn't
being run. When I visit the
On Wed, Oct 6, 2010 at 08:31, Chris Buechler cbuech...@gmail.com wrote:
So far as I can tell, the cron job for updating the DDNS entries isn't
being run.
There isn't one that updates your IP. That's kicked off from which
ever process renews your WAN IP, which depends on what kind of WAN it
On Wed, Oct 6, 2010 at 08:31, Chris Buechler cbuech...@gmail.com wrote:
There isn't one that updates your IP. That's kicked off from which
ever process renews your WAN IP, which depends on what kind of WAN it
is. What kind of WAN is it?
Just switched over to bridged mode on the modem and am
On Tue, Sep 7, 2010 at 20:05, Chris Buechler cbuech...@gmail.com wrote:
While it generally works, openntpd tends to do stupid things at times
and has a number of limitations. We've been discussing alternatives
recently, looks like we'll switch back to the stock ntpd for 2.0. One
time guru
On Thu, Aug 12, 2010 at 16:29, Cinaed Simson cinaed.sim...@gmail.com wrote:
Hi - suppose the office LAN has one open outbound port - say IMAP on
port 143.
I go home and configure my Linux desktop to run a SSH server on port 143.
Now I return to the office and attempt to connect to my machine
On Fri, Apr 9, 2010 at 07:35, innocent.mayu...@pccb.go.tz wrote:
I have been running several tests with large downloads using DAP for the
past few weeks.
The only concern I would have is whether you're testing one site at a
time or multiple. Many sites I encounter have an upstream bandwidth
80 providing 302's
for every request to https://request. This is trivial to do in
Apache, and I'd be surprised if it wasn't trivial in IIS.
RB
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e
On Fri, Jan 8, 2010 at 17:07, Michel Servaes mic...@mcmc.be wrote:
I don't really like port 80 at all on an IIS server...
Please forgive my IIS ignorance (and this has gone far afield from
pfSense), but what's the difference? Unless you're doing client
certificates, random clients are still
On Wed, Dec 9, 2009 at 07:38, RB aoz@gmail.com wrote:
I made a special trip - log attached. A check of my tcpdump
monitoring actually indicates that while ng0 does not see return
traffic, the physical interface (actually fxp3) does. It's also
indicating that the return packets are 2
On Thu, Dec 10, 2009 at 10:29, Tim Dressel tjdres...@gmail.com wrote:
For me the issue was exactly like you are describing. Can connect and
everything appears OK, but just zero traffic flow. Nothing useful in logs.
Then all of a sudden it would start passing traffic, but then get sketchy
and
On 2009-12-10, Scott Ullrich sullr...@gmail.com wrote:
I'll try turning off ToE in a few hours and report the results. If
all goes well, I'd hope the 1.2.3 final version picks up the noted
stable/7 change.
This was the fix - thanks, Tom, for identifying such an edge case and
linking it to
On Wed, Dec 9, 2009 at 01:34, Ermal Luçi ermal.l...@gmail.com wrote:
Please provide logs of mpd and explain more what you are trying to do and
how you are trying to achive it!
What I'm trying to achieve is awfully simple - with a fresh install of
1.2.3-RC3, I'm plugging a dumb Speedport ADSL
On 2009-12-09, Jim Pingle li...@pingle.org wrote:
Are you sure that your DSL link is solid and noise-free? I have seen
cases where routers would sign on but could not pass traffic and it
turned out to be a weak DSL signal. Does this same line work with any
other router?
It works with the same
I've been fighting a losing battle with an update from 1.2.3-RC1 to
1.2.3-RC3 and am at the end of my options. This also exhibits in the
2.0-ALPHA-ALPHA 8.0-based snapshot I grabbed two days ago.
With both an upgrade and a fresh install, when I configure a simple
LAN + PPPoE WAN, the WAN
On Thu, Oct 8, 2009 at 19:42, Philippe LeCavalier
supp...@plecavalier.com wrote:
Like I said I don't know what other info to supply, when I ssh to a clients
network pfsense redirects me to my local server. The strangest thing to me is
that even when I use the public IP it does that. If it
2009/9/1 Alexandre F. Guimarães alexandre.fguimar...@gmail.com:
Version
1.2.3-RC2
built on Sun Aug 30 11:37:03 UTC 2009
This Server is used only for Captive Portal Authentication, These messages
are appearing on Syslog page (diag_logs.php).
It likely means that the portal process cannot
On Thu, Aug 20, 2009 at 03:58, Paul Mansfieldit-admin-pfse...@taptu.com wrote:
could you force squid + transparent proxying to record traffic usage and
use some clever squid configs and cron to change behaviour?
That assumes that nearly all of your traffic is HTTP; perhaps valid
for some users,
On Wed, Aug 12, 2009 at 10:15, Joseph L.
Casalejcas...@activenetwerx.com wrote:
Silly question, where the heck is the logout button?
There isn't one in the 1.2 series since it uses HTTP authentication.
-
To unsubscribe, e-mail:
On Tue, Jun 9, 2009 at 10:03, and...@fiberby.dk wrote:
I'm running 1.2.2 on this:
Super X7SBi
(http://www.supermicro.com/products/system/1U/5015/SYS-5015B-MF.cfm)
Xeon Dual Core
1Gb Ram
80Gb sata harddrive
I recently upgraded from 1.2, and haven't had this problem before.
I have a memory
On Tue, Jun 9, 2009 at 13:53, and...@fiberby.dk wrote:
I've found one malfunctioning device that was sending 1000pps out on the dhcp
protocol. I shut it off..
The error is still there. Is there any way I can reset the dhcpd.leases file.
Restart your DHCP service; it will take quite a while
On Wed, May 27, 2009 at 10:58, David Burgess apt@gmail.com wrote:
I didn't see any discussion on the forums or in the archives of
porting pfsense to the arm architecture. Is this on the horizon? Would
it be a complicated project?
Yes, but not directly because of pfSense. The underlying
On Tue, May 19, 2009 at 11:47, Chuck Mariotti cmario...@xunity.com wrote:
Navigated to the snort tabs, so now it’s trying to run a huge update (never
been updated before) and has brought the network to it’s knees. How can I
stop the update that’s already been started?
Quick answer: ssh + kill
On Wed, May 13, 2009 at 03:02, luismi asturlui...@gmail.com wrote:
PF
You do, of course, realize that 99.9% of the people that offer help on
this list are not paid to do so and that by copping an attitude you've
pretty much blown your chances of getting help?
On Wed, May 13, 2009 at 09:53, Chuck Mariotti cmario...@xunity.com wrote:
I used cheapo DLink 10/100 Network cards to build the server. But I'm
doubting that would be the cause. The only other oddity is that I threw a
little DLink 8 Port Gigabit Switch between the router and firewall, simply
On Tue, May 12, 2009 at 10:59, luismi asturlui...@gmail.com wrote:
Hi, well, I was looking for something more complex.
http://catb.org/~esr/faqs/smart-questions.html#beprecise
Ask a nebulous question, you get a nebulous answer. If you wanted a
specific configuration, say so.
On Sat, May 9, 2009 at 00:10, Tim Dressel tjdres...@gmail.com wrote:
I'm still interested though in anyone out there with large numbers of
mac-bypass entries. Any takers?
At the risk of redundancy, that was rather the point. Other than the
interface of your manually entering them (which is not
On Fri, May 8, 2009 at 22:06, Tim Dressel tjdres...@gmail.com wrote:
Finally, I'd appreciate any feedback out there on installs with counts
on mac bypass entries topping a 1000 count. I am considering tying
together several of my networks and would like to know what the upper
end on the
On Thu, May 7, 2009 at 15:55, Tim Dressel tjdres...@gmail.com wrote:
1. What is the limitation on the number of mac-bypass entries? And is
what I am seeing expected with 300 entries?
I'm sure someone will chime in with the precise ipfw limitation, but
this is mostly going to be dependent on
On Sat, Apr 18, 2009 at 09:05, Sean Cavanaugh millenia2...@hotmail.com wrote:
KVM and Xen only work on CPUs that have the para-virtualization extensions.
If yer using older hardware, you HAVE to use either bare metal or a standard
virtualizer like VMWare
In a word: no. I haven't tried
On Wed, Apr 15, 2009 at 08:00, Christopher M. Iarocci ciaro...@tfop.net wrote:
This is really off topic for this list, but it sounds to me like
whatever computer is using that IP is probably also running a firewall
that is blocking everything, even ICMP. At this point, you could narrow
down
loads (like daily/weekly rule changes)
make clicky-happy tools somewhat more requisite. Most DIY setups
won't have the nice reporting tools and extended feature-sets that
polished distros like pfSense do, but in your case your need for
performance may well outstrip the need for those.
RB
On Fri, Apr 10, 2009 at 07:44, Markus Golser elmar...@googlemail.com wrote:
I tried almost everything now still no success :(
I think somehow the antennas are not used and thats why my signal is weak
Don't place the AP as close as it is in the picture for testing;
depending on the lobe shape of
On Fri, Apr 10, 2009 at 07:18, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
I only have client mode acces posibility, and my question is if is that
possibloe to configure this on pfsense a nat vpon traffic through ipsec
interface for al the hosts of my LAN.
In a word, 'no'. The Cisco
I pretend to know what I'm doing in the embedded space, and ALIX seems to be in
the sweet spot of price performance right now. The line's breadth is a nice
bonus, supporting everything I need short of a [real] PCI-E slot. I'd probably
go for one of the VIA Nano-ITX boards for a storage
On Tue, Mar 31, 2009 at 10:38, luismi asturlui...@gmail.com wrote:
Is possible to create rules to match URLs or regext expression?
I would like to provide access just to *.foobar.com but I don't know the
IPs used for that domain :-/
The problem with IP filtering by DNS entry is that you tie
On Fri, Mar 27, 2009 at 01:18, Tortise tort...@paradise.net.nz wrote:
Check out the Linksys wrt54g3g which I use with a 3G XU870, (cheap 2nd hand)
works well for portable Internet connections for a
battery of wireless notebooks. It runs from 12V so car battery power is also
an option.
On Fri, Mar 27, 2009 at 08:45, Chuck Mariotti cmario...@xunity.com wrote:
Well, I do happen to have an Alix 6b2 here... my question is, what software
are you running to allow you to use 3G? pfSense? If so, what miniPCI Express
slot card are you using exactly? I assume this means I could throw
On Fri, Mar 27, 2009 at 14:39, Tortise tort...@paradise.net.nz wrote:
Actually the best 3G router option I've found is an Alix 6b2. It has
a miniPCI Express slot you can use for the cellular connection (no
miniPCI solutions exist AFAIK) /
Would the Dell 3G Mini PCI Express modules used in
On Tue, Mar 17, 2009 at 02:00, Fabio Palladino fpallad...@saustudi.it wrote:
There are plugins for a detailed log?
With the ability to query by date, protocol, source, etc. ..
Basically, no. It wouldn't be too hard to create and I'm sure you can
convince someone to do it, but generally
On Sun, Mar 8, 2009 at 12:49, Chris Buechler c...@pfsense.org wrote:
I do realize it might be a problem with FreeBSD rather than pfSense,
especially that I saw a couple of related posts on the net(without
solution).
There's no might be, it is.
I don't know why, but I don't see anyone in this
On Sun, Mar 8, 2009 at 13:17, Chris Buechler c...@pfsense.org wrote:
Based on what I've seen in the FreeBSD list threads describing this
problem, it doesn't help. In the FreeBSD 4.x days polling was better
than it's been in 5.x through 7.x.
You and I were likely reading the same threads, but
-level
filtering (SQL injection, XSS, and other layer 7 attacks), you'll
need to look at something more like a reverse proxy running
mod_security - pfSense does not offer application-level filters.
RB
-
To unsubscribe, e-mail
On Wed, Feb 25, 2009 at 08:16, Sumesh T A sumesh.n...@gmail.com wrote:
Curtis I have tried all these even before i sent this query to the support
forum.
There are no hardware issues.
Every network is a little different, but generally speaking pfSense is
one of the most trivial firewalls to set
On Wed, Feb 25, 2009 at 08:24, Sumesh T A sumesh.n...@gmail.com wrote:
No i am unable to get connected to internet. I am can ping my WAN IP. I
cannot ping my gateway of WAN network
What is your WAN configuration - static, DHCP, PPP, or something else?
On Fri, Feb 20, 2009 at 07:13, Gary Buckmaster
g...@centipedenetworks.com wrote:
pfSense does not do firewalling based on MAC address.
Actually, it does, if indirectly.
Use the captive portal. More than likely it fits your use case
anyway, but can also be used to enter static lists of allowed
On Thu, Feb 19, 2009 at 09:06, Chris Buechler c...@pfsense.org wrote:
For one, you're not likely to find any Linux users here, at least not any
that are intimately familiar with Linux firewalls.
Preferring to hand-roll my own rule sets and knowing the iptables
packet stack nearly by heart, I'd
On Thu, Feb 19, 2009 at 09:30, apiase...@midatlanticbb.com
apiase...@midatlanticbb.com wrote:
icmp 192.168.10.255:54864 - 192.168.10.11 0:0
icmp 192.168.10.11:54864 - 192.168.10.255 0:0
icmp 192.168.10.255:60489 - 192.168.10.11 0:0
icmp 192.168.10.11:60489 - 192.168.10.255 0:0
snip
I've
Slicing and dicing to get context:
On Thu, Feb 19, 2009 at 12:26, mikel mi...@irontec.com wrote:
I think that contrackd doenst does this
On Thu, 19 Feb 2009 13:13:00 -0600, Bill Marquette bill.marque...@gmail.com
wrote:
All 255 protocols. If it's in state, it's sync'd.
At the expense of
On Wed, Feb 18, 2009 at 09:27, Nick Upson nick.up...@gmail.com wrote:
anyone?
Most probably didn't respond because your description of the problem
seemed pretty obvious that you have a hard drive failure. pfSense
uses modern FreeBSD under the hood, and there's no reason a 320GB
drive would be
On Tue, Feb 17, 2009 at 08:01, Federico Konig chamiko...@gmail.com wrote:
I agree with you but what i need is the cisco's policy. I need only for a
few pcs to use the X gateway, others use the Y gateway and the rest use a
balance pool Z.
Due to the way proxying works, your request is simply
On Mon, Feb 16, 2009 at 07:57, Federico Konig chamiko...@gmail.com wrote:
Nobody answer?
It was unclear whether you meant policy in the Cisco sense (route
source X via gateway Y) or policy in the sense of applying access
policies - like who may connect to what site on what port. Either
way, a
Don't know if it's changed in the 1.2.2 and 1.2.3 releases, but in 1.2-RELEASE
the CP wasn't very well suited for high-volume concurrent logins. Each client
spawns its own thread that tries to gain an exclusive lock on the flat file
that enumerates sessions, then linearly searches that for a
On Wed, Feb 11, 2009 at 15:28, Chris Buechler c...@pfsense.org wrote:
On Wed, Feb 11, 2009 at 5:01 PM, Brian-Paul Carline brian-p...@eion.com
wrote:
I'm writing to ask of anybody else has experienced the inability to use PAT
through to a DMZ server(s) with a PPPoE configured WAN interface.
On Mon, Feb 9, 2009 at 19:01, Jeremy Bennett jbenn...@obtusion.com wrote:
4) Assign a address of 10.0.0.X on the same subnet as everything else to the
LAN port (making sure that it doesn't conflict with anything else)
5) Turn on the PPTP VPN server with another 10.0.0.X address (making sure
On Mon, Feb 9, 2009 at 19:46, Joseph L. Casale
jcas...@activenetwerx.com wrote:
I am using 1.2-RELEASE and have a client that needs to connect to an Exchange
Server via
RPC/HTTPS that I know to be in working order. This client cannot connect when
behind pfsense
but can access owa on this
On Mon, Feb 9, 2009 at 20:24, Chris Buechler c...@pfsense.org wrote:
On Mon, Feb 9, 2009 at 10:05 PM, Jeremy Bennett jbenn...@obtusion.com wrote:
RB,
Thank you for review. I typically use PPTP cause it is quick and easy, and
supported natively by Mac OS X and Windows.
Do you have a favorite
On Tue, Feb 3, 2009 at 16:35, Thomas Elsgaard thomas.elsga...@gmail.com wrote:
I have just configured pf sense to do traffic shaping in our network, and i
hoped that the p2pcatch all could detect the p2p traffic from the linux
transmission p2p client, but unfortunately this traffic is going
pfSense's resolver is set to
something that will answer PTR queries for the SSH source range
(presumably your LAN).
RB
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
On Fri, Jan 9, 2009 at 08:31, Chris Buechler c...@pfsense.org wrote:
You rarely want to NAT between internal interfaces.
Ditto. The only internal NAT I have is when traversing from a
trusted VLAN to an untrusted one (open wireless) to mask the systems.
If your routing (primarily on the clients)
On Wed, Jan 7, 2009 at 10:07, Atkins, Dwane P atki...@uthscsa.edu wrote:
We have 1.2 RC2 installed on a Dell server. Periodically, it locks up
solid. You can web into it, but when you go to see how many users there are
on the Captive Portal, it locks up. It will show you the number of users
On Sun, Dec 21, 2008 at 01:00, Lenny five2one.le...@gmail.com wrote:
actually, the blank spaces in RRD during the load made me believe it was a
firewall issue for sure.
Regarding the CPU, I only used the RRD graphs. But you're probably right, I
should use top.
The gaps in the graph only
for high retransmits will either prove or disprove the
issue.
RB
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https
On Sun, Dec 21, 2008 at 11:21, Lenny five2one.le...@gmail.com wrote:
actually, they couldn't download higher than 30Mbs or so from each client
(although they said they have the line for it),
so they initiated about 6 of those connections. Does this help in any way?
Unfortunately not - it's
On Sat, Dec 20, 2008 at 15:45, Lenny five2one.le...@gmail.com wrote:
Another weird thing I noticed is that when looking at RRD graphs I suddenly
see a blank space, like this:
-- -- . And it shows on all the graphs at the same time.
I've also noticed that it's about the
in the package
(/usr/local/libexec/squid/ntlm_auth), but you'll have to roll your own
custom config segment to set up SPNEGO authentication and the
associated ACLs.
RB
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional
On Fri, Dec 5, 2008 at 06:52, Tim Korves [EMAIL PROTECTED] wrote:
we're searching for a reliable hardware basis to use as a pfSense firewall
with a maximum concurrent throughput of 6 Gigabits / second.
Four questions to start:
- If 6Gbps is the peak, what do you expect the sustained throughput
.
RB
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Commercial support available - https://portal.pfsense.org
, but has seen as much as 3x
that with no ill effect. pfSense: Dell PE2650, 2xP-IV @ 1.8GHz
RB
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Commercial support available - https
On Sun, Nov 30, 2008 at 00:59, Cozma Szabi [EMAIL PROTECTED] wrote:
Is there a description about these card in the pfsense wiki? I found them on
the homepage of the free BSD.
That's where you should find them - pfSense is just a UI on top of
FreeBSD and doesn't have the need or resources to
1/ change the message to say it DOES need rebooting
The necessity of rebooting depends on your particular hardware; some
drivers don't need to be reloaded to enable VLANs.
2/ add, to the interface status page, information about the current vlan
tag?
You mention telling if there's a problem.
The description from the wiki is not helpful.
Do you know a general description how VLAN is working in pfsense?
What is unhelpful about this document?
http://doc.pfsense.org/index.php/HOWTO_setup_vlans_with_pfSense
-
To
On Tue, Nov 25, 2008 at 14:13, Cozma Szabi [EMAIL PROTECTED] wrote:
I cannot find what I have to set on the parent card, or what I must to check
on VLAN interfaces.
Unlike Cisco equipment, you don't have to set anything on the parent
interface, VLAN tagging is turned on by default. If you read
On Tue, Nov 25, 2008 at 14:47, Cozma Szabi [EMAIL PROTECTED] wrote:
Thank you for the answer, I will try it out tomorrow.
You mean that I have to enable the parent interface and leave all the fields
empty ?
Do as you wish; it likely needs to be at least enabled, but that's the
equivalent of
On Fri, Oct 24, 2008 at 09:16, JJB [EMAIL PROTECTED] wrote:
I, and some of our users are getting very slow, modem like upload speeds on
OpenVPN from home - using Tunnelblick on my DSL (6mbit down 768 up).
Download speed is OK - about 560kbps. The WAN link I am connected to is
3mbit in both
They do mention being pfSense-based. The Fyrewall is a free software
based on FreeBSD, on pfsense framework - from google translate.
You beat me to the translation... Looking at their live demo (yes,
they have one running in a VM) it most certainly is re-branded
pfSense, 1.2 by the looks of
so user A can connect to host A behind pfsense box via port 3389 and user B
can connect to host B via port 3389 behind the pfsense firewall and so on
and so forth.
what should be my approach?
Install a Terminal Services Gateway. pfSense does not do policy-NAT,
i.e. port-forwarding based on
://doc.pfsense.org/index.php/MultiWanVersion1.2 that explains all
this - highly recommend reading it before trying to solve
already-addressed problems.
RB
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL
On Wed, Oct 1, 2008 at 00:15, Erwan David [EMAIL PROTECTED] wrote:
On a multi-wan installation, I'd like to combine policy based
routing (ie send web connections through ADSL with high download
bandwith, and VPNs through slower but more reliable SDSL), and OLSR to
ensure evriything goes
and
just disabled HT globally, both for that and the fact that it's just
hardware-assisted preemption.
RB
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
On Mon, Sep 29, 2008 at 12:47, Vivek Khera [EMAIL PROTECTED] wrote:
If you don't have multiple users, that is a non-issue, IIRC. Who logs
into your pfsense?
No one. :) Even so, I've found it best to err on the side of
caution. As I stated, the only benefit I see from it is
hardware-assisted
By default does pfsense go in stealth and hide the HOP (pfsense
ip wan) or will it show on traceroutes?
Absolutely shows up; the primary function is as a L3 router. You can
configure it as a 'transparent' bridge, but you obviously won't get
NAT that way.
Any feedback on pfsense in
and headache than you will want to engage. Especially since
you'd be scanning random end-users' email and dictating whether it is
sufficiently righteous to pass. Not ground I'd want to encroach.
RB
-
To unsubscribe, e-mail: [EMAIL
it and the
logs to execute blocks. None of it really requires Snort anyway, just
the [pretty simple] daemon running on pfSense, maybe a short
configuration screen setting up secrets and what IPs can access it.
For those in a hurry, 'pkg_add -r snortsam' would get you a long way
there.
RB
for IPv4
and whatever else for IPv6. But, sadly, this is what I am doing now.
Yet you still do not answer the question - what value is v6 providing
you now? Would you mind sharing what made you make the agreeably
painful decision to run two separate gateways?
RB
, I am not unsympathetic to your cause and would gladly do the
work if my employer paid me to do so, but unless there's a real
business case, development will have to continue at hobby speed.
RB
-
To unsubscribe, e-mail: [EMAIL
On Thu, Sep 25, 2008 at 08:59, Vivek Khera [EMAIL PROTECTED] wrote:
Either you believe that IPv6 is coming, or you don't. I fall in the
former camp though there are people who believe IPv6 is not necessary.
I agree that it will be a long time before there are hosts that are
IPv6 that are not
doesn't really cause me concern. Who can
present a reasonable case for adoption before the current 2-3 year
timeline?
RB
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
On Wed, Sep 24, 2008 at 16:26, David Rees [EMAIL PROTECTED] wrote:
On Wed, Sep 24, 2008 at 3:22 PM, RB [EMAIL PROTECTED] wrote:
Who has put off rolling out pfSense or a similar platform
because it didn't implement IPv6?
Anything for the US Government is required to be IPv6 ready.
Accepted
I want to use dansguardian I know very well dansguardian Please help
I want a chocolate pony with sprinkles, but likely won't get one by
COB. Your original message stated Or prefer another any content
filter package, which squid+squidguard fulfills.
If you absolutely insist on dansguardian,
1 - 100 of 184 matches
Mail list logo
