On 12/10/2010 10:06 AM, Nicolas Roussi wrote: > On Dec 10, 2010, at 8:39 AM, Jim Pingle wrote: > >> On 12/10/2010 8:30 AM, Nicolas Roussi wrote: >>> During the disconnects I still have access to the admin gui of pfSense from >>> a wireless client but nowhere else. The only entry in the system logs is >>> some ARP messages that state that some MAC address changed IP to some other >>> value. I was thinking that the problem might be the switch but I would like >>> to build a pfSense box with 3 NICs (or more), one for my main lan, one for >>> the wireless, and possibly one for all my VoIP extensions. Do you think >>> that that will eliminate my disconnection issues or could it be something >>> else like the MTU size of my current pfSense machine. This way I can >>> eliminate Astaro even though it is a great UTM but it's not free and have >>> pfSense manage the whole network. Running 1.2.3 with a default MTU size of >>> 1500 but after installing NMap I can see that there are packets up to 1518 >>> in size. >> >> Sort of a wild guess, but what size is your state table? Check the state >> table RRD graph as well. It sounds like you may be maxing out your >> states and getting connection drops. >> >> The Mac address message may only be relevant if the Mac or IP is >> associated with the gateway IP, but it's possible it's related. >> >> When these clients cannot contact things on the Internet, can you ping >> anything else in the 192.168.2.0/24 network on the "wan" side of pfSense?
[NOTE: Please don't top post] > The states are the default 10000 and they are never maxed out. Also, I cannot ping anything on the "wan" side when the disconnects happen Not even the WAN IP of the pfSense box? Jim --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
