Re: [pfSense Support] "user restrictions" features
Neither...releng1, which we haven't stopped creating snapshots of until 1.2 is released since we got tired of people pulling down the wrong snap. You'll need to build your own updates from a dev iso install for now. --Bill On 8/7/07, David L. Strout <[EMAIL PROTECTED]> wrote: > > Is this the FeeBSD6 or 7 head ISO that I should use? > > > - Original Message - > > Subject: Re: [pfSense Support] "user restrictions" features > > From: Bill Marquette <[EMAIL PROTECTED]> > > To: support@pfsense.com > > Date: 07-08-2007 7:56 pm > > > > > > Is it in : > > /FreeBSD7/head/iso/ > > or > > /FreeBSD6/head/iso/ > > > > > > - Original Message - /> > > Subject: Re: [pfSense Support] \"user > restrictions\" features > > From: Bill Marquette > <[EMAIL PROTECTED]> > > To: support@pfsense.com > > Date: 07-08-2007 7:56 pm > > > > > > RELENG_1. This won't show up in 1.2. > > > > --Bill > > > > On 8/7/07, David L. Strout <[EMAIL PROTECTED]> wrote: > > > > > > > > > Everyone, > > > > > > I see that BillM has been doing some work on the login page > according to > > > tickets I see in the timeline ... my question ... what is the best > branch to > > > test the "user restrictions" features on?? > > > > > > FBSD6 or 7, RELENG1 or 1_2 or HEAD??? > > > > > > I just want to test on the one that is getting the most work done on > it. > > > > > > Regards, > > > > - /> > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > RELENG_1. This won't show up in 1.2. > > > > --Bill > > > > On 8/7/07, David L. Strout <[EMAIL PROTECTED]> wrote: > > > > > > > > > Everyone, > > > > > > I see that BillM has been doing some work on the login page according > to > > > tickets I see in the timeline ... my question ... what is the best > branch to > > > test the "user restrictions" features on?? > > > > > > FBSD6 or 7, RELENG1 or 1_2 or HEAD??? > > > > > > I just want to test on the one that is getting the most work done on it. > > > > > > Regards, > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] "user restrictions" features
Is this the FeeBSD6 or 7 head ISO that I should use? > - Original Message - > Subject: Re: [pfSense Support] "user restrictions" features > From: Bill Marquette <[EMAIL PROTECTED]> > To: support@pfsense.com > Date: 07-08-2007 7:56 pm > > > Is it in : > /FreeBSD7/head/iso/ > or > /FreeBSD6/head/iso/ > > > - Original Message - > Subject: Re: [pfSense Support] \"user restrictions\" features > From: Bill Marquette <[EMAIL PROTECTED]> > To: support@pfsense.com > Date: 07-08-2007 7:56 pm > > > RELENG_1. This won't show up in 1.2. > > --Bill > > On 8/7/07, David L. Strout <[EMAIL PROTECTED]> wrote: > > > > > > Everyone, > > > > I see that BillM has been doing some work on the login page according to > > tickets I see in the timeline ... my question ... what is the best branch to > > test the "user restrictions" features on?? > > > > FBSD6 or 7, RELENG1 or 1_2 or HEAD??? > > > > I just want to test on the one that is getting the most work done on it. > > > > Regards, > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > RELENG_1. This won't show up in 1.2. > > --Bill > > On 8/7/07, David L. Strout <[EMAIL PROTECTED]> wrote: > > > > > > Everyone, > > > > I see that BillM has been doing some work on the login page according to > > tickets I see in the timeline ... my question ... what is the best branch to > > test the "user restrictions" features on?? > > > > FBSD6 or 7, RELENG1 or 1_2 or HEAD??? > > > > I just want to test on the one that is getting the most work done on it. > > > > Regards, > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] "user restrictions" features
RELENG_1. This won't show up in 1.2. --Bill On 8/7/07, David L. Strout <[EMAIL PROTECTED]> wrote: > > > Everyone, > > I see that BillM has been doing some work on the login page according to > tickets I see in the timeline ... my question ... what is the best branch to > test the "user restrictions" features on?? > > FBSD6 or 7, RELENG1 or 1_2 or HEAD??? > > I just want to test on the one that is getting the most work done on it. > > Regards, - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] "user restrictions" features
Everyone, I see that BillM has been doing some work on the login page according to tickets I see in the timeline ... my question ... what is the best branch to test the "user restrictions" features on?? FBSD6 or 7, RELENG1 or 1_2 or HEAD??? I just want to test on the one that is getting the most work done on it. Regards,
Re: [pfSense Support] open vpn ruleset?
Paul M wrote: I'd still like to know how to set up rules to control the vpn client access. You can't yet (it's on the improvements wish list hopefully for the 1.3 release). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] open vpn ruleset?
Paul M wrote: > I rebooted pfsense because I'd been doing a lot of hacking about, and > tried again.. no better luck but now when I ping on linux box I get this > appearing from tcpdump on pfsense: > > 13:23:40.596976 IP15 bad-len 0 > 13:23:41.751325 IP15 [|ip] > 13:23:51.400179 IP15 [|ip] I turned up debugging on the linux box and saw a different error, and realised that I'd got LZO turned on at the linux end but not the pfsense end and it now works. I'd still like to know how to set up rules to control the vpn client access. thanks for your time in reading this. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] open vpn ruleset?
Paul M wrote: > I've been able to establish an open vpn tunnel between a pfsense > 10.2-rc1 machine at work and my linux box at home (which uses an ADSL > modem/bridge and has a static IP). > 10.0.0.0/24--lan--PFSENSE ~~~ LINUX--lan--192.168.0.0/24 ... > If I run "tcpdump -i tun0" at each end and ping the other, I can see the > icmp packets leave but nothing coming back; I have made sure my linux (snipped lots of previous commentary). I rebooted pfsense because I'd been doing a lot of hacking about, and tried again.. no better luck but now when I ping on linux box I get this appearing from tcpdump on pfsense: 13:23:40.596976 IP15 bad-len 0 13:23:41.751325 IP15 [|ip] 13:23:51.400179 IP15 [|ip] At one point I did have at least ping working, but couldn't pass traffic, and then I changed it because my network settings weren't right for the environment. Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] open vpn ruleset?
Hi, thanks for reading this I've been able to establish an open vpn tunnel between a pfsense 10.2-rc1 machine at work and my linux box at home (which uses an ADSL modem/bridge and has a static IP). 10.0.0.0/24--lan--PFSENSE ~~~ LINUX--lan--192.168.0.0/24 the openvpn server settings on pfsense are to have a On pfsense I see this interface: tun0: flags=8051 mtu 1500 inet6 fe80::21b:21ff:fe01:245a%tun0 prefixlen 64 scopeid 0x16 inet 10.50.102.1 --> 10.50.102.2 netmask 0x Opened by PID 11694 and this route: 192.168.29 10.50.102.2UGS 06 tun0 but when I try and ping the local tunnel I get an error... # ping 10.50.102.1 PING 10.50.102.1 (10.50.102.1): 56 data bytes ping: sendto: No buffer space available - On linux box I see this: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.50.102.2 P-t-P:10.50.102.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:38 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 b) TX bytes:3192 (3.1 Kb) and I see this route in my table: 10.0.0.010.50.102.1 255.255.255.0 UG0 00 tun0 - If I run "tcpdump -i tun0" at each end and ping the other, I can see the icmp packets leave but nothing coming back; I have made sure my linux box. If on my linux box I ping a node at work LAN I see the ping going into tun0, no reply, and likewise if on the pfsense box I ping the LAN address on my machine at home it too goes down the tunnel. My questions are this. 1/ how can I find out why the tunnel isn't passing traffic 2/ how do I define firewalling rules on the pfsense box to determine what the openvpn clients can access? Although I can add a rule and specify the interface as WAN,LAN,PPTP,PPOE,IPSEC or my sync and DMZ interfaces, there doesn't appear to be an option for openvpn clients; if I do create a rule for ipsec it "disappears", as there's no tab for that "interface". thanks very much Paul - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] How to make 40 pfsense platforms refer to an external Login Page
Hi Scott, Thanks for your response. This exactly what I want. How could you help in solving my problem, what code adding and changes are needed to be done on PFSense platform in server the clients with a central login page hosted on one of my servers? Your help and support is much appreciated Regards Bassam >-Original Message- >From: Scott Ullrich [mailto:[EMAIL PROTECTED] >Sent: Tuesday, August 07, 2007 1:07 AM >To: support@pfsense.com >Subject: Re: [pfSense Support] How to make 40 pfsense platforms refer to an >external Login Page > >On 7/29/07, Bassam A. Al-Khaffaf <[EMAIL PROTECTED]> wrote: >> Dear All, >> >>I have recently deployed a 40 PFSense platforms in one of the >university >> campuses to enable staff and students to access Internet and other >resources >> on the WAN side through wired and Wi-Fi. I have ported a customized login >> page that contains some logos and advertisements. Unfortunately, every >time >> I need to add new information to the login page I need to update the >entire >> deployed platform, and this is really a tedious and boring operation. >> >> >> >> I wonder if there is a possibility to make pfsense refers to an external >> login page hosted on a web server that eases my life of doing such >> operation. >> >> >> >> If there is no such thing in pfsense at the moment, is there any plan in >the >> future to make pfsense refers to an external login page? > >I would redirect to a central login page that is served from one of >your servers. While redirecting pass the server ip address and port >that you need to post to from the central server. Then you can serve >out a master page that knows where to post against when >authenticating, etc. > >I am available via contract work if you need further assistance with this. > >Scott > >- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > > >-- >No virus found in this incoming message. >Checked by AVG Free Edition. >Version: 7.5.476 / Virus Database: 269.11.8/940 - Release Date: 8/6/2007 >4:53 PM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]