On Fri, Oct 2, 2009 at 7:33 AM, Chris Buechler wrote:
> On Fri, Oct 2, 2009 at 1:25 AM, Nathan Eisenberg
> wrote:
>> Hey,
>> I've not had this problem before - I have a PFSense firewall with a lot of
>> 1:1 NATs. For almost every outbound connection, the traffic seems to
>> originate from the
> -Original Message-
> From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of
> Chris Buechler
> Sent: Thursday, October 01, 2009 10:34 PM
> To: support@pfsense.com
> Subject: Re: [pfSense Support] Wierd issue with 1:1 NAT
>
>
> Using Squid?
> http://doc.pfsense.org/index.php
On Fri, Oct 2, 2009 at 1:25 AM, Nathan Eisenberg
wrote:
> Hey,
>
> I've not had this problem before - I have a PFSense firewall with a lot of
> 1:1 NATs. For almost every outbound connection, the traffic seems to
> originate from the correct IP. For example, if I SSH from behind the
> firewal
Hey,
I've not had this problem before - I have a PFSense firewall with a lot of 1:1
NATs. For almost every outbound connection, the traffic seems to originate
from the correct IP. For example, if I SSH from behind the firewall to a
server outside of the firewall, and then use 'last', I see th
On Fri, Oct 2, 2009 at 1:06 AM, Jim Pingle wrote:
>
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{GUID}
>
> "DhcpConnForceBroadcastFlag"=dword:
>
> On my laptop this is set to 1, and it still works for me. I've even
> plugged directly into my ALIX with
apiase...@midatlanticbb.com wrote:
> I'm wondering if a patch was added to windows update at some point to
> fix the problem. Is your Vista totally updated?
Just this week I've had my hands on several fully patched Vista machines
(including my laptop) as well as two other laptops -- one with Vista
Tim Dickson wrote:
On Thu, Oct 1, 2009 at 6:07 PM, Jim Pingle wrote:
Chris Buechler wrote:
On Thu, Oct 1, 2009 at 4:10 PM, Curtis LaMasters
wrote:
I've searched around and read about others with this issue. Basically
I have 5 different Vista laptops that cannot get a DHCP add
On Thu, Oct 1, 2009 at 6:07 PM, Jim Pingle wrote:
> Chris Buechler wrote:
>> On Thu, Oct 1, 2009 at 4:10 PM, Curtis LaMasters
>> wrote:
>>> I've searched around and read about others with this issue. Basically
>>> I have 5 different Vista laptops that cannot get a DHCP address unless
>>> I modi
apiase...@midatlanticbb.com wrote:
> In one situation we had a HP procurve switch installed. We had tons of
> complaints that vista would not work but XP would. We replaced it with a
> Cisco 2950 and the complaints stopped. I have no idea why that would
> cause it to work. I have just come to belie
Chris Buechler wrote:
On Thu, Oct 1, 2009 at 6:07 PM, Jim Pingle wrote:
Chris Buechler wrote:
On Thu, Oct 1, 2009 at 4:10 PM, Curtis LaMasters
wrote:
I've searched around and read about others with this issue. Basically
I have 5 different Vista laptops that cannot get a DHCP
> -Original Message-
> From: Chris Buechler [mailto:cbuech...@gmail.com]
> Sent: Thursday, October 01, 2009 4:24 PM
> To: support@pfsense.com
> Subject: Re: [pfSense Support] Load Balanced Passive FTP?
>
> Oh, for inbound load balancing, I thought you meant outbound. No, no
> way to do tha
On 9/22/09 8:07 PM, Morgan Reed wrote:
On Wed, Sep 23, 2009 at 10:26, Luke Jaeger wrote:
Are there any known issues with quad NIC cards on a pfSense box?
Should be fine, your average (decent) quad NIC is a PCI(express)
bridge on a card with what essentially amounts to 4 individual ne
On Thu, Oct 1, 2009 at 7:02 PM, Nathan Eisenberg
wrote:
>
>> -Original Message-
>> From: Chris Buechler [mailto:cbuech...@gmail.com]
>> Sent: Thursday, October 01, 2009 2:58 PM
>> To: support@pfsense.com
>> Subject: Re: [pfSense Support] Load Balanced Passive FTP?
>>
>> On Thu, Oct 1, 2009
> -Original Message-
> From: Chris Buechler [mailto:cbuech...@gmail.com]
> Sent: Thursday, October 01, 2009 2:58 PM
> To: support@pfsense.com
> Subject: Re: [pfSense Support] Load Balanced Passive FTP?
>
> On Thu, Oct 1, 2009 at 4:57 PM, Nathan Eisenberg
> wrote:
> > Is there a way to lo
On Thu, Oct 1, 2009 at 6:07 PM, Jim Pingle wrote:
> Chris Buechler wrote:
>> On Thu, Oct 1, 2009 at 4:10 PM, Curtis LaMasters
>> wrote:
>>> I've searched around and read about others with this issue. Basically
>>> I have 5 different Vista laptops that cannot get a DHCP address unless
>>> I modif
Chris Buechler wrote:
> On Thu, Oct 1, 2009 at 4:10 PM, Curtis LaMasters
> wrote:
>> I've searched around and read about others with this issue. Basically
>> I have 5 different Vista laptops that cannot get a DHCP address unless
>> I modify the registry and disable a broadcast setting. Does anyb
On Thu, Oct 1, 2009 at 4:57 PM, Nathan Eisenberg
wrote:
> Is there a way to load balance a range of ports with one rule?
Same way you load balance one port. Create a rule that specifies the range.
-
To unsubscribe, e-mail: suppo
On Thu, Oct 1, 2009 at 4:10 PM, Curtis LaMasters
wrote:
> I've searched around and read about others with this issue. Basically
> I have 5 different Vista laptops that cannot get a DHCP address unless
> I modify the registry and disable a broadcast setting. Does anybody
> have a solution to this
Curtis LaMasters wrote:
> I've searched around and read about others with this issue. Basically
> I have 5 different Vista laptops that cannot get a DHCP address unless
> I modify the registry and disable a broadcast setting. Does anybody
> have a solution to this that would prevent me from havin
On Thu, Oct 1, 2009 at 3:57 PM, Nathan Eisenberg
wrote:
> Is there a way to load balance a range of ports with one rule? For example,
> I have a 100 port passive FTP range defined. Do I have to create 100 load
> balancer rules?
>
> 1.2.3
>
> Best Regards,
> Nathan Eisenberg
> Sr. Systems Admin
Is there a way to load balance a range of ports with one rule? For example, I
have a 100 port passive FTP range defined. Do I have to create 100 load
balancer rules?
1.2.3
Best Regards,
Nathan Eisenberg
Sr. Systems Administrator - Atlas Networks, LLC
office: 206.577.3078 | suncadia: 206.210.5
I've searched around and read about others with this issue. Basically
I have 5 different Vista laptops that cannot get a DHCP address unless
I modify the registry and disable a broadcast setting. Does anybody
have a solution to this that would prevent me from having to touch
each workstation? Th
Vick Khera wrote:
On Thu, Oct 1, 2009 at 1:41 PM, Evgeny Yurchenko wrote:
I do not believe pftpx has setting this. I would disable ftp-helper on WAN
and use NAT port-forwarding top you FreeBSD ftp-server (I use pfSense in
this way).
How portable is this to various ftp clients? I've d
I apologize top posting on my previous message. I was on the run with
a mobile device.
Regards,
Nikos
Walking with Zimbra mobile
...using iPhone
Zaharioudakis Nikos
+30 694 720 40 63
-
To unsubscribe, e-ma
Hi
I personally think that FTP could never pass the pci criteria as the
transmission has no encryption and the "anonymous" does not comply
anyway. (you always need that user authentication so as to log who
tried/ succeeded etc)
So sftp is perhaps your best alternative . Maybe you play with
It works fine if you set everything up properly, but since many
clients will use passive mode by default to get through NAT, you will
need to forward a port range for passive mode use and configure your
FTP server to use that port range.
Unfortunately, as far as I know there's no (easy, any
On Thu, Oct 1, 2009 at 1:41 PM, Evgeny Yurchenko wrote:
> I do not believe pftpx has setting this. I would disable ftp-helper on WAN
> and use NAT port-forwarding top you FreeBSD ftp-server (I use pfSense in
> this way).
How portable is this to various ftp clients? I've done this in the
past but
On Thu, Oct 1, 2009 at 1:25 PM, Chris Buechler wrote:
> There's quite a bit of irony in using FTP yet wanting to be PCI compliant.
>
I suppose to some extent. However, it is the ideal tool for the job
of collecting large data files from arbitrary customers who do not
have their own servers, and
Vick Khera wrote:
I'm trying to figure out how to make my ftp service pass the PCI
security compliance (we take credit cards, so need the compliance). I
have pfSense 1.2.2 running the ftp proxy to my internal box, which is
a FreeBSD 7.2 server running the stock ftpd.
A probe from the outside lo
On Thu, Oct 1, 2009 at 10:41 AM, Vick Khera wrote:
> I'm trying to figure out how to make my ftp service pass the PCI
> security compliance (we take credit cards, so need the compliance). I
> have pfSense 1.2.2 running the ftp proxy to my internal box, which is
> a FreeBSD 7.2 server running the
On Thu, 2009-10-01 at 08:18 -0600, David Burgess wrote:
> On Thu, Oct 1, 2009 at 7:57 AM, Jim Pingle wrote:
> > mayak chunder-qwern wrote:
> >> hi all,
> >>
> >> any reason (or what can i look at) to see why squid transparent proxying
> >> is heavily slowing web access ... (w/out proxy, dell.fr ta
I'm trying to figure out how to make my ftp service pass the PCI
security compliance (we take credit cards, so need the compliance). I
have pfSense 1.2.2 running the ftp proxy to my internal box, which is
a FreeBSD 7.2 server running the stock ftpd.
A probe from the outside looks like this:
>tel
On Thu, Oct 1, 2009 at 7:57 AM, Jim Pingle wrote:
> mayak chunder-qwern wrote:
>> hi all,
>>
>> any reason (or what can i look at) to see why squid transparent proxying
>> is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs,
>> with proxy, dell.fr takes 20+ or more)
My connect
mayak chunder-qwern wrote:
> hi all,
>
> any reason (or what can i look at) to see why squid transparent proxying
> is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs,
> with proxy, dell.fr takes 20+ or more)
>
> running latest stable version in a vmware virtual machine with n
On Thu, 2009-10-01 at 14:02 +0100, Paul Mansfield wrote:
>
> I assume you're retyping the config rather than giving us
> "grep -v ^# squid.conf"
>
> you sure the cache size 1500 is 1500MB and not 1500KB? is it using
> sufficient disk space? if the disk cache is too small it'll be pointless
> ha
Why are captive portal accounts automatically deleted when they expire?
To my mind, it would be more useful if they were left in place, expired,
so that to re-enable them for the admin person was an easy task of just
choosing a new expiry date.
As it is, when we have a user pay again for their I
I assume you're retyping the config rather than giving us
"grep -v ^# squid.conf"
you sure the cache size 1500 is 1500MB and not 1500KB? is it using
sufficient disk space? if the disk cache is too small it'll be pointless
having it.
also, have you turned logging level up too far, if you log
On Thu, 2009-10-01 at 10:33 +0100, Paul Mansfield wrote:
> On 01/10/09 08:38, mayak chunder-qwern wrote:
> > hi all,
> >
> > any reason (or what can i look at) to see why squid transparent proxying
> > is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs,
> > with proxy, dell.fr t
On Thu, Oct 1, 2009 at 17:38, mayak chunder-qwern wrote:
> any reason (or what can i look at) to see why squid transparent proxying
> is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs,
> with proxy, dell.fr takes 20+ or more)
Are you using Squid for caching? If you are your c
On 01/10/09 08:38, mayak chunder-qwern wrote:
hi all,
any reason (or what can i look at) to see why squid transparent proxying
is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs,
with proxy, dell.fr takes 20+ or more)
have you restricted the amount of memory squid can use?
check your cache management settings...i guess there something wrong with
cache...check on which interface your squid is listening...it should be LAN
interface.
On Thu, Oct 1, 2009 at 1:18 PM, mayak chunder-qwern wrote:
> On Thu, 2009-10-01 at 13:06 +0500, Abdulrehman wrote:
> > Simply bypass thi
On Wed, Sep 30, 2009 at 11:48 PM, Evgeny Yurchenko wrote:
> Scott Ullrich wrote:
>>
>> On Wed, Sep 30, 2009 at 5:27 PM, Evgeny Yurchenko
>> wrote:
>>
>>>
>>> Well, I am sorry for confusion... but could you please confirm that this
>>> is
>>> from 2.0 filter.inc, starting at line 1961:
>>>
On Thu, 2009-10-01 at 13:06 +0500, Abdulrehman wrote:
> Simply bypass this website from squid..make your squid to do not cache
> any content of this site...
> Regards
> Abdulrehman
i should have been more specific -- all web traffic is slowed, i just
gave dell.fr as an example ...
cheers
mcq
Simply bypass this website from squid..make your squid to do not cache any
content of this site...
On Thu, Oct 1, 2009 at 12:38 PM, mayak chunder-qwern
wrote:
> hi all,
>
> any reason (or what can i look at) to see why squid transparent proxying
> is heavily slowing web access ... (w/out proxy, d
hi all,
any reason (or what can i look at) to see why squid transparent proxying
is heavily slowing web access ... (w/out proxy, dell.fr takes 3-5 secs,
with proxy, dell.fr takes 20+ or more)
running latest stable version in a vmware virtual machine with nice
hardware.
thanks
mcq
45 matches
Mail list logo