Re: [pfSense-discussion] setup network with pfsense posebility's

[sai]

On 11/13/06, Sjaak Nabuurs [EMAIL PROTECTED] wrote:

Hello


My wishes are.
On LAN :
1) Traffic shaping for desktop users limit the upload/download to have
allways B/W for the servers.


pfSense can only do bandwidth shaping on 2 interfaces. So WAN-LAN
shaping may work for you if you limit the max bandwidth leaving
something for the servers always.


2) Block some websites (my boss wishlist :-( ) create a blacklist so
desktop users can't visit some websites.


Not a good idea to block ip addresses (its ineffective), but you can
install the squid package on pfSense and that would allow you to block
urls.


3) VPN from WAN to our companys windows server within de desktops network.


You can VPN to the whole LAN.


sai

Re: [pfSense-discussion] NAT on tun0 used with OpenVPN

[Scott Ullrich]

On 11/13/06, Stefan Tunsch [EMAIL PROTECTED] wrote:

The problem is that push route options need to be established on both sides
of the tunnel.
If I establish them only on one side, routing does not happen.

Can you please confirm me that there is no way to route traffic from a local
network through the OpenVPN client on pfSense and back if push options
aren't established on both sides?


Let me preface by saying I don't know much of anything about OpenVPN
but after speaking with the author of the OpenVPN GUI code, here is
his reply:

Can you please confirm me that there is no way to route traffic from a
local network through the OpenVPN client on pfSense and back if push
options aren't established on both sides?

To route traffic from a local network through the OpenVPN client, you
can use a simple route in custom commands, for example. To push a
route through the OpenVPN server, well, just push it, it should work as
long as your client accepts pushes.

Scott