Re: [pfSense] config.xml livecd
On 3/5/12 9:26 PM, Chris Buechler wrote: > On Mon, Mar 5, 2012 at 10:03 PM, Ugo Bellavance wrote: >> Hi, >> >> I think I lost my config.xml. Well I do have a backup, but I worked like 1 >> hour on the config tonight and I'd like to recover the file. This is what I >> did (I think): >> >> - Install pfsense on the HDD, play with it (and probably make config changes >> - Reboot for some reason and forget that the CD is still in and boot in >> livecd mode >> - Make a lot of changes in the firewall aliases >> - Add vNics and reboot to enable the new nics (what that needed anyway? Is >> there a way to tell pfsense that new nics have been hot-added?) > > FreeBSD doesn't have support for hot-added NICs, I believe that > capability is Windows-only. > > >> - Realize that all my configs are gone :(. >> >> Is there any way to recover the lost config.xml? >> > > If you're running from the live CD without a formatted disk to save > the config, it's strictly in RAM, gone and unrecoverable when you > reboot. > ___ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list > I run my pfSense off the CD but I save my config to a thumb drive. But I wonder, if you were to run pfSense off an hdd would it be an easy thing to have the config file saved to a thumb drive in addition wherever it goes to on the hdd? What I'm getting at is, just slap a thumb drive into any pfSense box as a matter of SOP and you're guaranteed to have at least one backup for you precious, precious rules whether you're using a live CD or hdd installation. Or is that just too much work for such a low probability event? eric ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] config.xml livecd
On Mon, Mar 5, 2012 at 10:03 PM, Ugo Bellavance wrote: > Hi, > > I think I lost my config.xml. Well I do have a backup, but I worked like 1 > hour on the config tonight and I'd like to recover the file. This is what I > did (I think): > > - Install pfsense on the HDD, play with it (and probably make config changes > - Reboot for some reason and forget that the CD is still in and boot in > livecd mode > - Make a lot of changes in the firewall aliases > - Add vNics and reboot to enable the new nics (what that needed anyway? Is > there a way to tell pfsense that new nics have been hot-added?) FreeBSD doesn't have support for hot-added NICs, I believe that capability is Windows-only. > - Realize that all my configs are gone :(. > > Is there any way to recover the lost config.xml? > If you're running from the live CD without a formatted disk to save the config, it's strictly in RAM, gone and unrecoverable when you reboot. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] config.xml livecd
Hi, I think I lost my config.xml. Well I do have a backup, but I worked like 1 hour on the config tonight and I'd like to recover the file. This is what I did (I think): - Install pfsense on the HDD, play with it (and probably make config changes - Reboot for some reason and forget that the CD is still in and boot in livecd mode - Make a lot of changes in the firewall aliases - Add vNics and reboot to enable the new nics (what that needed anyway? Is there a way to tell pfsense that new nics have been hot-added?) - Realize that all my configs are gone :(. Is there any way to recover the lost config.xml? Thanks, Ugo ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] VMWare maximum of 10 vnics
Hi, I'm currently trying to configure pfSense firewall in a VMWare machine. There is apparently a limit of 10 vNICs on Vsphere 5, but I would need this firewall to access 11 networks. Since all the networks in VMWare are already tagged vlans, I don't really how to overcome this limit. Any ideas? Thanks, Ugo ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] odd WAN issue
- Dickie Bradford - schreef: I have a pfsense 2.0.1 -Release (i386) it has dual wans (wan & wan2(opt1)) its been working great, but last night I had to change the ip address and gateway for wan and since this change i cannot route anything out of wan interface, wan2 still works fine. I had had this issue once before and to get around it I just reloaded pfsense and started over but that isnt really an option this time. lan = xl0 (it is down nothing connected to it) wireless_lan = fxp0 wan = fxp1 wan2 = pppoe0 here is some info, Im not sure what log / info is needed to help track this down. -- netstat -nr Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire 4.2.2.175.151.255.86 UGHS0 1364 fxp1 4.2.2.210.11.1.1 UGHS0 8172 pppoe0 10.11.1.1 link#10UH 00 pppoe0 75.146.66.157 10.11.1.1 UGHS0 177702 pppoe0 75.151.255.80/29 link#2 U 0 2920 fxp1 75.151.255.85 link#2 UHS 00lo0 127.0.0.1 link#6 UH 0 1989lo0 141.151.247.218127.0.0.1 UH 00lo0 192.168.40.0/24link#4 U 00xl0 192.168.40.1 link#4 UHS 00lo0 192.168.41.0/24link#1 U 0 319081 fxp0 192.168.41.1 link#1 UHS 00lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%fxp0/64link#1 U fxp0 fe80::203:47ff:fedc:6f08%fxp0 link#1 UHS lo0 fe80::%fxp1/64link#2 U fxp1 fe80::250:8bff:fe66:b63c%fxp1 link#2 UHS lo0 fe80::%fxp2/64link#3 U fxp2 fe80::250:8bff:fe66:b63d%fxp2 link#3 UHS lo0 fe80::%xl0/64 link#4 U xl0 fe80::250:daff:fe80:3b8c%xl0 link#4 UHS lo0 fe80::%lo0/64 link#6 U lo0 fe80::1%lo0 link#6 UHS lo0 fe80::%pppoe0/64 link#10 Upppoe0 fe80::203:47ff:fedc:6f08%pppoe0 link#10 UHS lo0 ff01:1::/32 fe80::203:47ff:fedc:6f08%fxp0 U fxp0 ff01:2::/32 fe80::250:8bff:fe66:b63c%fxp1 U fxp1 ff01:3::/32 fe80::250:8bff:fe66:b63d%fxp2 U fxp2 ff01:4::/32 fe80::250:daff:fe80:3b8c%xl0 U xl0 ff01:6::/32 ::1 U lo0 ff01:a::/32 fe80::203:47ff:fedc:6f08%pppoe0 Upppoe0 ff02::%fxp0/32fe80::203:47ff:fedc:6f08%fxp0 U fxp0 ff02::%fxp1/32fe80::250:8bff:fe66:b63c%fxp1 U fxp1 ff02::%fxp2/32fe80::250:8bff:fe66:b63d%fxp2 U fxp2 ff02::%xl0/32 fe80::250:daff:fe80:3b8c%xl0 U xl0 ff02::%lo0/32 ::1 U lo0 ff02::%pppoe0/32 fe80::203:47ff:fedc:6f08%pppoe0 Upppoe0 - ifconfig fxp0: flags=108843 metric 0 mtu 1500 options=2009 ether 00:03:47:dc:6f:08 inet 192.168.41.1 netmask 0xff00 broadcast 192.168.41.255 inet6 fe80::203:47ff:fedc:6f08%fxp0 prefixlen 64 scopeid 0x1 nd6 options=3 media: Ethernet autoselect (100baseTX ) status: active fxp1: flags=8843 metric 0 mtu 1500 options=8 ether 00:50:8b:66:b6:3c inet6 fe80::250:8bff:fe66:b63c%fxp1 prefixlen 64 scopeid 0x2 inet 75.151.255.85 netmask 0xfff8 broadcast 75.151.255.87 nd6 options=3 media: Ethernet autoselect (100baseTX ) status: active fxp2: flags=8843 metric 0 mtu 1500 options=8 ether 00:50:8b:66:b6:3d inet6 fe80::250:8bff:fe66:b63d%fxp2 prefixlen 64 scopeid 0x3 nd6 options=3 media: Ethernet autoselect (100baseTX ) status: active xl0: flags=8843 metric 0 mtu 1500 options=80009 ether 00:50:da:80:3b:8c inet 192.168.40.1 netmask 0xff00 broadcast 192.168.40.255 inet6 fe80::250:daff:fe80:3b8c%xl0 prefixlen 64 scopeid 0x4 nd6 options=3 media: Ethernet autoselect (none) status: no carrier plip0: flags=88
Re: [pfSense] odd WAN issue
On 05.03.2012 15:21 - Dickie Bradford - wrote: I have a pfsense 2.0.1 -Release (i386) it has dual wans (wan & wan2(opt1)) its been working great, but last night I had to change the ip address and gateway for wan and since this change i cannot route anything out of wan interface, wan2 still works fine. I had had this issue once before and to get around it I just reloaded pfsense and started over but that isnt really an option this time. [...] Please let me know what else I can provide to help track this issue down. Looks like an issue with the arp cache on the switch or router at the WAN interface. A reboot of the attached equipment can resolve the isuue. bye Christoph Thank you Dickie ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] odd WAN issue
I have a pfsense 2.0.1 -Release (i386) it has dual wans (wan & wan2(opt1)) its been working great, but last night I had to change the ip address and gateway for wan and since this change i cannot route anything out of wan interface, wan2 still works fine. I had had this issue once before and to get around it I just reloaded pfsense and started over but that isnt really an option this time. lan = xl0 (it is down nothing connected to it) wireless_lan = fxp0 wan = fxp1 wan2 = pppoe0 here is some info, Im not sure what log / info is needed to help track this down. -- netstat -nr Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire 4.2.2.175.151.255.86 UGHS0 1364 fxp1 4.2.2.210.11.1.1 UGHS0 8172 pppoe0 10.11.1.1 link#10UH 00 pppoe0 75.146.66.157 10.11.1.1 UGHS0 177702 pppoe0 75.151.255.80/29 link#2 U 0 2920 fxp1 75.151.255.85 link#2 UHS 00lo0 127.0.0.1 link#6 UH 0 1989lo0 141.151.247.218127.0.0.1 UH 00lo0 192.168.40.0/24link#4 U 00xl0 192.168.40.1 link#4 UHS 00lo0 192.168.41.0/24link#1 U 0 319081 fxp0 192.168.41.1 link#1 UHS 00lo0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%fxp0/64link#1 U fxp0 fe80::203:47ff:fedc:6f08%fxp0 link#1 UHS lo0 fe80::%fxp1/64link#2 U fxp1 fe80::250:8bff:fe66:b63c%fxp1 link#2 UHS lo0 fe80::%fxp2/64link#3 U fxp2 fe80::250:8bff:fe66:b63d%fxp2 link#3 UHS lo0 fe80::%xl0/64 link#4 U xl0 fe80::250:daff:fe80:3b8c%xl0 link#4 UHS lo0 fe80::%lo0/64 link#6 U lo0 fe80::1%lo0 link#6 UHS lo0 fe80::%pppoe0/64 link#10 U pppoe0 fe80::203:47ff:fedc:6f08%pppoe0 link#10 UHS lo0 ff01:1::/32 fe80::203:47ff:fedc:6f08%fxp0 U fxp0 ff01:2::/32 fe80::250:8bff:fe66:b63c%fxp1 U fxp1 ff01:3::/32 fe80::250:8bff:fe66:b63d%fxp2 U fxp2 ff01:4::/32 fe80::250:daff:fe80:3b8c%xl0 U xl0 ff01:6::/32 ::1 U lo0 ff01:a::/32 fe80::203:47ff:fedc:6f08%pppoe0 Upppoe0 ff02::%fxp0/32fe80::203:47ff:fedc:6f08%fxp0 U fxp0 ff02::%fxp1/32fe80::250:8bff:fe66:b63c%fxp1 U fxp1 ff02::%fxp2/32fe80::250:8bff:fe66:b63d%fxp2 U fxp2 ff02::%xl0/32 fe80::250:daff:fe80:3b8c%xl0 U xl0 ff02::%lo0/32 ::1 U lo0 ff02::%pppoe0/32 fe80::203:47ff:fedc:6f08%pppoe0 Upppoe0 - ifconfig fxp0: flags=108843 metric 0 mtu 1500 options=2009 ether 00:03:47:dc:6f:08 inet 192.168.41.1 netmask 0xff00 broadcast 192.168.41.255 inet6 fe80::203:47ff:fedc:6f08%fxp0 prefixlen 64 scopeid 0x1 nd6 options=3 media: Ethernet autoselect (100baseTX ) status: active fxp1: flags=8843 metric 0 mtu 1500 options=8 ether 00:50:8b:66:b6:3c inet6 fe80::250:8bff:fe66:b63c%fxp1 prefixlen 64 scopeid 0x2 inet 75.151.255.85 netmask 0xfff8 broadcast 75.151.255.87 nd6 options=3 media: Ethernet autoselect (100baseTX ) status: active fxp2: flags=8843 metric 0 mtu 1500 options=8 ether 00:50:8b:66:b6:3d inet6 fe80::250:8bff:fe66:b63d%fxp2 prefixlen 64 scopeid 0x3 nd6 options=3 media: Ethernet autoselect (100baseTX ) status: active xl0: flags=8843 metric 0 mtu 1500 options=80009 ether 00:50:da:80:3b:8c inet 192.168.40.1 netmask 0xff00 broadcast 192.168.40.255 inet6 fe80::250:daff:fe80:3b8c%xl0 prefixlen 64 scopeid 0x4 nd6 options=3 media: Ethernet autoselect (none) status: no carrier plip0: flags=8810 metric 0 mtu 1500 lo0: flags=8049
[pfSense] most powerful wifi card supported by 2.0
hi all, i've been googling the list and have yet to determine what the most powerful b/g/(n) card that is supported -- apparently, the AR9220 chipset is not? would love to have 600mw thanks m ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] FTP error
Open up a few more ports for data transfer in addition to port 21 in /etc/vsftpd/*vsftpd.conf* pasv_enable=YES *pasv_min_port=2360 pasv_max_port=2380* port_enable=YES restart vsftpd service. Next, open up those ports in pfSense, Firewall: NAT: Port Forward [image: Inline image 2] ShiB. while ( ! ( succeed = try() ) ); <>___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] available option?
On Mar 5, 2012 2:27 AM, "Orges Ndrecka" wrote: > > > > Hello, > > I cant find options in PfSense to assign hosts into different groups and assign to each host separately bandwidth limits. I need to know if this option is supported by PfSense in order to continue implement PfSense into my systems. > > > > What I would like to do with PfSense is to group my hosts connected to the LAN port of PfSense and assign bandwidth limits to each group. After that to assign bandwidth limits to each host of the group. > > In the scheme below is an example describing better what I need to get from PfSense; > > > > > Lets assume Group 1 has 3 hosts, I want to assign to this group 3 Mbps/3 Mbps and each of the hosts in the group 256 Kbps/128 Kbps. > > Group 2 has also 3 hosts and I want to assign also to this group 2 Mbps/2 Mbps and to each of the hosts 512 Kbps/256 Kbps. > > > > I have configured WAN and LAN in “bridge” mode. Created limiters for the host groups. Also created rules in WAN and LAN interface respectively for Group 1 and Group 2. And after this I cant find any option how to assign the hosts that I want under each group… > > Is there any possibility for this kind of configuration to be made on PfSense? > > I’ve been using before ALLOT and this was an option available and very suitable for my network, now I want to implement PfSense and I cant find this option or a similar one to offer a solution for this. > > > Please help me on this. > > > > > Many thanks in advance, > > > > Orges Ndrecka > > Tirana, Albania > > > ___ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list > Have you looked at aliases? ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] FTP error
If i remember right alert 220 is ready for the user to submit commands. What do you see in your vsftpd logs? On Mon, Mar 5, 2012 at 6:05 AM, Pankaj Kumar wrote: > 220vsFTPd2.0.7 > > > On Mon, Mar 5, 2012 at 4:09 PM, Pankaj Kumar wrote: > >> I have FTP server behind pfsense 2.0.1 with multiple wan load balancing >> and 2 LAN one for LAN and another for FTP server and WEB Server >> after i have made respective rules for FTP and Web server now problem is >> that i am able to access my web server from public IP but while accessing >> FTP server i am getting an error like "Alert 220 (vsftpd_001)" >> >> Please help me out >> >> Thanks >> >> > > ___ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list > > ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] FTP error
220vsFTPd2.0.7 On Mon, Mar 5, 2012 at 4:09 PM, Pankaj Kumar wrote: > I have FTP server behind pfsense 2.0.1 with multiple wan load balancing > and 2 LAN one for LAN and another for FTP server and WEB Server > after i have made respective rules for FTP and Web server now problem is > that i am able to access my web server from public IP but while accessing > FTP server i am getting an error like "Alert 220 (vsftpd_001)" > > Please help me out > > Thanks > > ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] FTP error
I have FTP server behind pfsense 2.0.1 with multiple wan load balancing and 2 LAN one for LAN and another for FTP server and WEB Server after i have made respective rules for FTP and Web server now problem is that i am able to access my web server from public IP but while accessing FTP server i am getting an error like "Alert 220 (vsftpd_001)" Please help me out Thanks ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] available option?
Hello, I cant find options in PfSense to assign hosts into different groups and assign to each host separately bandwidth limits. I need to know if this option is supported by PfSense in order to continue implement PfSense into my systems. What I would like to do with PfSense is to group my hosts connected to the LAN port of PfSense and assign bandwidth limits to each group. After that to assign bandwidth limits to each host of the group. In the scheme below is an example describing better what I need to get from PfSense; Lets assume Group 1 has 3 hosts, I want to assign to this group 3 Mbps/3 Mbps and each of the hosts in the group 256 Kbps/128 Kbps. Group 2 has also 3 hosts and I want to assign also to this group 2 Mbps/2 Mbps and to each of the hosts 512 Kbps/256 Kbps. I have configured WAN and LAN in "bridge" mode. Created limiters for the host groups. Also created rules in WAN and LAN interface respectively for Group 1 and Group 2. And after this I cant find any option how to assign the hosts that I want under each group. Is there any possibility for this kind of configuration to be made on PfSense? I've been using before ALLOT and this was an option available and very suitable for my network, now I want to implement PfSense and I cant find this option or a similar one to offer a solution for this. Please help me on this. Many thanks in advance, Orges Ndrecka Tirana, Albania <>___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
