Re: [pfSense] VPN client

2015-12-15 Thread Volker Kuhlmann 
On Fri 11 Dec 2015 07:56:46 NZDT +1300, Robert Obrinsky wrote:

> To me, it sounds like you want a fully meshed VPN solution and you
> should be able to set that up.

How about ssltunnel for point-to-point connections between LANs? The
number of tunnels would not reduce if you need to access all by all, but
your redundancy might be easier and it seems a bit overkill to run an
openVPN server with all the routing capabilities when a simple encrypted
connection would do.

Volker

-- 
Volker Kuhlmann is list0570 with the domain in header.
http://volker.top.geek.nz/  Please do not CC list postings to me.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Lost limiter config after upgrade

2015-12-15 Thread Chris L 
Yeah there’s a difference between the upgrade fails and the upgraded system 
just doesn’t work with limiters.

It seems either traffic just doesn’t flow or limiters don’t limit.

I am really looking forward to this being fixed. Until then, 2.1.5 rules the 
roost.

It’s a pretty sad state.

> On Dec 14, 2015, at 8:26 AM, Ryan Clough  wrote:
> 
> Might also depend on how the limiters are being used and how the rest of
> the router is configured. I have been up against this bug for at least six
> months:
> https://redmine.pfsense.org/issues/4326
> 
> ___
> ¯\_(ツ)_/¯
> Ryan Clough
> Information Systems
> Decision Sciences International Corporation
> 
> 
> 
> On Sun, Dec 13, 2015 at 5:29 PM, ED Fochler 
> wrote:
> 
>> Limiters work on 2.2.4, I’m using them.  But I didn’t upgrade, I created
>> the limiters on 2.2.4.  Are you asking if limiters work?  Or are you just
>> noting that they don’t cleanly upgrade?  If you create them through the GUI
>> and link them in with the firewall rules, do they work now?
>> 
>>ED.
>> 
>>> On 2015, Dec 12, at 1:43 PM, Ugo Bellavance  wrote:
>>> 
>>> Hi,
>>> 
>>> We upgraded from 2.0.1-RELEASE to 2.2.4-RELEASE and the limiter that
>> worked on 2.0.1 stopped working.  This limiter (and sub-limiters) is
>> located on an inside interface and its role is to limit the traffic that
>> can come in.  This firewall is at a remote site and we replicate backups
>> there.  We use this limiter because the bandwidth at the remote site is
>> higher than at our main site.  Using this limiter avoids saturating our
>> main site's WAN link and cause slowdowns.
>>> 
>>> Looking at the config diffs, it looks like the  tags have
>> changed during the upgrade.  It looked like ?1 and ?2 and now it looks like
>> labels.  Also, the  tag seem to include more stuff now.
>>> 
>>> It was 28 and now it looks like
>>>  
>>>  
>>>  28
>>>  Mb
>>>  none
>>>  
>>>  
>>> 
>>> 
>>> Thanks,
>>> 
>>> Ugo
>>> 
>>> ___
>>> pfSense mailing list
>>> https://lists.pfsense.org/mailman/listinfo/list
>>> Support the project with Gold! https://pfsense.org/gold
>> 
>> ___
>> pfSense mailing list
>> https://lists.pfsense.org/mailman/listinfo/list
>> Support the project with Gold! https://pfsense.org/gold
>> 
> 
> -- 
> This email and its contents are confidential. If you are not the intended 
> recipient, please do not disclose or use the information within this email 
> or its attachments. If you have received this email in error, please report 
> the error to the sender by return email and delete this communication from 
> your records.
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] php logging settings broken

2015-12-15 Thread Nick Upson 
I'm getting this problem, only with version 2.2.5

https://redmine.pfsense.org/issues/4520

I had turned up the debug level on some items now I can't get them back to
'Control'

Nick Upson, Telensa Ltd, Senior Operations Network Engineer
direct +44 (0) 1799 533252, support hotline +44 (0) 1799 399200
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Best automated configuration backup options for 2.1.5?

2015-12-15 Thread Vick Khera 
Here's my config file backup script bits for pfSense:

curl -k -c ${COOKIEFILE} -d
"login=Login=admin=$FWPASS"
https://${FWHOST}/diag_backup.php
curl -k -b ${COOKIEFILE} -d "Submit=download=checked"
-o config-${FWHOST}.xml https://${FWHOST}/diag_backup.php

where COOKIEFILE is some secure temp file name. the rest of the
variables should be obvious.

As I recall, this works for 2.0 and up. Definitely works for the most
current release.

On Mon, Dec 14, 2015 at 4:14 PM, Volker Kuhlmann  wrote:
> The configuration is stored in a single file I thought.
> rsync, ssh, and cron should take care of that easily.
>
> If you pull it from the pfsense box you could create a new,
> unpriviledged user with read access to a copy of the ocnfig file. That
> way your backup system doesn't need to know the firewall's main
> password.
>
> Volker
>
> --
> Volker Kuhlmann is list0570 with the domain in header.
> http://volker.top.geek.nz/  Please do not CC list postings to me.
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold