Re: [pfSense Support] couple of inquiries regarding pfsense
On Apr 3, 2007, at 12:28 AM, Bassam A. Al-Khaffaf wrote: Dear All, I have a couple of inquiries where I need people who have experience to convey some of their knowledge to me. 1- Does pfsense support 802.1x authentications; I mean does it act as an authenticator for any 802.1x supplicant, in another word, does it allow EAP authentication requests to EAP authentication servers? If you are running from a hard drive install you would need to do the following: - Install the freeradius package - Edit the radius.conf and eap.conf to match your environment - Copy your certificates to the pfsense's file system - Start freeradius. 2- Does pfsense support Group-oriented policy firewall and bandwidth control? I know this works becuase I just finished this setup last night for my wireless network that is now running wpa2-Enterprise. On a side note I wonder how hard it would be to have these options under the radius menu item. -Ron -- Ron Rosson [EMAIL PROTECTED] http://www.oneinsane.net - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Diagnostic ARP Table
Hi I have three statically assigned TiVo's on the pfSense routed LAN with unique ARP's soft defined on the Linux OS they run. The ARP entries appear intermittently in the pfSense Diagnostics ARP table, typically one is shown and the other generally are not, although occassionally 2 may be shown. Is this to be expected or is it indicative of an issue? Kind regards David - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NAT Mapping failure
I have not heard back on this issue. Is this broken? Was it broken on purpose? The destination port range option is now totally missing from the firewall screen. I am trying to add this to a LAN rule. Robert On Monday 02 April 2007 09:35, Robert Goley wrote: > The bug issue is a feature that > is now missing. For the firewall/gateway rules for the LAN interface, you > used to be able to add a rule based on the destination port. That is not > longer on the page. You can use source port but that is useless in most > cases. I need to direct outgoing traffic out different WANs based on the > destination port. This worked in the 11-29-06 version I upgraded from. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Diagnostic ARP Table
Tortise wrote: Hi I have three statically assigned TiVo's on the pfSense routed LAN with unique ARP's soft defined on the Linux OS they run. The ARP entries appear intermittently in the pfSense Diagnostics ARP table, typically one is shown and the other generally are not, although occassionally 2 may be shown. Depends on what they're talking to and when. Things only show up in the ARP table when they have recently communicated to or through the firewall (and at that only if they're on a broadcast domain directly connected to the firewall, but yours obviously are). If you see one not showing up, if you ping the LAN IP or something on the Internet from the box that's not showing up and refresh the page, I'm sure it'll be there. If you do that and it's still not showing up, there may be an issue. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NAT Mapping failure
Robert Goley wrote: I have not heard back on this issue. Is this broken? Was it broken on purpose? The destination port range option is now totally missing from the firewall screen. I am trying to add this to a LAN rule. I'm thoroughly confused, as I'm sure everyone else is as well which is why you didn't get a response. Of course you can still use destination ports in firewall rules, what good would a firewall be without them? Post a link to a screenshot where you're seeing this and maybe you'll get more response. I'd also suggest starting a new thread as this has nothing to do with the original thread you started (which was such a mess of things that people probably have ignored the entire thread). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Can not set destination port for LAN firewall rule.
I am posting 2 screen shots as per Chris's request. You can view them using the urls below. I was able to enter the destination port for outgoing traffic and force it out over specific gateways using policy based Multi-WAN routing. As you can see from these screen shots. There is no place to set the destination port for these rules in the 3-27-2007 snapshot. What am I missing? http://66.135.38.166/download/pub/tmp/pfsense-lan-1.jpg http://66.135.38.166/download/pub/tmp/pfsense-lan-2.jpg Robert - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Can not set destination port for LAN firewall rule.
Change the protocol to tcp or udp. Any does not support destination and source ports. On 4/3/07, Robert Goley <[EMAIL PROTECTED]> wrote: I am posting 2 screen shots as per Chris's request. You can view them using the urls below. I was able to enter the destination port for outgoing traffic and force it out over specific gateways using policy based Multi-WAN routing. As you can see from these screen shots. There is no place to set the destination port for these rules in the 3-27-2007 snapshot. What am I missing? http://66.135.38.166/download/pub/tmp/pfsense-lan-1.jpg http://66.135.38.166/download/pub/tmp/pfsense-lan-2.jpg Robert - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Can not set destination port for LAN firewall rule.
Thanks Scott. It just thru me off when it was not on the screen at all. I guess I expected it to be greyed out. Robert On Tuesday 03 April 2007 13:56, Scott Ullrich wrote: > Change the protocol to tcp or udp. Any does not support destination > and source ports. > > On 4/3/07, Robert Goley <[EMAIL PROTECTED]> wrote: > > I am posting 2 screen shots as per Chris's request. You can view them > > using the urls below. I was able to enter the destination port for > > outgoing traffic and force it out over specific gateways using policy > > based Multi-WAN routing. As you can see from these screen shots. There > > is no place to set the destination port for these rules in the 3-27-2007 > > snapshot. What am I missing? > > > > http://66.135.38.166/download/pub/tmp/pfsense-lan-1.jpg > > http://66.135.38.166/download/pub/tmp/pfsense-lan-2.jpg > > > > > > Robert > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Outbound PPTP Fails... Beating the Dead Horse...
I've searched through the archives regarding this issue and have not found anything definitive. When running a PPTP server in pfSense, I am unable to connect to remote PPTP servers. I've added GRE pass rules to all involved interfaces with no success. So, what is the current status of this? m0n0wall does not have this limitation and I know many people would like this feature to be fixed even though it is the opinion of some that PPTP sucks/is garbage/should be shot/needs to go away/etc... --Tim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
