Re: [pfSense Support] Diagnostic ARP Table
Thanks Chris You are of course correct, pinging pfsense makes them appear. What is the timeout period? Kind regards David - Original Message - From: "Chris Buechler" <[EMAIL PROTECTED]> To: Sent: Wednesday, April 04, 2007 4:18 AM Subject: Re: [pfSense Support] Diagnostic ARP Table Tortise wrote: > Hi > > I have three statically assigned TiVo's on the pfSense routed LAN with unique > ARP's soft defined on the Linux OS they run. > > The ARP entries appear intermittently in the pfSense Diagnostics ARP table, > typically one is shown and the other generally are > not, > although occassionally 2 may be shown. > Depends on what they're talking to and when. Things only show up in the ARP table when they have recently communicated to or through the firewall (and at that only if they're on a broadcast domain directly connected to the firewall, but yours obviously are). If you see one not showing up, if you ping the LAN IP or something on the Internet from the box that's not showing up and refresh the page, I'm sure it'll be there. If you do that and it's still not showing up, there may be an issue. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse...
It's a known bug in pf (not pfsense) As long as this is not corrected in pf/freebsd, the devs will not be able to correct this in pfsense... -Ursprüngliche Nachricht- Von: Tim Nelson [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 4. April 2007 03:54 An: support@pfsense.com Betreff: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse... I've searched through the archives regarding this issue and have not found anything definitive. When running a PPTP server in pfSense, I am unable to connect to remote PPTP servers. I've added GRE pass rules to all involved interfaces with no success. So, what is the current status of this? m0n0wall does not have this limitation and I know many people would like this feature to be fixed even though it is the opinion of some that PPTP sucks/is garbage/should be shot/needs to go away/etc... --Tim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse...
In the pfSense forums, it appears there are kernel patches available that will fix this issue but no one cares to do it: http://forum.pfsense.org/index.php/topic,1383.0.html In fact, it was Mr. Ullrich himself that made the comment regarding that. --Tim Fuchs, Martin wrote: It's a known bug in pf (not pfsense) As long as this is not corrected in pf/freebsd, the devs will not be able to correct this in pfsense... -Ursprüngliche Nachricht- Von: Tim Nelson [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 4. April 2007 03:54 An: support@pfsense.com Betreff: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse... I've searched through the archives regarding this issue and have not found anything definitive. When running a PPTP server in pfSense, I am unable to connect to remote PPTP servers. I've added GRE pass rules to all involved interfaces with no success. So, what is the current status of this? m0n0wall does not have this limitation and I know many people would like this feature to be fixed even though it is the opinion of some that PPTP sucks/is garbage/should be shot/needs to go away/etc... --Tim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse...
You can't imagine how much time we already spent on testing/debugging/working on PPTP. We even have been working with the Author of the frickin pptp proxy on this and created a package to make pptp between the same public endpoints possible. It's simply broken and the issue is freebsd/pf related. We already sent all infomration regarding tests/logs to the freebsd lists. Current state: it's broken and we can't fix it at our end without support by the freebsd developers (and actually it seems nobody is interested in fixing it). Holger > -Original Message- > From: Tim Nelson [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 04, 2007 2:37 PM > To: support@pfsense.com > Subject: Re: AW: [pfSense Support] Outbound PPTP Fails... > Beating the Dead Horse... > > In the pfSense forums, it appears there are kernel patches > available that will fix this issue but no one cares to do it: > > http://forum.pfsense.org/index.php/topic,1383.0.html > > In fact, it was Mr. Ullrich himself that made the comment > regarding that. > > --Tim > > Fuchs, Martin wrote: > > It's a known bug in pf (not pfsense) > > > > As long as this is not corrected in pf/freebsd, the devs > will not be able to correct this in pfsense... > > > > -Ursprüngliche Nachricht- > > Von: Tim Nelson [mailto:[EMAIL PROTECTED] > > Gesendet: Mittwoch, 4. April 2007 03:54 > > An: support@pfsense.com > > Betreff: [pfSense Support] Outbound PPTP Fails... Beating > the Dead Horse... > > > > I've searched through the archives regarding this issue and > have not > > found anything definitive. When running a PPTP server in > pfSense, I am > > unable to connect to remote PPTP servers. I've added GRE > pass rules to > > all involved interfaces with no success. > > > > So, what is the current status of this? m0n0wall does not have this > > limitation and I know many people would like this feature > to be fixed > > even though it is the opinion of some that PPTP sucks/is > > garbage/should be shot/needs to go away/etc... > > > > --Tim > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] For > additional > > commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] For > additional > > commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] For > additional commands, e-mail: [EMAIL PROTECTED] > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Diagnostic ARP Table
Tortise wrote: Thanks Chris You are of course correct, pinging pfsense makes them appear. What is the timeout period? 20 minutes. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse...
What VPN options do people use in a situation where PPTP is run locally and they need to VPN out using PPTP? Is the general solution to use OpenVPN? Has there been any thought in putting L2TP support into pfSense, assuming that would be a replacement to PPTP? --Tim Nelson Holger Bauer wrote: You can't imagine how much time we already spent on testing/debugging/working on PPTP. We even have been working with the Author of the frickin pptp proxy on this and created a package to make pptp between the same public endpoints possible. It's simply broken and the issue is freebsd/pf related. We already sent all infomration regarding tests/logs to the freebsd lists. Current state: it's broken and we can't fix it at our end without support by the freebsd developers (and actually it seems nobody is interested in fixing it). Holger -Original Message- From: Tim Nelson [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2007 2:37 PM To: support@pfsense.com Subject: Re: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse... In the pfSense forums, it appears there are kernel patches available that will fix this issue but no one cares to do it: http://forum.pfsense.org/index.php/topic,1383.0.html In fact, it was Mr. Ullrich himself that made the comment regarding that. --Tim Fuchs, Martin wrote: It's a known bug in pf (not pfsense) As long as this is not corrected in pf/freebsd, the devs will not be able to correct this in pfsense... -Ursprüngliche Nachricht- Von: Tim Nelson [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 4. April 2007 03:54 An: support@pfsense.com Betreff: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse... I've searched through the archives regarding this issue and have not found anything definitive. When running a PPTP server in pfSense, I am unable to connect to remote PPTP servers. I've added GRE pass rules to all involved interfaces with no success. So, what is the current status of this? m0n0wall does not have this limitation and I know many people would like this feature to be fixed even though it is the opinion of some that PPTP sucks/is garbage/should be shot/needs to go away/etc... --Tim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] smime.p7s Description: S/MIME Cryptographic Signature
Re: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse...
On 4/4/07, Tim Nelson <[EMAIL PROTECTED]> wrote: In the pfSense forums, it appears there are kernel patches available that will fix this issue but no one cares to do it: http://forum.pfsense.org/index.php/topic,1383.0.html In fact, it was Mr. Ullrich himself that made the comment regarding that. --Tim Yes, I made that comment and I stand by it. I am not going to spend 1-2 months of my life in high level C code adding GRE session tracking support to PF when upstream nobody is worried and or concerned about committing it. We need to fix the PF bug that affects scrubbing + the Frickin PPTP proxy but it is quite complicated beyond comprehension and I plan on talking to a few folks during BSDCan concerning it. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Caching DNS Refuses client connections.
The DNS service running on the pfSense router is refusing connections. It is also unable to resolve DNS names locally. This was tested by sshing to the router and typing "ping google.com". It never resolved the name to an address for ping to try to ping. There are DNS servers listed in the General page. The DNS servers are for the OPT1 and OPT2 internet connections. The default traffic rule has all traffic going out over OPT2 so that should not be a problem. I added the same DNS servers to the /etc/resolv.conf on several linux machines as a get by until this could be fixed. I know the DNS servers are reachable using the current routing because of this. I do not have an /etc/resolv.conf to look at or a nslookup command to test with on the pfsense router. Below is the output of the nslookup command from a linux server. The options "Enable DNS forwarder", "Register DHCP leases in DNS forwarder", and "Register DHCP static mappings in DNS forwarder" are all turned on. The "Allow DNS server list to be overridden by DHCP/PPP on WAN" option is turned off since all internet connections have static IP addresses. This was originally on and this DNS still failed. Robert ###Failed DNS attempt with pfsense router### [EMAIL PROTECTED]:~$ nslookup google.com Server: 10.0.0.1 Address:10.0.0.1#53 ** server can't find google.com: REFUSED ###Failed DNS attempt with pfsense router### ###Successful attempt with ISP DNS Server### [EMAIL PROTECTED]:/home/mbgui$ nslookup google.com Server: 68.87.68.162 Address:68.87.68.162#53 Non-authoritative answer: Name: google.com Address: 72.14.207.99 Name: google.com Address: 64.233.187.99 Name: google.com Address: 64.233.167.99 ###Successful attempt with ISP DNS Server### - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse...
L2TP is available in HEAD. HEAD is not intended for productivity and L2TP is not intended tob e backported to RELENG_1... You'll have to wait until it's ready... -Ursprüngliche Nachricht- Von: Tim Nelson [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 4. April 2007 16:36 An: support@pfsense.com Betreff: Re: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse... What VPN options do people use in a situation where PPTP is run locally and they need to VPN out using PPTP? Is the general solution to use OpenVPN? Has there been any thought in putting L2TP support into pfSense, assuming that would be a replacement to PPTP? --Tim Nelson Holger Bauer wrote: > You can't imagine how much time we already spent on testing/debugging/working > on PPTP. We even have been working with the Author of the frickin pptp proxy > on this and created a package to make pptp between the same public endpoints > possible. It's simply broken and the issue is freebsd/pf related. We already > sent all infomration regarding tests/logs to the freebsd lists. Current > state: it's broken and we can't fix it at our end without support by the > freebsd developers (and actually it seems nobody is interested in fixing it). > > Holger > > >> -Original Message- >> From: Tim Nelson [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, April 04, 2007 2:37 PM >> To: support@pfsense.com >> Subject: Re: AW: [pfSense Support] Outbound PPTP Fails... >> Beating the Dead Horse... >> >> In the pfSense forums, it appears there are kernel patches >> available that will fix this issue but no one cares to do it: >> >> http://forum.pfsense.org/index.php/topic,1383.0.html >> >> In fact, it was Mr. Ullrich himself that made the comment >> regarding that. >> >> --Tim >> >> Fuchs, Martin wrote: >> >>> It's a known bug in pf (not pfsense) >>> >>> As long as this is not corrected in pf/freebsd, the devs >>> >> will not be able to correct this in pfsense... >> >>> -Ursprüngliche Nachricht- >>> Von: Tim Nelson [mailto:[EMAIL PROTECTED] >>> Gesendet: Mittwoch, 4. April 2007 03:54 >>> An: support@pfsense.com >>> Betreff: [pfSense Support] Outbound PPTP Fails... Beating >>> >> the Dead Horse... >> >>> I've searched through the archives regarding this issue and >>> >> have not >> >>> found anything definitive. When running a PPTP server in >>> >> pfSense, I am >> >>> unable to connect to remote PPTP servers. I've added GRE >>> >> pass rules to >> >>> all involved interfaces with no success. >>> >>> So, what is the current status of this? m0n0wall does not have this >>> limitation and I know many people would like this feature >>> >> to be fixed >> >>> even though it is the opinion of some that PPTP sucks/is >>> garbage/should be shot/needs to go away/etc... >>> >>> --Tim >>> >>> >>> >> - >> >>> To unsubscribe, e-mail: [EMAIL PROTECTED] For >>> >> additional >> >>> commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >>> >>> >> - >> >>> To unsubscribe, e-mail: [EMAIL PROTECTED] For >>> >> additional >> >>> commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] For >> additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Caching DNS Refuses client connections.
Part of the DNS service is working. I create a static DNS entry on the pfSense router. Clients are able to resolv that static entry using the pfSense DNS service. I still do not know why the pfsense machine can not resolve using DNS servers that other client machines are using. With Multi-Wan setup, Do I have to specify a LAN gateway rule for these IP addresses to go out over? I don't want to do that, because 2 of my connections are from the same provider. Robert - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse...
Not to mention that this feature even in head is pretty untested. Holger -Original Message- From: Fuchs, Martin [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 04, 2007 5:20 PM To: support@pfsense.com Subject: AW: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse... L2TP is available in HEAD. HEAD is not intended for productivity and L2TP is not intended tob e backported to RELENG_1... You'll have to wait until it's ready... -Ursprüngliche Nachricht- Von: Tim Nelson [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 4. April 2007 16:36 An: support@pfsense.com Betreff: Re: AW: [pfSense Support] Outbound PPTP Fails... Beating the Dead Horse... What VPN options do people use in a situation where PPTP is run locally and they need to VPN out using PPTP? Is the general solution to use OpenVPN? Has there been any thought in putting L2TP support into pfSense, assuming that would be a replacement to PPTP? --Tim Nelson Holger Bauer wrote: > You can't imagine how much time we already spent on testing/debugging/working > on PPTP. We even have been working with the Author of the frickin pptp proxy > on this and created a package to make pptp between the same public endpoints > possible. It's simply broken and the issue is freebsd/pf related. We already > sent all infomration regarding tests/logs to the freebsd lists. Current > state: it's broken and we can't fix it at our end without support by the > freebsd developers (and actually it seems nobody is interested in fixing it). > > Holger > > >> -Original Message- >> From: Tim Nelson [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, April 04, 2007 2:37 PM >> To: support@pfsense.com >> Subject: Re: AW: [pfSense Support] Outbound PPTP Fails... >> Beating the Dead Horse... >> >> In the pfSense forums, it appears there are kernel patches available >> that will fix this issue but no one cares to do it: >> >> http://forum.pfsense.org/index.php/topic,1383.0.html >> >> In fact, it was Mr. Ullrich himself that made the comment regarding >> that. >> >> --Tim >> >> Fuchs, Martin wrote: >> >>> It's a known bug in pf (not pfsense) >>> >>> As long as this is not corrected in pf/freebsd, the devs >>> >> will not be able to correct this in pfsense... >> >>> -Ursprüngliche Nachricht- >>> Von: Tim Nelson [mailto:[EMAIL PROTECTED] >>> Gesendet: Mittwoch, 4. April 2007 03:54 >>> An: support@pfsense.com >>> Betreff: [pfSense Support] Outbound PPTP Fails... Beating >>> >> the Dead Horse... >> >>> I've searched through the archives regarding this issue and >>> >> have not >> >>> found anything definitive. When running a PPTP server in >>> >> pfSense, I am >> >>> unable to connect to remote PPTP servers. I've added GRE >>> >> pass rules to >> >>> all involved interfaces with no success. >>> >>> So, what is the current status of this? m0n0wall does not have this >>> limitation and I know many people would like this feature >>> >> to be fixed >> >>> even though it is the opinion of some that PPTP sucks/is >>> garbage/should be shot/needs to go away/etc... >>> >>> --Tim >>> >>> >>> >> - >> >>> To unsubscribe, e-mail: [EMAIL PROTECTED] For >>> >> additional >> >>> commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >>> >>> >> - >> >>> To unsubscribe, e-mail: [EMAIL PROTECTED] For >>> >> additional >> >>> commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >> - >> To unsubscribe, e-mail: [EMAIL PROTECTED] For >> additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] For additional > commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]