Re: [pfSense Support] help pptp plz
How do i do advanced routing help pleas for pptp server to windows file server the two ip's is 192.168.16.1 that is the pptp server add and the lan fileserver is 192.168.1.5 - Original Message - From: Vaughn L. Reid III [EMAIL PROTECTED] To: support@pfsense.com Sent: Tuesday, April 17, 2007 5:21 PM Subject: Re: [pfSense Support] help pptp plz Sorry for the confusion, I should have been slightly more explicit in my previous reply. I was trying to explain that, on my pfsense box, I have allow everything from everywhere to everywhere on my PPTP interface in the firewall rules. On my machine, I know that I have this type of setup because a * symbol appears in each of the fields: Proto Source PortDestination PortGateway Schedule Vaughn On Tue, 17 Apr 2007 16:54:00 +0200, Rainer Duffner [EMAIL PROTECTED] said: Arthur Mitchell wrote: what is asterisks? http://en.wikipedia.org/wiki/Asterisk ;-) cheers, Rainer - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] R: [pfSense Support] Load Balancer Behaviour?
It doesn't worked for me. Any ideas? r3N0oV4 -Messaggio originale- Da: Scott Ullrich [mailto:[EMAIL PROTECTED] Inviato: venerdì 20 aprile 2007 18.55 A: support@pfsense.com Oggetto: Re: [pfSense Support] R: [pfSense Support] Load Balancer Behaviour? Remove the members of the pool and re-add them. Scott On 4/20/07, Quirino Santilli [EMAIL PROTECTED] wrote: Furthermore, looking at the routing table the WanMonitorIpAddress and the Wan2MonitorIpAddress share the same gateway, the default gateway. I think that it's not a visualization problem, It really doesn't fetch the interfaces when adding a Load Balancer Pool. 10x in advance. r3N0oV4 -Messaggio originale- Da: Quirino Santilli Inviato: venerdì 20 aprile 2007 10.15 A: 'support@pfsense.com' Oggetto: R: [pfSense Support] Load Balancer Behaviour? Ok, I updated and the issue solved, but now when adding a Load Balancer Pool in the list field I see something strange: on my howto the list format is WAN|(WanMonitorIpAddress) and WAN2|(Wan2MonitorIpAddress). On my firewall installation the results are different, the list field is in that format: |(WanMonitorIpAddress) and |(Wan2MonitorIpAddress). It seems like that the Interfaces in the resulting config is missing. Even when I look at the load balancer's list the Server/Gateway field is empty and the monitor field has no corresponding interface. Is it a configuration problem? 10x r3N0oV4 -Messaggio originale- Da: Scott Ullrich [mailto:[EMAIL PROTECTED] Inviato: giovedì 19 aprile 2007 19.35 A: support@pfsense.com Oggetto: Re: [pfSense Support] Load Balancer Behaviour? On 4/19/07, Quirino Santilli [EMAIL PROTECTED] wrote: I was finally configuring pfSense as a multi-wan / load-balancing / fail-over firewall for my company when i found something strange. Looking at the howto at this address http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing i found that the load-balancer had a behaviour field that in my 1.0.1 installation is not available. To make you believe I'm not fooling, you can find attached the interface that comes out in my installation and the one available on the howto. Can you tell me why? Upgrade to a recent snapshot. http://snapshots.pfsense.com/FreeBSD6/RELENG_1/ Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] High ping times over IPSec tunnels
On Apr 21, 2007, at 3:27 PM, Mike Lee wrote: I recently discovered that when my internet pipe (either upload or download (2Mb-down/1Mb-Up)) is saturated with traffic, the ping time to my remote site pfSense boxes is really high (sometimes 800-1000ms). My office uses pfSense (full) and all of my remote offices are connected via IPSec VPNs and use pfsense (embedded) with WRAP boards. However, when the internet pipe is saturated and the ping times get high to the remote sites, I get average ping times when pining sites that are not on our VPNs (i.e. pinging www.google.com I get ~80-100ms ping times). what's the CPU load on the WRAP boards when this happens? We have an identical situation: full install at main office, and remote locations (data centers, home offices, etc.) on WRAPs. However, I put the soekris crypto accelerators into the WRAPs and we never see more than about 20ms ping times, even under heavy network loads. Our office system is a P4 with hyperthreading enabled.
[pfSense Support] Connections keep dropping
Hi all, Last monday, one of my colleagues got to me and said he couldn't reach several webpages. I looked into it. We weren't able to make network connections to several websites. Later on, even mail exchange with several hosts wasn't possible. It now turned out that network connections are made, but die after the initial request. This is true for HTTP and SMTP to several external sites. Using wireshark I see that TCP checksum mismatches do show up. On WAN-if I do have several collisions, the box is connected via a fxp to an external DSL modem/PPPoE. The ISP checked the line, no drops, ADSL is fine. So I put up a second computer, got together three xl-NICs and used pfsense-CDROM and m0n0. Both show the same errors with these websites. Strange thing now... I hooked up a laptop, and everything is just fine. I hooked up a Netgear Hw-Router and again all is great. So all in all, I have the same problems on different pfsense-based soft/hardware. Perhaps someone can try to reach www.epson.de, www.fogra.org or www.xrite.com? The setup is: 1x WAN (fxp0) PPPoE with MTU 1472 set by ISP 1x LAN (fxp1) NATed 1x DMZ (fxp2) external IPs, only forwarded from pfsense network connectivity problems do show up on LAN and DMZ. Changing the MTU doesn't seem to work as I'm then no longer able to connect to the ISP. Anyone have an idea as to what I can do next? best regards, Philon Terving - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] help with firewall
I have recently setup a pfsense firewall for home use. I have installed the package IMspector. after the installation the package seems to be running but according to their website you have to add the following to your firewall rules to make this redirect traffic to the IMspector. My question is how would you add these rules with pfsense webgui. Im also asumming that the firewall is a iptables or ipf firewall not ipfw. # from the thier website ### After compiling and installing IMSpector, the following iptables rules are required to transparently proxy the various IM ports. You can of course choose which protocols you wish to proxy into IMSpector: * MSN: iptables -t nat -A PREROUTING -p tcp --destination-port 1863 -j REDIRECT --to-ports 16667 * ICQ/AIM: iptables -t nat -A PREROUTING -p tcp --destination-port 5190 -j REDIRECT --to-ports 16667 * Yahoo: iptables -t nat -A PREROUTING -p tcp --destination-port 5050 -j REDIRECT --to-ports 16667 * IRC: iptables -t nat -A PREROUTING -p tcp --destination-port 6667 -j REDIRECT --to-ports 16667 -- Brent Bailey CCNA Bmyster LLC Computer Networking and Webhosting Systems Engineer, President [EMAIL PROTECTED] Kipe- The Brotherhood of Metal --RIP Brother Dime-- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] help with firewall
On 4/23/07, Brent [EMAIL PROTECTED] wrote: I have recently setup a pfsense firewall for home use. I have installed the package IMspector. after the installation the package seems to be running but according to their website you have to add the following to your firewall rules to make this redirect traffic to the IMspector. My question is how would you add these rules with pfsense webgui. Im also asumming that the firewall is a iptables or ipf firewall not ipfw. We use PF, not any of the above. Imspector uses a PF anchor to install its rules. There should be nothing that is required to make it work out of the box. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] help with firewall
Ok. However I do not see anything in when you go look under Services / Imspector / Log Viewer. I there something I missed ? It also says its running under Status / Services. Should i be able to see messages that are being sent over ICQ AIM protocals ? thank you for your help -- Brent Bailey CCNA Bmyster LLC Computer Networking and Webhosting Systems Engineer, President [EMAIL PROTECTED] Kipe- The Brotherhood of Metal --RIP Brother Dime-- -- Original Message --- From: Scott Ullrich [EMAIL PROTECTED] To: support@pfsense.com Sent: Mon, 23 Apr 2007 18:54:28 -0400 Subject: Re: [pfSense Support] help with firewall On 4/23/07, Brent [EMAIL PROTECTED] wrote: I have recently setup a pfsense firewall for home use. I have installed the package IMspector. after the installation the package seems to be running but according to their website you have to add the following to your firewall rules to make this redirect traffic to the IMspector. My question is how would you add these rules with pfsense webgui. Im also asumming that the firewall is a iptables or ipf firewall not ipfw. We use PF, not any of the above. Imspector uses a PF anchor to install its rules. There should be nothing that is required to make it work out of the box. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --- End of Original Message --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] help with firewall
This only works when you install IMspector from the Packages option. Cesar A. Vergara Buenaventura MMP BU Sistemas Tel : (51) 326-4957 Fax : (51) 326-4957 Cel : 95404463 RPM : #221593 http://www.mitsuimaquinarias.com -Mensaje original- De: Brent [mailto:[EMAIL PROTECTED] Enviado el: Lunes, 23 de Abril de 2007 06:06 p.m. Para: support@pfsense.com Asunto: Re: [pfSense Support] help with firewall Ok. However I do not see anything in when you go look under Services / Imspector / Log Viewer. I there something I missed ? It also says its running under Status / Services. Should i be able to see messages that are being sent over ICQ AIM protocals ? thank you for your help -- Brent Bailey CCNA Bmyster LLC Computer Networking and Webhosting Systems Engineer, President [EMAIL PROTECTED] Kipe- The Brotherhood of Metal --RIP Brother Dime-- -- Original Message --- From: Scott Ullrich [EMAIL PROTECTED] To: support@pfsense.com Sent: Mon, 23 Apr 2007 18:54:28 -0400 Subject: Re: [pfSense Support] help with firewall On 4/23/07, Brent [EMAIL PROTECTED] wrote: I have recently setup a pfsense firewall for home use. I have installed the package IMspector. after the installation the package seems to be running but according to their website you have to add the following to your firewall rules to make this redirect traffic to the IMspector. My question is how would you add these rules with pfsense webgui. Im also asumming that the firewall is a iptables or ipf firewall not ipfw. We use PF, not any of the above. Imspector uses a PF anchor to install its rules. There should be nothing that is required to make it work out of the box. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --- End of Original Message --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] La información contenida en este mensaje ha sido emitida para uso exclusivo de su destinatario. Cualquier difusión, copia o distribución de este mensaje, esta prohibido y puede ser ilegal. Si usted ha recibido este correo por error por favor comuníquenoslo inmediatamente y elimínelo del sistema. The information included in this message was mailed for exclusive use of its addresee. Any copy or distribution of this e-mail is forbidden and may be considered ilegal. If you have received this e-mail by mistake, please notify us inmediately and erase it from you system. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] help with firewall
On 4/23/07, Brent [EMAIL PROTECTED] wrote: Ok. However I do not see anything in when you go look under Services / Imspector / Log Viewer. I there something I missed ? It also says its running under Status / Services. Should i be able to see messages that are being sent over ICQ AIM protocals ? I have not used this package as of yet but I do know that it requires a fairly recent snapshot: http://snapshots.pfsense.com/FreeBSD6/RELENG_1_2/ Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Adding firewall rule with pfsence webgui
I have recently setup a pfsense firewall for home use. I have installed the package IMspector. after the installation the package seems to be running but according to their website you have to add the following to your firewall rules to make this redirect traffic to the IMspector. My question is how would you add these rules with pfsense webgui. Im also asumming that the firewall is a iptables or ipf firewall not ipfw. # from the thier website ### After compiling and installing IMSpector, the following iptables rules are required to transparently proxy the various IM ports. You can of course choose which protocols you wish to proxy into IMSpector: * MSN: iptables -t nat -A PREROUTING -p tcp --destination-port 1863 -j REDIRECT --to-ports 16667 * ICQ/AIM: iptables -t nat -A PREROUTING -p tcp --destination-port 5190 -j REDIRECT --to-ports 16667 * Yahoo: iptables -t nat -A PREROUTING -p tcp --destination-port 5050 -j REDIRECT --to-ports 16667 * IRC: iptables -t nat -A PREROUTING -p tcp --destination-port 6667 -j REDIRECT --to-ports 16667 -- Brent Bailey CCNA Bmyster LLC Computer Networking and Webhosting Systems Engineer, President [EMAIL PROTECTED] Kipe- The Brotherhood of Metal --RIP Brother Dime-- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] help with firewall
Is there some setting that im not using ? Im not seeing anything in the log viewer for IMspector although it says its running. Thanks again for your help -- Brent Bailey CCNA Bmyster LLC Computer Networking and Webhosting Systems Engineer, President [EMAIL PROTECTED] Kipe- The Brotherhood of Metal --RIP Brother Dime-- -- Original Message --- From: Scott Ullrich [EMAIL PROTECTED] To: support@pfsense.com Sent: Mon, 23 Apr 2007 18:54:28 -0400 Subject: Re: [pfSense Support] help with firewall On 4/23/07, Brent [EMAIL PROTECTED] wrote: I have recently setup a pfsense firewall for home use. I have installed the package IMspector. after the installation the package seems to be running but according to their website you have to add the following to your firewall rules to make this redirect traffic to the IMspector. My question is how would you add these rules with pfsense webgui. Im also asumming that the firewall is a iptables or ipf firewall not ipfw. We use PF, not any of the above. Imspector uses a PF anchor to install its rules. There should be nothing that is required to make it work out of the box. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --- End of Original Message --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]