[pfSense Support] Reduce WAN NIC to 10Mbps?
Hi My ISP researching a problem with packet loss advises me to: Set your firewall for 10mbps full-duplex, auto negotiation off, and then run your tests again. This is presumably to match their 10M Wireless Gateway. Can we do this somehow? I am running dc class NIC's. Kind regards David Hingston - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Reduce WAN NIC to 10Mbps?
Have a look at http://doc.m0n0.ch/handbook-single/#FAQ.hiddenopts . These options apply to pfSense as well. You can hardcode the speed and duplex by adding the appropriate flag to your downloaded config.xml and reupload it again. # interfaces/(if)/media and interfaces/(if)/mediaopt If you need to force your NIC to a specific media type (e.g. 10Base-T half duplex), you can use these two options. Refer to the appropriate FreeBSD manpage for the driver you're using to see which options are available (or run ifconfig -m). Holger -Original Message- From: Tortise [mailto:[EMAIL PROTECTED] Sent: Thursday, June 14, 2007 1:00 PM To: support@pfsense.com Subject: [pfSense Support] Reduce WAN NIC to 10Mbps? Hi My ISP researching a problem with packet loss advises me to: Set your firewall for 10mbps full-duplex, auto negotiation off, and then run your tests again. This is presumably to match their 10M Wireless Gateway. Can we do this somehow? I am running dc class NIC's. Kind regards David Hingston - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] VPN NAT for hiding local addresses
Tim A. Hall-Woodcock wrote: Hello, I am trying to track down some info on how to hide my private IP's when connecting to a remote VPN using pfSense. Can anyone help with configuration or give me some links to something that may help? Apparently the VPN I am connecting to won't allow private IP's as they have thousands of tunnels and conflicts always happen. Thanks Tim. Tim, I'm not exactly sure how you can accomplish this with pf. If I understand your problem correctly, you need to NAT the source address of traffic that originates from your private network before it gets processed by IPSEC. But 'many to one' NAT is performed as packets pass out an interface in pf. This would be fine if IPSEC processing happened after pf NAT processing but I think the opposite is true :( If you own a block of public addresses, you could easily perform 1 to 1 nat ( binat ) which can be applied to private network traffic as they pass in your private network interface. This allows the translation to happen before the packets are processed by IPSEC on the outbound path of your public network interface. Hope this helps, -Matthew - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]