RE: [pfSense Support] Multiple IPs
Ok, she's working. Thanks guys, esp Tim. Dave -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 10:20 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs Let me be pedantic. By router maybe you mean the modem that's upline of the firewall. Pls let me know. Also, let go over some of the details of my config so you can tell me if I've done something stupid: In Interfaces | WAN I have the IP address configured as X.X.X.146/29 and the gateway x.x.x.145. In Firewall | Virtual IPs I have four defined: X.x.x.147/32 Proxy ARP X.x.x.148/32 Proxy ARP X.x.x.149/32 Proxy ARP X.x.x.150/32 Proxy ARP Now, assuming that I've done this correct, I've added some Firewall | NAT | Port Forwards based off of the Virtual IP port. If all this is correct, then all I should have to do is reboot the ISP's modem. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 7:27 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs The IP's are in the same subnet right? If you can use the ip's bypassing pfSense, then pfSense can use the IP's. Add them to the Virtual IP's list, apply your settings and then reboot the router (not pfSense, fyi...maybe that is where you have been stuck) What this does is pfSense now answers for the IP's you've added to the list. If they are usuable, then pfSense will respond to them. IF you are still having trouble, power down your router for a longer period of time. It is necessary for it to clear it's cache and resend it's arp requests so pfSense can respond. I guarantee it is not an issue with pfSense I have it working on every install I've done (that needed multiple IP's that is) -Tim -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 6:10 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs Didn't work. What can we do to collect info in order to determine what the actual problem is? If it's the kernel, we need to know so a patch may be done. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 4:40 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs And be sure to reboot your router! Sometimes the cache time is realy long -tim -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 3:16 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs I did try that and as you said, it doesn't work. I'm going to try to switch interfaces and see if it'll work on the vr0 device. (currently using a rl0). Thanks, Dave -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 12:37 AM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs Dave, its under firewall-Virtual IP's It's interesting but as I mentioned before I tried to get proxy ARP to work but couldn't get pfsense to respond to who has arp requests for any IP other than the WAN. Does anyone know if some network cards are just so shitty (rl0) that they will now work with proxy ARP? I would assume it has to do with the kernel and not the network card. On 03/07/2007, at 1:41 PM, Dave Cabot wrote: How do I do that exactly? I thought ARP was self-discovery. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Monday, July 02, 2007 8:13 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs You will need to set arp up because your firewall needs to say hey I'm here... send these packets to me After you do that you may need to power cycle your router to clear it's arp cache. It works great... use it on all my sites. -Tim -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Monday, July 02, 2007 5:22 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs I was unsuccessful in achieving this type of setup, which is strange as it seems it should be very possible. According to that link I don't need to add the IP addresses as proxy ARP, It should just work with 1:1 NAT. I might have another go with just the NAT. I would be interested to know how you went. Cheers. On 03/07/2007, at 2:29 AM, sai wrote: On 7/2/07, Dave Cabot [EMAIL PROTECTED] wrote: How does pfS handle multiple IPs on the WAN interface? Would it just be filter rules or the port fowarding? My ISPs gateway will be x.x.x.145. I've got x.x.x.146-x.x.x.150 (netmask 255.255.255.248) I'll set the WAN port to x.x.x.150, but I need it to receive the packets for all 5 IPs. I need to be able to forward based off of IP and port to whatever server inside the LAN. Is this doable? Its doable. See http://doc.m0n0.ch/handbook/examples.html#id2603650 pfSense is based on m0n0 and this should help you get started.
[pfSense Support] Debugging hostapd
How can I get detailed debug data from hostapd? I've been using pfSense also as an access-point. I have some trouble with wireless and debugging can help me to understand the problem better. Thanks! - - L'email della prossima generazione? Puoi averla con la nuova Yahoo! Mail
[pfSense Support] pfsense Beta 1.2B1 (built on Mon Apr 30 10:47:18 EDT 2007)
I just did a fresh install of pfsense on P3(500mhtz) with 384mb ram and 6GB disk. I think this is by far the cleanest install and least buggy software I have seen. I have a site-2-site vpn with linksys, PPTP server, dyndns, etc.etc.. Also have seen that pptp passthrough also worked like a charm right out of box in default installs. The only change I made, when installing, I deleted the swap because I saw no need for that since my machine has so much memory. I have a 2GB DOM (flash in IDE). Is there a way to use the software by installing it on flash. I don't want to loose any of the flexibilities by going to embedded version. Memory/disk etc are so cheap these days ..
Re: [pfSense Support] Debugging hostapd
set up your wireless as you like it in GUI.
Then edit /tmp/{$if}_setup.sh ( {$if} = your interface name like ath0
or wi0 or whatever) and find the line that starts
hostapd/wpa_supplicant (should look somthing like: /usr/sbin/hostapd
-B /var/etc/hostapd_{$if}.conf and change it to somthing like
/usr/sbin/hostapd -dd /var/etc/hostapd_{$if}.conf
-B = run in background
-dd = debug mode
Then from CLI (ssh in or whatever) run /tmp/ath0_setup.sh and do your debugging.
Remeber if you change anything in GUI the /tmp/ath0_setup.sh file will
be overwritten and you have to edit it again.
Also when you exit debug mode, hostapd will stop, so you need to enter
gui and save changes on the wireless setup page to rewrite the startup
script and start wireless again.
Good luck :-)
-lsf
On 7/4/07, tester tester [EMAIL PROTECTED] wrote:
How can I get detailed debug data from hostapd? I've been using pfSense also
as an access-point.
I have some trouble with wireless and debugging can help me to understand
the problem better.
Thanks!
L'email della prossima generazione? Puoi averla con la nuova Yahoo! Mail
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] 1.2-BETA-2 released!
http://digg.com/linux_unix/pfSense_1_2_BETA_2_released Please digg it! Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Multiple IPs
Good to hear you got it going Dave, Jai, you will want to set them up with a /32 if proxy arp isn't working you can also try carp. I suppose it COULD be a faulty NIC, but give the above a shot. and do power down the router/or modem (whichever the case) between each shot. -Tim -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Tue 7/3/2007 9:24 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs Hi Tim, Thanks for the info... I have tried what you mentioned to no avail, I'm not sure my failure is due to an arp cache problem with the router (although i did suspect that) because connecting a laptop to the subnet and changing it's IP address has no problems, and there is no delay while arp timeouts. Same is true if I change the WAN IP address to any of the other IP's in the subnet. I wonder if I'm configuring the virtual IP wrong. I've been entering the IP address as Single addresses, ie /32 bit mask. Could it be the hardware? Jai On 04/07/2007, at 11:26 AM, Tim Dickson wrote: The IP's are in the same subnet right? If you can use the ip's bypassing pfSense, then pfSense can use the IP's. Add them to the Virtual IP's list, apply your settings and then reboot the router (not pfSense, fyi...maybe that is where you have been stuck) What this does is pfSense now answers for the IP's you've added to the list. If they are usuable, then pfSense will respond to them. IF you are still having trouble, power down your router for a longer period of time. It is necessary for it to clear it's cache and resend it's arp requests so pfSense can respond. I guarantee it is not an issue with pfSense I have it working on every install I've done (that needed multiple IP's that is) -Tim -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 6:10 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs Didn't work. What can we do to collect info in order to determine what the actual problem is? If it's the kernel, we need to know so a patch may be done. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 4:40 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs And be sure to reboot your router! Sometimes the cache time is realy long -tim -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 3:16 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs I did try that and as you said, it doesn't work. I'm going to try to switch interfaces and see if it'll work on the vr0 device. (currently using a rl0). Thanks, Dave -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 12:37 AM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs Dave, its under firewall-Virtual IP's It's interesting but as I mentioned before I tried to get proxy ARP to work but couldn't get pfsense to respond to who has arp requests for any IP other than the WAN. Does anyone know if some network cards are just so shitty (rl0) that they will now work with proxy ARP? I would assume it has to do with the kernel and not the network card. On 03/07/2007, at 1:41 PM, Dave Cabot wrote: How do I do that exactly? I thought ARP was self-discovery. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Monday, July 02, 2007 8:13 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs You will need to set arp up because your firewall needs to say hey I'm here... send these packets to me After you do that you may need to power cycle your router to clear it's arp cache. It works great... use it on all my sites. -Tim -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Monday, July 02, 2007 5:22 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs I was unsuccessful in achieving this type of setup, which is strange as it seems it should be very possible. According to that link I don't need to add the IP addresses as proxy ARP, It should just work with 1:1 NAT. I might have another go with just the NAT. I would be interested to know how you went. Cheers. On 03/07/2007, at 2:29 AM, sai wrote: On 7/2/07, Dave Cabot [EMAIL PROTECTED] wrote: How does pfS handle multiple IPs on the WAN interface? Would it just be filter rules or the port fowarding? My ISPs gateway will be x.x.x.145. I've got x.x.x.146-x.x.x.150 (netmask 255.255.255.248) I'll set the WAN port to x.x.x.150, but I need it to receive the packets for all 5 IPs. I need to be able to forward based off of IP and port to whatever server inside the LAN. Is this doable? Its doable. See http://doc.m0n0.ch/handbook/examples.html#id2603650 pfSense is based on m0n0 and this
Re: [pfSense Support] 1.2-BETA-2 released!
Same as how 1.0-BETA-1 showed up. Scott On 7/4/07, David Strout [EMAIL PROTECTED] wrote: Will this be showing up as a SNAP update or will it require a re-install? http://digg.com/linux_unix/pfSense_1_2_BETA_2_released Please digg it! Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Multiple IPs
What did the trick for you? On 05/07/2007, at 1:06 AM, Dave Cabot wrote: Ok, she's working. Thanks guys, esp Tim. Dave -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 10:20 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs Let me be pedantic. By router maybe you mean the modem that's upline of the firewall. Pls let me know. Also, let go over some of the details of my config so you can tell me if I've done something stupid: In Interfaces | WAN I have the IP address configured as X.X.X. 146/29 and the gateway x.x.x.145. In Firewall | Virtual IPs I have four defined: X.x.x.147/32 Proxy ARP X.x.x.148/32 Proxy ARP X.x.x.149/32 Proxy ARP X.x.x.150/32 Proxy ARP Now, assuming that I've done this correct, I've added some Firewall | NAT | Port Forwards based off of the Virtual IP port. If all this is correct, then all I should have to do is reboot the ISP's modem. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 7:27 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs The IP's are in the same subnet right? If you can use the ip's bypassing pfSense, then pfSense can use the IP's. Add them to the Virtual IP's list, apply your settings and then reboot the router (not pfSense, fyi...maybe that is where you have been stuck) What this does is pfSense now answers for the IP's you've added to the list. If they are usuable, then pfSense will respond to them. IF you are still having trouble, power down your router for a longer period of time. It is necessary for it to clear it's cache and resend it's arp requests so pfSense can respond. I guarantee it is not an issue with pfSense I have it working on every install I've done (that needed multiple IP's that is) -Tim -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 6:10 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs Didn't work. What can we do to collect info in order to determine what the actual problem is? If it's the kernel, we need to know so a patch may be done. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 4:40 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs And be sure to reboot your router! Sometimes the cache time is realy long -tim -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 3:16 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs I did try that and as you said, it doesn't work. I'm going to try to switch interfaces and see if it'll work on the vr0 device. (currently using a rl0). Thanks, Dave -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 12:37 AM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs Dave, its under firewall-Virtual IP's It's interesting but as I mentioned before I tried to get proxy ARP to work but couldn't get pfsense to respond to who has arp requests for any IP other than the WAN. Does anyone know if some network cards are just so shitty (rl0) that they will now work with proxy ARP? I would assume it has to do with the kernel and not the network card. On 03/07/2007, at 1:41 PM, Dave Cabot wrote: How do I do that exactly? I thought ARP was self-discovery. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Monday, July 02, 2007 8:13 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs You will need to set arp up because your firewall needs to say hey I'm here... send these packets to me After you do that you may need to power cycle your router to clear it's arp cache. It works great... use it on all my sites. -Tim -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Monday, July 02, 2007 5:22 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs I was unsuccessful in achieving this type of setup, which is strange as it seems it should be very possible. According to that link I don't need to add the IP addresses as proxy ARP, It should just work with 1:1 NAT. I might have another go with just the NAT. I would be interested to know how you went. Cheers. On 03/07/2007, at 2:29 AM, sai wrote: On 7/2/07, Dave Cabot [EMAIL PROTECTED] wrote: How does pfS handle multiple IPs on the WAN interface? Would it just be filter rules or the port fowarding? My ISPs gateway will be x.x.x.145. I've got x.x.x.146-x.x.x.150 (netmask 255.255.255.248) I'll set the WAN port to x.x.x.150, but I need it to receive the packets for all 5 IPs. I need to be able to forward based off of IP and port to whatever server inside the LAN. Is this doable? Its doable. See http://doc.m0n0.ch/handbook/examples.html#id2603650 pfSense
RE: [pfSense Support] Multiple IPs
Waiting for the modem to update it's ARP table. -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 04, 2007 10:08 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs What did the trick for you? On 05/07/2007, at 1:06 AM, Dave Cabot wrote: Ok, she's working. Thanks guys, esp Tim. Dave -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 10:20 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs Let me be pedantic. By router maybe you mean the modem that's upline of the firewall. Pls let me know. Also, let go over some of the details of my config so you can tell me if I've done something stupid: In Interfaces | WAN I have the IP address configured as X.X.X. 146/29 and the gateway x.x.x.145. In Firewall | Virtual IPs I have four defined: X.x.x.147/32 Proxy ARP X.x.x.148/32 Proxy ARP X.x.x.149/32 Proxy ARP X.x.x.150/32 Proxy ARP Now, assuming that I've done this correct, I've added some Firewall | NAT | Port Forwards based off of the Virtual IP port. If all this is correct, then all I should have to do is reboot the ISP's modem. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 7:27 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs The IP's are in the same subnet right? If you can use the ip's bypassing pfSense, then pfSense can use the IP's. Add them to the Virtual IP's list, apply your settings and then reboot the router (not pfSense, fyi...maybe that is where you have been stuck) What this does is pfSense now answers for the IP's you've added to the list. If they are usuable, then pfSense will respond to them. IF you are still having trouble, power down your router for a longer period of time. It is necessary for it to clear it's cache and resend it's arp requests so pfSense can respond. I guarantee it is not an issue with pfSense I have it working on every install I've done (that needed multiple IP's that is) -Tim -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 6:10 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs Didn't work. What can we do to collect info in order to determine what the actual problem is? If it's the kernel, we need to know so a patch may be done. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 4:40 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs And be sure to reboot your router! Sometimes the cache time is realy long -tim -Original Message- From: Dave Cabot [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 3:16 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs I did try that and as you said, it doesn't work. I'm going to try to switch interfaces and see if it'll work on the vr0 device. (currently using a rl0). Thanks, Dave -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 03, 2007 12:37 AM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs Dave, its under firewall-Virtual IP's It's interesting but as I mentioned before I tried to get proxy ARP to work but couldn't get pfsense to respond to who has arp requests for any IP other than the WAN. Does anyone know if some network cards are just so shitty (rl0) that they will now work with proxy ARP? I would assume it has to do with the kernel and not the network card. On 03/07/2007, at 1:41 PM, Dave Cabot wrote: How do I do that exactly? I thought ARP was self-discovery. Dave -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Monday, July 02, 2007 8:13 PM To: support@pfsense.com Subject: RE: [pfSense Support] Multiple IPs You will need to set arp up because your firewall needs to say hey I'm here... send these packets to me After you do that you may need to power cycle your router to clear it's arp cache. It works great... use it on all my sites. -Tim -Original Message- From: jai lamerton [mailto:[EMAIL PROTECTED] Sent: Monday, July 02, 2007 5:22 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multiple IPs I was unsuccessful in achieving this type of setup, which is strange as it seems it should be very possible. According to that link I don't need to add the IP addresses as proxy ARP, It should just work with 1:1 NAT. I might have another go with just the NAT. I would be interested to know how you went. Cheers. On 03/07/2007, at 2:29 AM, sai wrote: On 7/2/07, Dave Cabot [EMAIL PROTECTED] wrote: How does pfS handle multiple IPs on the WAN interface? Would it just be filter rules or the port fowarding? My ISPs gateway will be x.x.x.145. I've got
