Re: [pfSense Support] Re: Authentication errors on pfsync

2007-09-01 Thread Bill Marquette 
>From the shell, do a 'netstat -s -ppfsync' on both boxes for me
please.  I suspect the hanging is related to another issue I'm having
with FreeBSD/pf (not a pfSense specific issue).  No comment on your
other problems.

--Bill

On 8/31/07, Ron Garcia-Vidal <[EMAIL PROTECTED]> wrote:
> Even more information:
>
> When CARP was working properly, I SSHed from a machine behind the
> firewall to a machine outside and started a `seq 1 10`.  Once
> underway, I took the master offline.  The seq count would hang for less
> than a minute and pick right back up when the backup promoted itself.
> Bringing the master back online didn't even have a hang, it was totally
> seamless.
>
> Under the current snapshot, that seq count hangs and stays hung until I
> bring the master back online.
>
> Does this help?  Should I be posting this to another forum?
>
>
> Ron Garcia-Vidal wrote:
> > I have more info, more confusing.  I have deleted all carp interfaces.
> > When I set a CARP address on the LAN, everything works as expected,
> > except for the authentication failure message below.
> >
> > However, when I add a CARP address on the WAN interface, I get the
> > following errors:
> >
> > Aug 31 10:17:49   php: : Beginning XMLRPC sync to http://10.0.0.3:80.
> > Aug 31 10:17:51   php: : XMLRPC sync successfully completed with
> > http://10.0.0.3:80.
> > Aug 31 10:17:51   php: : Beginning XMLRPC sync to http://10.0.0.3:80.
> > Aug 31 10:17:51   php: : An error code was received while attempting
> > XMLRPC sync with username admin http://10.0.0.3:80 - Code 801:
> > Authentication failure
> > Aug 31 10:17:51   php: : New alert found: An error code was received
> > while attempting XMLRPC sync with username admin http://10.0.0.3:80 -
> > Code 801: Authentication failure
> >
> > And on the backup machine, the CARP address shows up, but the CARP
> > interface section is blank (the section where on the LAN it shows carp0,
> > and on this one it should presumably show carp1) and the status just has
> > the grey arrow, like for the LAN, but it doesn't say "Backup" like the
> > LAN one does.
> >
> > So why would it transfer successfully once but fail authentication
> > tenths of a second later?  ANd what's wrong with my CARP backup?
> >
> >
> > Ron Garcia-Vidal wrote:
> >> I have 2 machines set up doing CARP with a dedicated crossover
> >> connecting them for pfsync.  I keep getting the following error:
> >>
> >> php: : An error code was received while attempting XMLRPC sync with
> >> username admin http://X.X.X.X:80 - Code 801: Authentication failure
> >>
> >> I have typed and retyped the password on both machines several times,
> >> and still get this error.  The CARP interfaces, NATs and firewall rules
> >> replicate ok, but some of the CARP interfaces show up as master on both
> >> and I get a bad hash error (even though I set the has on one box and let
> >> it replicate to the other.
> >>
> >> I'm using the snapshot that was released on 8/27, since when I ran the
> >> regular RC2, both machines were rebooting sporadically.
> >>
> >> Any ideas?
> >>
> >> -Ron
>
>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[pfSense Support] Several public ip's on WAN port

2007-09-01 Thread Cedric Gavage 

Hi,

I've a question... Can I use a pfsense solution for this case:

The internet provider gives one fixed ip which will be configured on  
the WAN interface.
Towards this fixed ip's, a range of 6 others ip's is routed (not in  
the same subnet).


Can I configure on a pfsense these several ip's as alias ip's on the  
WAN interface (virtual ip/proxy arp?) ? These ip's will be used with  
port forwarding towards internal lan ip's.


--
 Cedric Gavage -- openpgp: 0x92B34D5E

Re: [pfSense Support] LAN / WAN Disconnections continue in 1.2-RC1, Intel Pro/1000GT NICs with 370M RAM

2007-09-01 Thread Tortise 
I was not surprised that the Motorola 5100 cable modem on the Telstraclear 
Network in New Zealand also lost connectivity within the 
first 24 hours of operation. For pfSense the 5100 seems no more compatible than 
the 5101.  Given there seem to be no reports of 
people having problems on other networks with these modems, what is it about 
the Telstraclear cable network?
Kind regards
David Hingston 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [pfSense Support] Several public ip's on WAN port

2007-09-01 Thread Chris Daniel 
I think so; I believe you need to use the virtual IP type "other" for 
these other IPs.


Cedric Gavage wrote:

Hi,

I've a question... Can I use a pfsense solution for this case:

The internet provider gives one fixed ip which will be configured on 
the WAN interface.
Towards this fixed ip's, a range of 6 others ip's is routed (not in 
the same subnet).


Can I configure on a pfsense these several ip's as alias ip's on the 
WAN interface (virtual ip/proxy arp?) ? These ip's will be used with 
port forwarding towards internal lan ip's.


--
 Cedric Gavage -- openpgp: 0x92B34D5E






-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]