Re: [pfSense Support] Unless I disable filter in Advanced setting, I can't send attachments over 48Kb or upload files above 48Kb
Hi Scott, Thanks for the tip. I am in the default LAN rule and I cannot locate where to create and enable static port. Can you please point me in the right direction? Thank you, Sonny Scott Ullrich wrote: On 8/27/07, Sonny Sarai <[EMAIL PROTECTED]> wrote: Hello, I am running pfsense 1.2-RC2. I am new to pfsense. Nobody inside the network can send attachments over 48Kb if the filters are enabled in advanced settings. If I check off the check box in advanced settings, I can send well over 48Kb. I tried disabling every rule and turning them on one by one to test it but to no avail. Is there a default rule I am missing and how do I disable that. The challenge is that our sister company also uses pfsense but they can continue to send attachments over 48Kb. I have mirrored their settings except that I have bridged the WAN and LAN otherwise the LAN cannot get out to the public internet. I also disabled firewall scrub, waited 2 minutes and I still could not send over 48Kb. I then cleared the DF bit andf I stil could sent out attachments. Can someone let me know what is causing this and how it can be rectified other than scrapping pfsense. The attachment size was not an issue with sonicwall. Any advice is appreciated. I would love to continue to use pfsense but this is a major drawback. 1. Visit Firewall -> NAT -> Outbound. 2. Enable Advanced outbound NAT 3. Edit the default LAN rule that it created and enable static port. 4. Click save. If the problem persists, disable advanced outbound NAT and proceed to: 1. Disable "Disable Firewall Scrub" in System -> Advanced 2. Problem persists, try checking "Clear DF bit instead of dropping" in System -> Advanced. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] synchronized monowall 1.3b
these features to follow: monowall *1.3b1* (12/16/2006): added support for new wireless features in FreeBSD 6 - Atheros cards are finally supported! - channel selection on interface setup page now reflects actual capabilities of card - wireless status page shows scanned APs in client mode and associated stations in hostap mode monowall *1.3b2 *enabled NAT-T support for IPsec VPN (enable via webGUI) monowall *1.3b3 *wireless LAN improvements - WPA-PSK and WPA-Enterprise (in hostap mode) - hide SSID option these features are supported by the pfsense 1.2rc2? thnaks reply cris On 9/6/07, Chris Buechler <[EMAIL PROTECTED]> wrote: > > Bill Marquette wrote: > > Mainly just looking at the diffs in code between m0n0 versions and > > applying them (sometimes by hand) to pfSense. Didn't realize you were > > talking about the PHP code, I assumed you referred to the C++ backend. > > > > That's the m0n0AP or m0n0CoreD or m0n0Unborn, or however you want to > refer to it. m0n0wall 1.3 doesn't have any of that. > > We have almost all of what's in m0n0wall 1.3 already (and had it first), > there are some things of interest in there that we don't have though. > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
Re: [pfSense Support] Big Problems with 2wire ADLS modem+Router.
Hoos, Stephen wrote: > work fine as a router/switch. Your picture is a little confusing > download “network notepad” and redraw your topology. I think the problem was he drew the diagram with fixed-point font and then html-emailed it so it will look different. it's best to send only plain-text emails to a list (please will all those sending html emails stop!) - thanks! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Big Problems with 2wire ADLS modem+Router.
I would use static IPs on the 2WIRE LAN and pfSense WAN side and see if you can put a static route into the 2WIRE box. Use DHCP on the LAN side of the pfSense box. Even if pfSense has no WAN connection it should work fine as a router/switch. Your picture is a little confusing download "network notepad" and redraw your topology. From: Alberto Moreno [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 05, 2007 10:37 PM To: support@pfsense.com Subject: Re: [pfSense Support] Big Problems with 2wire ADLS modem+Router. Well guys, after reading around some tutorials about Bridge Mode with this modem, pfsense couldn't authenticated with this modem. I read a lot of info from dslreports.com about this issue, follow some docs, but no success. Right now i just will be part of the DMZPlus, and if i get this to work i let u know guys, thanks all for your help!!! 2007/9/4, Alberto Moreno <[EMAIL PROTECTED]>: Hi guys. I already try the DMZ-Plus stuff, but look what i need to do, and after this, if i reboot my pfsense i need to do this again: 1; Disable DHCP server in my pfsense. 2; Put my WAN nic in DHCP mode. 3; Enable DHCP Server inside 2WIRE 4; Detect inside 2WIRE my PFsense-WAN 5; Put my PFsenseWAN in DMZPlus 6; Disable 2WIRE dhcp server 7; Enable DHCP server inside PFsenseLAN 8; After this i can use PFsense. But if for some reasons i reboot my pfsense, a lost everything, i need to do this again, is very exhausted. Now, another thing, look this is my small network: DSL <-- | | - | | <-PfsenseWAN--- |PFsense Box | <--- |2WIRE | <-LAN Switch--- | -| | PfsenseLAN | | | | | --- | | |--->| | <--| Internet | LAN Switch | --- <-> Clients LAN Now why this settings??? 1; If i disconnect my 2WIRE from my switch, i lost all communication from my LAN, i couldn't access 2WIRE settings inside my LAN. 2; " , none of my clients could access Internet. I was trying to access my ISP from pfsense, i setup my WAN for PPPoE, all the settings like before, but pfsense cannot negotiated with ISP, i still don't now why, looks like 2WIRE doesn't want to let other device handled the connection. Now i need to check about the bridge mode see how it works. I will let u know guys, thanks for your help!!! 2007/9/3, Mike <[EMAIL PROTECTED] >: Alberto Moreno wrote: > > Hi people. > > This week my ISP told me that i need to change my old modem: DSL modem > speedstream 5400, just a modem. My LAN was behind pfsense, DHCP, one vpn > to my office, it was very beautiful. Some times i just connect my box > and i was at work, didn't need to get there. > > Now, i have this 2wire Modem+Router(Model 2701HG-T), which if came > with built-in Firewall, wireless, and other cool stuff for someone with > no acknowledge of pfsense could say, this is great!!! > >Now i don't how to hell i will have my old settings, i cannot disable > the firewall from that device, i cannot access my office from my LAN > clients, the only one who could access my office is the pfsense box, > because i enable some rule to the 2wire firewall, but any of my clients > can. > > I'm lost, i don't know how is the gateway now or which one i chose? > What about my WAN interface? I try to connect my wan interface but i > don't get any answer from my ISP. > >I disable the DHCP server from the device, but right now my Gateway > is 2wire, what can i do to bring everything to normal? do i need tot add > each rule to my LAN and NAT or forward to my 2wire gateway? > > Someone could point me, what i need to do, or help me understand my > case and help me find some path to this? > > Thanks all for your time. > > P.S. Running pfsense 1.0.1 Release. > > -- > LIving the dream... I have the same gateway, and I just set the PFsense box in DMZ plus mode (in the 2wire gateway) and specified that it gets the external IP from my ISP. I am thinking that the 2wire's allow for proprietary firmware/ software for each ISP though, so this may not work for you. When you attempt to log in, do you use the http://? The address you type in here is found in your
Re: [pfSense Support] not properly dismounted
Ole Barnkob Kaas wrote: Hello, I use pfSense in a number of remote locations. All running on Soekris 4801 platform with the pfSense-1.0.1-Embedded.img.gz image. Sometimes the box failes to come online after either deliberate or accidental power cycle. It complains that volumes was not properly dismounted. After check and mount files are missing. I assumed that the cf card was mounted read only to better survice eg. powerfailures. Any reason why they should be r/w? There are bugs in 1.0.1 that cause corruption on embedded. Use 1.2RC2 and it won't happen. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] synchronized monowall 1.3b
Bill Marquette wrote: Mainly just looking at the diffs in code between m0n0 versions and applying them (sometimes by hand) to pfSense. Didn't realize you were talking about the PHP code, I assumed you referred to the C++ backend. That's the m0n0AP or m0n0CoreD or m0n0Unborn, or however you want to refer to it. m0n0wall 1.3 doesn't have any of that. We have almost all of what's in m0n0wall 1.3 already (and had it first), there are some things of interest in there that we don't have though. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] synchronized monowall 1.3b
On 9/6/07, cassio lima <[EMAIL PROTECTED]> wrote: > yes, > > > some features as captive vestibule and radius and wpa, this functionality We do WPA today. > are not being developed for the staff of the pfsense. Some form exists to > synchronize ? Mainly just looking at the diffs in code between m0n0 versions and applying them (sometimes by hand) to pfSense. Didn't realize you were talking about the PHP code, I assumed you referred to the C++ backend. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] synchronized monowall 1.3b
yes, some features as captive vestibule and radius and wpa, this functionality are not being developed for the staff of the pfsense. Some form exists to synchronize ? On 9/5/07, Bill Marquette <[EMAIL PROTECTED]> wrote: > > Nope. You looking for a project? > > --Bill > > On 9/5/07, cassio lima <[EMAIL PROTECTED]> wrote: > > hi > > > > > > Head of the pfsense is synchronized with the new characteristics of new > > monowall?? > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
[pfSense Support] not properly dismounted
Hello, I use pfSense in a number of remote locations. All running on Soekris 4801 platform with the pfSense-1.0.1-Embedded.img.gz image. Sometimes the box failes to come online after either deliberate or accidental power cycle. It complains that volumes was not properly dismounted. After check and mount files are missing. I assumed that the cf card was mounted read only to better survice eg. powerfailures. Any reason why they should be r/w? Regards, Ole Kaas Dump from serial console: Fast IPsec: Initialized Security Association Processing. ad1: 495MB at ata0-slave PIO4 GEOM_LABEL: Label for provider ad1a is ufs/pfSense. GEOM_LABEL: Label for provider ad1d is ufs/pfSenseCfg. Trying to mount root from ufs:/dev/ufs/pfSense WARNING: / was not properly dismounted ___ ___/ f \ / p \___/ Sense \___/ \ \___/ Welcome to pfSense 1.0.1 on t Setting up embedded specific environment... done. Mounting filesystems...WARNING: /cf was not properly dismounted WARNING: R/W mount of / denied. Filesystem is not clean - run fsck mount: /dev/ufs/pfSense: Operation not permitted ** /dev/ufs/pfSense ** Last Mounted on / ** Root file system ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 1977 files, 51883 used, 61872 free (2376 frags, 7437 blocks, 2. * FILE SYSTEM MARKED CLEAN * ** /dev/ufs/pfSenseCfg (NO WRITE) ** Last Mounted on /cf ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 7 files, 30 used, 1841 free (33 frags, 226 blocks, 1.8% fragmentation) WARNING: R/W mount of /cf denied. Filesystem is not clean - run fsck mount: /dev/ufs/pfSenseCfg: Operation not permitted ** /dev/ufs/pfSenseCfg ** Last Mounted on /cf ** Phase 1 - Check Blo ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 7 files, 30 used, 1841 free (33 frags, 226 blocks, 1.8% fragmentation) * FILE SYSTEM MARKED CLEAN * done. Creating symlinks..done. Launching PHP init system... done. Initializing Warning: main(globals.inc) [href='function.main'>function.main]: failed to open stream: No such file or directory in /etc/rc.bootup on lin e 38 Fatal error: main() [href='function.require'>function.require]: F ailed opening required 'globals.inc' (include_path='.:') in /etc/rc.bootup > on line 38 Starting CRON... done. Syncing packages... Warning: main(config.inc) [href='function.main'>function.main]: f ailed to open stream: No such file or directory in /etc/rc.packages on li ne 32 Fatal error: main() [href='function.require'>function.require]: F ailed opening required 'config.inc' (include_path='.:') in /etc/rc.packages b> on line 32 Executing rc.d items... Stopping /usr/local/etc/rc.d/*.sh...done. Starting /usr/local/etc/rc.d/*.sh...done. Warning: main(config.inc) [href='function.main'>function.main]: f ailed to open stream: No such file or directory in /etc/rc.conf_mount_ro on line 32 Fatal error: main() [href='function.require'>function.require]: F ailed opening required 'config.inc' (include_path='.:') in /etc/rc.conf_mount _ro on line 32 Bootup complete FreeBSD/i386 (Amnesiac) (console) Password: - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]