[pfSense Support] embedded pfsense and external squid ... how?
hi all, i have a working pfsense setup on a soekris i've also have got a squid server in my dmz and would like to transparently redirect all http traffic to this external squid instance. is this possible without getting into some serious loops? cheers charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
[pfSense Support] Bridge + Captive Portal
Hi, Just top make sure, is it possible to use pfSense in bridge mode + captive portal: before crossing the bridge the user must authenticate. If so, how many interfaces are needed? That is not completly impossible, I used to build a prototype with NoCat, but it needed 4 interfaces (or the captive portal authentication on a machine outside the firewall). Best regards, Olivier - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
In pfSense's DHCP Server config, put the squid's server up address as the gateway. lartc escreveu: hi all, i have a working pfsense setup on a soekris i've also have got a squid server in my dmz and would like to transparently redirect all http traffic to this external squid instance. is this possible without getting into some serious loops? cheers charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
David Meireles wrote: In pfSense's DHCP Server config, put the squid's server up address as the gateway. David, you are either joking, or crazy... :) LARTC, Add a redirect on LAN interface from LAN to any port 80, internal address proxy. If you need 443 (or 8080), create an alias and use that inthe redirect rule. Remember to pass traffic from the proxy to the internet (on DMZ) Angelo. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
On Fri, 2008-11-14 at 14:52 +0100, Angelo Turetta wrote: David Meireles wrote: In pfSense's DHCP Server config, put the squid's server up address as the gateway. David, you are either joking, or crazy... :) LARTC, Add a redirect on LAN interface from LAN to any port 80, internal address proxy. If you need 443 (or 8080), create an alias and use that inthe redirect rule. Remember to pass traffic from the proxy to the internet (on DMZ) Angelo. hi angelo, thanks :-) charles -- simplified chinese is not nearly as easy as they would have you believe ... a superlative oxymoron --anonymous - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
Angelo, not joking, not crazy... Before having squid installed in the pfSense box, there was an IPCop Proxy with a direct connect to the web (2 lan cards, one green, other red). To make the clients pass that server (in transparent mode), I used it as gateway in DHCP config, and it worked all the time... ??? lartc escreveu: On Fri, 2008-11-14 at 14:52 +0100, Angelo Turetta wrote: David Meireles wrote: In pfSense's DHCP Server config, put the squid's server up address as the gateway. David, you are either joking, or crazy... :) LARTC, Add a redirect on LAN interface from LAN to any port 80, internal address proxy. If you need 443 (or 8080), create an alias and use that inthe redirect rule. Remember to pass traffic from the proxy to the internet (on DMZ) Angelo. hi angelo, thanks :-) charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
[pfSense Support] Interaction between traceroute and captive portal
Hello, Using a pfSens system as firewall/router between some computers on a local network and an ADSL internet access, I've noted a strange behaviour : computers goes to internet through teh Captive Portal ; when one registers with his login/password, he can do normal traceroutes. when others access to internet without entering login/password, because they are on the 'passthrough MAC address list', the Internet access works well but a traceroute don't show anything after the pfSense's node : is there a way to workaround this ? We used 'passthrough MAC address list' to avoid some people to have to register again when the pfSense router have rebooted (we have quite a lot of power cuts here :-( : is there another way to do this ? Thanks for any tips, Fred. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
Important point of note, you cannot transparently redirect SSL encrypted traffic to squid for caching. Squid can't look inside an SSL tunnel and so the connections will simply break. Otherwise, Angelo's correct, this is the way to transparently redirect to an external squid box. Angelo Turetta wrote: David Meireles wrote: In pfSense's DHCP Server config, put the squid's server up address as the gateway. David, you are either joking, or crazy... :) LARTC, Add a redirect on LAN interface from LAN to any port 80, internal address proxy. If you need 443 (or 8080), create an alias and use that inthe redirect rule. Remember to pass traffic from the proxy to the internet (on DMZ) Angelo. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org !DSPAM:491d944715801475114737! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Directed Broadcast for WOL
On Thu, Nov 13, 2008 at 5:02 PM, Heinrich Pechtold [EMAIL PROTECTED] wrote: Hi, is there a possibility to enable directed Broadcasts (redirecting them in the remote subnet) for WOL purposes in Freebsd? I would like to turn on some PCs in a remote Vlan. Not that I know of. Only direct attached machines are capable as far as I know. But then again I have never looked into a UPNP proxy of sorts. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Directed Broadcast for WOL
Scott Ullrich wrote: On Thu, Nov 13, 2008 at 5:02 PM, Heinrich Pechtold [EMAIL PROTECTED] wrote: Hi, is there a possibility to enable directed Broadcasts (redirecting them in the remote subnet) for WOL purposes in Freebsd? I would like to turn on some PCs in a remote Vlan. Not that I know of. Only direct attached machines are capable as far as I know. But then again I have never looked into a UPNP proxy of sorts. could you use the web UI (or ssh in) to run a script or tool to send the WOL packet? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
[pfSense Support] Intel x38ml board and nic
I would like to use a pair of Intel x38ml server boards to build a pfSense appliance with carp fail over. The onboard nics use the Intel 82575EB chip. I will also need to add Intel PRO/1000 PT Dual wich uses a 82572GI chip. I checked the Freebsd 7.0 HCL and I didn't see the two chips I mentioned, but I see 82572 and 82573. Does anybody know if Intel 82575EB and 82572GI.based nics would work with pfSense 1.2.1 ? Thanks. Max - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Intel x38ml board and nic
I apologize for the receipt request. I didn't use my pc and this one had the request turned on in Thunderbird. Sorry for the inconvenience. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
On Fri, Nov 14, 2008 at 9:03 AM, David Meireles [EMAIL PROTECTED] wrote: Angelo, not joking, not crazy... Before having squid installed in the pfSense box, there was an IPCop Proxy with a direct connect to the web (2 lan cards, one green, other red). To make the clients pass that server (in transparent mode), I used it as gateway in DHCP config, and it worked all the time... I'm guessing the IPCop redirects port 80 to it's local squid instance. If your squid is setup this way, then yes, this would work. I can only guess at the original posters configuration, but it's likely not setup to do that. Squid is probably running on it's default 3128 port and expecting to be used as a proxy and is using pfSense to do the redirection. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Intel x38ml board and nic
On Fri, Nov 14, 2008 at 2:42 PM, Max Cristin [EMAIL PROTECTED] wrote: I would like to use a pair of Intel x38ml server boards to build a pfSense appliance with carp fail over. The onboard nics use the Intel 82575EB chip. I will also need to add Intel PRO/1000 PT Dual wich uses a 82572GI chip. I checked the Freebsd 7.0 HCL and I didn't see the two chips I mentioned, but I see 82572 and 82573. Does anybody know if Intel 82575EB and 82572GI.based nics would work with pfSense 1.2.1 ? Thanks. Google 82572GI site:pfsense.org finds the answer: http://forum.pfsense.org/index.php/topic,12379.msg67749.html#msg67749 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org