Re: [pfSense Support] Does anybody have working dual wan failover with pfsense?
It work for me on 1.2 It is the old way for now, but it works On Tue, Jan 13, 2009 at 8:25 AM, Simon Cornelius P Umacob simon...@gmail.com wrote: On Mon, Jan 12, 2009 at 6:42 PM, Erwan David erwan.da...@trusted-logic.com wrote: On Mon, Jan 12, 2009 at 11:30:44AM CET, Veiko Kukk veiko.k...@krediidipank.ee said: Erwan David wrote: It works great for me, in 1.2.1 Do you have also load sharing or only failover? How are your failover pools configured? --- Veiko I have both. 2 links, Wan and opt1 interfaces. 3 pools: preferWan, gateway (failover) Wan then opt1 preferOpt1, gateway (failover) opt1 then Wan loadBalanced, gateway (balance) wan,opt1 Then in firewall rules on LAN interface I use preferWan, preferOpt1 or loadBalanced as gateway. Yepp, same configuration in one of my setups. I even installed it on an ancient PC with 64MB RAM, which I later upgraded to 96MB. =) [ simon.cpu ] - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- честността не е порок
[pfSense Support] hptrr: no controller detected on 1.2.2 and 1.2.1
Hello again, After many tryouts for upgrading and fresh installing the 1.2.2 and 1.2.1 I got same error when system boots: ,,hptrr: no controller detected. I understand that comes with FreeBSD 7, but I cant find how to workaround it. I do not understand fully the problem and I think that my hardware is very very old. But still ... there is somewhere a solution. Can someone give some light about the problem. PS -- after that error system hangs -- честността не е порок
Re: [pfSense Support] Bridging 4 auto MDIX eth interfaces for LAN zone doesn't work correct
Hello, Am Sonntag, den 11.01.2009, 15:28 -0500 schrieb Chris Buechler: On Sun, Jan 11, 2009 at 9:22 AM, Dominik Schips domi...@s235.de wrote: Hello, I use a Soekris net5501-70 (4 eth interfaces with auto MDIX) with a lan1641 (4 eth interfaces). So I have 8 interfaces in this nice box. My LAN zone are the 4 auto MDIX eth ports brideged together and the other 4 are used for WAN, DMZ, DEV and PBX zone. Sometimes after removing a CAT5 cable of a client (connected to the brideged OPT1 interface) or a DHCP request it doesn't get an IP again. If you force it to renew after waiting about 30 seconds does it work? The bridges use STP and there is a delay before a port is brought online. No waiting for about 30s doesn't work for me. The client 2 (bridged OPT1 to LAN) only get an IP if I also renew client 1 (LAN interface) at the same time. If not, run ifconfig from Diagnostics - Command when you're having the problem, and post the output here. Here is my output from ifconfig: $ ifconfig vr0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST metric 0 mtu 1500 options=2809RXCSUM,VLAN_MTU ether 00:00:24:cb:4d:1c inet 192.168.13.254 netmask 0xff00 broadcast 192.168.13.255 inet6 fe80::200:24ff:fecb:4d1c%vr0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect (100baseTX full-duplex) status: active vr1: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST metric 0 mtu 1500 options=2809RXCSUM,VLAN_MTU ether 00:00:24:cb:4d:1d inet6 fe80::200:24ff:fecb:4d1d%vr1 prefixlen 64 scopeid 0x2 media: Ethernet autoselect (100baseTX full-duplex) status: active vr2: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST metric 0 mtu 1500 options=2809RXCSUM,VLAN_MTU ether 00:00:24:cb:4d:1e inet6 fe80::200:24ff:fecb:4d1e%vr2 prefixlen 64 scopeid 0x3 media: Ethernet autoselect (none) status: no carrier vr3: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST metric 0 mtu 1500 options=2809RXCSUM,VLAN_MTU ether 00:00:24:cb:4d:1f inet6 fe80::200:24ff:fecb:4d1f%vr3 prefixlen 64 scopeid 0x4 media: Ethernet autoselect (none) status: no carrier sis0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8VLAN_MTU ether 00:00:24:c9:ad:60 inet 192.168.12.254 netmask 0xff00 broadcast 192.168.12.255 inet6 fe80::200:24ff:fec9:ad60%sis0 prefixlen 64 scopeid 0x5 media: Ethernet autoselect (none) status: no carrier sis1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8VLAN_MTU ether 00:00:24:c9:ad:61 inet 192.168.11.254 netmask 0xff00 broadcast 192.168.11.255 inet6 fe80::200:24ff:fec9:ad61%sis1 prefixlen 64 scopeid 0x6 media: Ethernet autoselect (100baseTX full-duplex) status: active sis2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8VLAN_MTU ether 00:00:24:c9:ad:62 inet 192.168.10.254 netmask 0xff00 broadcast 192.168.10.255 inet6 fe80::200:24ff:fec9:ad62%sis2 prefixlen 64 scopeid 0x7 media: Ethernet autoselect (none) status: no carrier sis3: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8VLAN_MTU ether 00:00:24:c9:ad:63 inet6 fe80::200:24ff:fec9:ad63%sis3 prefixlen 64 scopeid 0x8 media: Ethernet autoselect (100baseTX full-duplex) status: active pfsync0: flags=41UP,RUNNING metric 0 mtu 1460 pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128 pflog0: flags=100PROMISC metric 0 mtu 33204 enc0: flags=0 metric 0 mtu 1536 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0xc ng0: flags=88d1UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST metric 0 mtu 1492 inet6 fe80::200:24ff:fecb:4d1c%ng0 prefixlen 64 scopeid 0xd inet 92.228.192.101 -- 213.191.64.115 netmask 0x bridge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 ether 82:85:33:51:1b:84 id 00:00:24:c9:ad:60 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 root id 00:00:24:c9:ad:60 priority 32768 ifcost 0 port 0 member: vr3 flags=147LEARNING,DISCOVER,STP,AUTOEDGE,AUTOPTP port 4 priority 128 path cost 55 proto rstp role disabled state discarding member: vr2 flags=147LEARNING,DISCOVER,STP,AUTOEDGE,AUTOPTP port 3 priority 128 path cost 55 proto rstp role disabled state discarding member: vr0 flags=1e7LEARNING,DISCOVER,STP,EDGE,AUTOEDGE,PTP,AUTOPTP port 1 priority 128 path cost 20 proto rstp
Re: [pfSense Support] Delete pf rule for SIP (VoIP) every 24 hours?
Hello, Am Samstag, den 10.01.2009, 08:59 -0600 schrieb Bill Marquette: On Sat, Jan 10, 2009 at 3:45 AM, Dominik Schips domi...@s235.de wrote: Hello, I am using pfSense 1.2.2 and it is wonderfull. However I have one problem with SIP (port 5060) calls. My (german) provider does every 24 hours a reconnect of the ADSL line (PPPoE). Normally that is never a problem. I set the reconnect to 5:30 in the morning. I use siproxd to pass the SIP connections to a SIP phone. It works without problems. But after the 24 hour reconnect I still have the old public IP at the state for the port 5060. So I can not make a new call before I delete the second rule at the states diagnostic page. udp 217.10.x.x:5060 - 192.168.1.100:5060 MULTIPLE:MULTIPLE udp 192.168.1.100:5060 - 92.227.x.x:5060 - 217.10.x.x:5060 MULTIPLE:MULTIPLE 217.10.x.x is the sip provider asterisk server. 92.227.x.x is my public IP (for the current 24 hours). 192.168.1.100 is my SIP phone at the LAN. After deletion the new rule (with new public IP) appears and SIP calls are possible again without problems. Does somebody has an idea or could explain me how to make a cronjob by ssh login to delete all states for port 5060 every 24 hours? You'll want to do: pfctl -k 217.10.x.x This information help me a lot to solve my problem. So I would share the solution with the rest of the pfSense users. in your cron job. http://forum.pfsense.org/index.php?topic=8485.msg47601 has some good information on setting up cron jobs. I search a lot about to create a cron correct with pfSense (1.2.2) and finally get a solution with all this information if found. Because they didn't work correct for me. First login by ssh to your pfSense and edit /etc/crontab or use Diagnostics -- Edit File. Put the cronjobs you need at the end of the others. Then you can logout again. You have to do this because pfSense check the current /etc/crontab if you restore a backup file. I put this to /etc/crontab: */7 * * * * root/sbin/pfctl -k 192.168.1.100 -k 217.10.x.x */7 * * * * root/sbin/pfctl -k 217.10.x.x -k 192.168.1.100 Then go to Diagnostics -- Backup/Restore and get a actual backup file. Open this file on your desktop machine and put the same cron entry to the cron section at the end. This should look like this (in my case): item minute*/7/minute hour*/hour mday*/mday month*/month wday*/wday whoroot/who command/sbin/pfctl -k 192.168.1.100 -k 217.10.x.x/command /item item minute*/7/minute hour*/hour mday*/mday month*/month wday*/wday whoroot/who command/sbin/pfctl -k 217.10.x.x -k 192.168.1.100/command /item Save the file and restore it at Diagnostics -- Backup/Restore. You should get an information that the system is going to reboot now. If you get an array error or something like this, then you did something wrong with the crontab entries end the backup/restore procedure. A scheduled rule might also solve your problem. I don't know how to make a scheduled rule as flexible as what I did now. If there is only a rule or something else which renew the rules after the 24 hour reconnect you can get trouble if a reconnect happen again. I tested a lot and if the DSL connection goes down betwen the 24 hour reconnect the states didn't get updated. My cron solution only deletes the SIP connection for port 5060 every 7 minutes. If you do a call and the rules are deleted this doesn't affect the call and the states are build up immediately again. Now my pfSense work correct with the Asterisk (Askozia) PBX. :) Thanks for helping. Regards Dominik - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] DNS in a multi-wan environment
Greetings list, I have a number of multi-wan sites where the 2 connections are provided by different service providers, each of whom has different DNS servers. My usual practice has been to use one from each provider on the general page. However, DNS servers from ISP A can only be queried from their connection, likewise with DNS servers from ISP B. Is there any way of insisting queries sent via each ISP's DNS server are routed via their individual connections? I can create rules on the LAN interface to route DNS according to the gateway, but does this apply to pfsense itself (i.e. where the DNS forwarder is being used)? Thanks in advance! Regards, Chris - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Re: hptrr: no controller detected on 1.2.2 and 1.2.1
I get some idea for that problem (strange that I do not have RAID or something like that). I read this http://unix.derkeiler.com/pdf/Mailing-Lists/FreeBSD/questions/2008-07/msg01662.pdf and I will wait for pfsense on FreeBSD 7.1 On Tue, Jan 13, 2009 at 12:10 PM, Peter Todorov pmi...@gmail.com wrote: Hello again, After many tryouts for upgrading and fresh installing the 1.2.2 and 1.2.1 I got same error when system boots: ,,hptrr: no controller detected. I understand that comes with FreeBSD 7, but I cant find how to workaround it. I do not understand fully the problem and I think that my hardware is very very old. But still ... there is somewhere a solution. Can someone give some light about the problem. PS -- after that error system hangs -- честността не е порок -- честността не е порок
Re: [pfSense Support] Re: hptrr: no controller detected on 1.2.2 and 1.2.1
This is not a problem at all. As said it's just a driver configured to be too verbose. You can ignore it. As a workaround you can just compile kernel without device hptrr I'm not sure how to do this in pfsense, but I guess the same rules as in FreeBSD will apply. On Jan 13, 2009, at 1:40 PM, Peter Todorov wrote: I get some idea for that problem (strange that I do not have RAID or something like that). I read this http://unix.derkeiler.com/pdf/Mailing-Lists/FreeBSD/questions/2008-07/msg01662.pdf and I will wait for pfsense on FreeBSD 7.1 On Tue, Jan 13, 2009 at 12:10 PM, Peter Todorov pmi...@gmail.com wrote: Hello again, After many tryouts for upgrading and fresh installing the 1.2.2 and 1.2.1 I got same error when system boots: ,,hptrr: no controller detected. I understand that comes with FreeBSD 7, but I cant find how to workaround it. I do not understand fully the problem and I think that my hardware is very very old. But still ... there is somewhere a solution. Can someone give some light about the problem. PS -- after that error system hangs -- честността не е порок -- честността не е порок -- Best Wishes, Stefan Lambrev ICQ# 24134177
Re: [pfSense Support] DNS in a multi-wan environment
On Tue, Jan 13, 2009 at 6:24 AM, Chris Bagnall li...@minotaur.cc wrote: Greetings list, I have a number of multi-wan sites where the 2 connections are provided by different service providers, each of whom has different DNS servers. My usual practice has been to use one from each provider on the general page. However, DNS servers from ISP A can only be queried from their connection, likewise with DNS servers from ISP B. Is there any way of insisting queries sent via each ISP's DNS server are routed via their individual connections? I can create rules on the LAN interface to route DNS according to the gateway, but does this apply to pfsense itself (i.e. where the DNS forwarder is being used)? Use static routes. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] hptrr: no controller detected on 1.2.2 and 1.2.1
On Tue, Jan 13, 2009 at 5:10 AM, Peter Todorov pmi...@gmail.com wrote: Hello again, After many tryouts for upgrading and fresh installing the 1.2.2 and 1.2.1 I got same error when system boots: ,,hptrr: no controller detected. I understand that comes with FreeBSD 7, but I cant find how to workaround it. I do not understand fully the problem hptrr isn't the problem, it's something after that point, which I believe is where your hard drive gets detected. It's a FreeBSD issue of some sort. Try a stock FreeBSD 7.0 to see what happens. Also see: http://doc.pfsense.org/index.php/Policy_on_FreeBSD_issues - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] dnsmasq 2.46? in 1.2.2??
Is there any reason why dnsmasq 2.46 wasn't added to 1.2.2 releases? We tried upgrading our 1.2.2 box but were getting some errors for missing library's. Thanks, Adam - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dnsmasq 2.46? in 1.2.2??
On Tue, Jan 13, 2009 at 3:32 PM, apiase...@midatlanticbb.com apiase...@midatlanticbb.com wrote: Is there any reason why dnsmasq 2.46 wasn't added to 1.2.2 releases? We tried upgrading our 1.2.2 box but were getting some errors for missing library's. Yes, there is a BIG reason: Remove ISC-leasefile reading code. This has been deprecated for a long time, and last time I removed it, it ended up going back by request of one user. This time, it's gone for good; otherwise it would need to be re-worked to support multiple domains (see below). We use that, too. I suggest e-mailing the author of dnsmasq and letting him know that there are a lot more folks than just one person using that feature! Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Intel Atom Motherboards or Similar Systems
I have been looking at Atom based systems for a while. I keep drooling over these cheapo, compact, low power units. I'd really like to replace my 1Ghz, 1GB, 1U machine running pfSense with one. Are these things supported in pfSense? Is anyone using them or can recommend a board or specific system? I just need dual network/LAN. I have been looking at Jetway and Intel boards. Any suggested configs (and accessories, riser cards, CF, etc...) or alternatives would be appreciated. Regards, Chuck - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] bug in lagg driver with interfaces down in 2.0 Alpha
Testing yesterday snapshots of 2.0 Alpha I have found a regression in lagg driver wich causes kernel panic in lagg config: The freebsd bug http://www.freebsd.org/cgi/query-pr.cgi?pr=122794 Any fix on this??? Best regards - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Iface combo not showing lagg interfaces for vlan association.
Testing 20090112 2.0 Alpha I have found that the lagg interfaces are not listed in the combo for vlan parent interface, any workaraound for this???. Best regards - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Iface combo not showing lagg interfaces for vlan association.
On Tue, Jan 13, 2009 at 6:13 PM, Aliet Santiesteban Sifontes alietsantieste...@gmail.com wrote: Testing 20090112 2.0 Alpha I have found that the lagg interfaces are not listed in the combo for vlan parent interface, any workaraound for this???. write code submit patch get famous continue living on ramen (the contract didn't stipulate profit) --Bill - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Intel Atom Motherboards or Similar Systems
On Tue, Jan 13, 2009 at 3:44 PM, Chuck Mariotti cmario...@xunity.com wrote: I have been looking at Atom based systems for a while. I keep drooling over these cheapo, compact, low power units. I'd really like to replace my 1Ghz, 1GB, 1U machine running pfSense with one. Are these things supported in pfSense? Is anyone using them or can recommend a board or specific system? I just need dual network/LAN. I have been looking at Jetway and Intel boards. Any suggested configs (and accessories, riser cards, CF, etc...) or alternatives would be appreciated. Here ya go: http://www.netgate.com/product_info.php?cPath=60_84products_id=671 Alix 6B2 Kit. 2 10/100 NICs, 500MHz Geode processor, 256MB RAM, 512MB flash, $180. All you need to run pfSense. And only draws about 5w from the wall. Only drawback is that you have to pull the flash card when you want to upgrade an embedded system - for my production systems I keep an extra flash card around (less than $20) flash that and load it with a config backup so that downtime is minimal when upgrading. Basically as long as it takes for you to pull the thing apart and swap out a flash card. If the case had an opening for the flash card it'd be even faster (have been tempted to dremel out an opening to make flash card swapouts and upgrades extremely quick). They also make the Alix boards with 3 NICs and you can also load them up with a miniPCI wireless card, too if you want that. -Dave - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Iface combo not showing lagg interfaces for vlan association.
On Tue, Jan 13, 2009 at 7:13 PM, Aliet Santiesteban Sifontes alietsantieste...@gmail.com wrote: Testing 20090112 2.0 Alpha I have found that the lagg interfaces are not listed in the combo for vlan parent interface, any workaraound for this???. Best regards Kindly, this list is for pfSense-release and not for alpha versions :) If you do not mind, please post your messages on the 2.0 testing area of the forum. Thanks. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Dell XPS R400 Pentium 400 II and IDE / CF Read error
Hi I was given a couple of the above boxes, the 8G HDD's are noisy yet run pfSense fine. The rest of the boxes are quiet with largish CPU heatsinks instead of typically noisy CPU fans. I was hoping they would become nice quiet boxes running pfSense on IDE / CF drives. I connected up some IDE CF adapters expecting these to simply run, and find they boot straight into a read error. I tried pfSense 1.01 and 1.20.2. FreeNAS also has the same read error shown. They have the latest Dell A13 BIOS and both behave the same, two quite different CF / IDE adapters also give same result. The Linux DD-WRT boots fine using CF / IDE. Googling did not find me anything of any help on this. Anyone know anything about this, I suppose this is a BIOS incompatibility with FreeBSD and they are not going to work as I had hoped? Kind regards David Hingston
Re: [pfSense Support] Intel Atom Motherboards or Similar Systems
I'm running pfSense on an Alix 2d3. The install was pretty flawless. No wireless, but I did get the Soekris VPN 1411 miniPCI card for encryption acceleration. It was auto-recognized. On the other hand, my Asterisk box (pbxinaflash/freepbx) is an Intel Atom CPU/Board bundle. I needed to install a temporary extra NIC to download drivers for the Realtek onboard NIC, which was pain because freepbx's bundled OS, CentOS, gave it the wrong drivers. Kernel panic on install, then disable the on-board NIC via BIOS, then install extra NIC, then install correct Realtek drivers, and re-enable the on-board NIC, remove the extra NIC from the single PCI slot, and install my Digium Analog card. It has run flawlessly since. (Also replaced my Vonage Comcast lines with a generic SIP trunk for about 1/20th my old monthly bills.) I have no idea if the newer Atom board's onboard NIC will get recognized correctly in FreeBSD. The Atom Board has plenty of CPU power, more than the Alix board and can take more RAM, a hard disk, CDROM, etc. with the right case. It depends on what you're going to run -- embedded or with room for add-ons. They're both great. On Tue, Jan 13, 2009 at 7:26 PM, David Rees dree...@gmail.com wrote: On Tue, Jan 13, 2009 at 3:44 PM, Chuck Mariotti cmario...@xunity.com wrote: I have been looking at Atom based systems for a while. I keep drooling over these cheapo, compact, low power units. I'd really like to replace my 1Ghz, 1GB, 1U machine running pfSense with one. Are these things supported in pfSense? Is anyone using them or can recommend a board or specific system? I just need dual network/LAN. I have been looking at Jetway and Intel boards. Any suggested configs (and accessories, riser cards, CF, etc...) or alternatives would be appreciated. Here ya go: http://www.netgate.com/product_info.php?cPath=60_84products_id=671 Alix 6B2 Kit. 2 10/100 NICs, 500MHz Geode processor, 256MB RAM, 512MB flash, $180. All you need to run pfSense. And only draws about 5w from the wall. Only drawback is that you have to pull the flash card when you want to upgrade an embedded system - for my production systems I keep an extra flash card around (less than $20) flash that and load it with a config backup so that downtime is minimal when upgrading. Basically as long as it takes for you to pull the thing apart and swap out a flash card. If the case had an opening for the flash card it'd be even faster (have been tempted to dremel out an opening to make flash card swapouts and upgrades extremely quick). They also make the Alix boards with 3 NICs and you can also load them up with a miniPCI wireless card, too if you want that. -Dave - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Intel Atom Motherboards or Similar Systems
Boards like this would be interesting (but probably expensive). http://www.ibase.com.tw/ib882.htm
Re: [pfSense Support] Intel Atom Motherboards or Similar Systems
On Tue, Jan 13, 2009 at 6:23 PM, Jeppe Øland jol...@gmail.com wrote: Boards like this would be interesting (but probably expensive). http://www.ibase.com.tw/ib882.htm This is is a cheap way to get a barebones Atom setup: http://www.newegg.com/Product/Product.aspx?Item=N82E16856107036 Just need to add another NIC, memory and storage device to get it going. Will cost a bit more and draw significantly more power than an Alix box, but should be able to push a gigabit through it if you get the right NIC. -Dave - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Intel Atom Motherboards or Similar Systems
I have been running pfSense off of CDROM with config on USB Flash Drive for at least two years now without a hiccup. I previously ran Monowall on HDD, that failed (the drive), then moved to CF, that failed... They all stayed up for a year or two... but eventually hardware died. So I've been pretty happy with the CDROM based solution. Easy to upgrade as well. I would very much like to run this on HDD again, so that I have access to the extra modules maybe some IDS of some sort. This is a firewall for my equipment at a datacenter so all I get are constant attempts of intrusion and it would be nice to adapt/avoid. To be honest, I hate the idea of having to use a terminal to set it up, not because I can't, just because I'd have to teach the other admins how to do it in case of an emergency. It also probably means I'd have to get a second one setup for failover. Not a big deal, but it's out of the comfort zone. I'm glad you mentioned your Asterisk implementation, since I posted almost the exact same question on the Toronto Asterisk Users Group (TAUG) list with some interesting responses so far. I'm in a similar situation with it as well... I have a couple of Asterisk boxes (running Trixbox, again due to the other admins). Are you using this in production or at home? I'm interested to find out how many transcoded calls it can handle, call recording, etc... Which Kit/MB did you end up using? Regards, Chuck -Original Message- From: Larry Sampas [mailto:la...@larrysampas.com] Sent: Tuesday, January 13, 2009 9:18 PM To: support@pfsense.com Subject: Re: [pfSense Support] Intel Atom Motherboards or Similar Systems I'm running pfSense on an Alix 2d3. The install was pretty flawless. No wireless, but I did get the Soekris VPN 1411 miniPCI card for encryption acceleration. It was auto-recognized. On the other hand, my Asterisk box (pbxinaflash/freepbx) is an Intel Atom CPU/Board bundle. I needed to install a temporary extra NIC to download drivers for the Realtek onboard NIC, which was pain because freepbx's bundled OS, CentOS, gave it the wrong drivers. Kernel panic on install, then disable the on-board NIC via BIOS, then install extra NIC, then install correct Realtek drivers, and re-enable the on-board NIC, remove the extra NIC from the single PCI slot, and install my Digium Analog card. It has run flawlessly since. (Also replaced my Vonage Comcast lines with a generic SIP trunk for about 1/20th my old monthly bills.) I have no idea if the newer Atom board's onboard NIC will get recognized correctly in FreeBSD. The Atom Board has plenty of CPU power, more than the Alix board and can take more RAM, a hard disk, CDROM, etc. with the right case. It depends on what you're going to run -- embedded or with room for add-ons. They're both great. On Tue, Jan 13, 2009 at 7:26 PM, David Rees dree...@gmail.com wrote: On Tue, Jan 13, 2009 at 3:44 PM, Chuck Mariotti cmario...@xunity.com wrote: I have been looking at Atom based systems for a while. I keep drooling over these cheapo, compact, low power units. I'd really like to replace my 1Ghz, 1GB, 1U machine running pfSense with one. Are these things supported in pfSense? Is anyone using them or can recommend a board or specific system? I just need dual network/LAN. I have been looking at Jetway and Intel boards. Any suggested configs (and accessories, riser cards, CF, etc...) or alternatives would be appreciated. Here ya go: http://www.netgate.com/product_info.php?cPath=60_84products_id=671 Alix 6B2 Kit. 2 10/100 NICs, 500MHz Geode processor, 256MB RAM, 512MB flash, $180. All you need to run pfSense. And only draws about 5w from the wall. Only drawback is that you have to pull the flash card when you want to upgrade an embedded system - for my production systems I keep an extra flash card around (less than $20) flash that and load it with a config backup so that downtime is minimal when upgrading. Basically as long as it takes for you to pull the thing apart and swap out a flash card. If the case had an opening for the flash card it'd be even faster (have been tempted to dremel out an opening to make flash card swapouts and upgrades extremely quick). They also make the Alix boards with 3 NICs and you can also load them up with a miniPCI wireless card, too if you want that. -Dave - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For
[pfSense Support] RE: Intel Atom Motherboards or Similar Systems
Has anyone had any luck with ASUS EEE Box PCs? Them seem to have built-in Gigabit Ethernet, Wireless B/G/N and a PCMCIA expansion... I can't seem to find the manufacturer of the Ethernet/wireless and if it would work with pfSense. -Original Message- From: Chuck Mariotti [mailto:cmario...@xunity.com] Sent: Tuesday, January 13, 2009 6:44 PM To: support@pfsense.com Subject: [pfSense Support] Intel Atom Motherboards or Similar Systems I have been looking at Atom based systems for a while. I keep drooling over these cheapo, compact, low power units. I'd really like to replace my 1Ghz, 1GB, 1U machine running pfSense with one. Are these things supported in pfSense? Is anyone using them or can recommend a board or specific system? I just need dual network/LAN. I have been looking at Jetway and Intel boards. Any suggested configs (and accessories, riser cards, CF, etc...) or alternatives would be appreciated. Regards, Chuck - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Bridging 4 auto MDIX eth interfaces for LAN zone doesn't work correct
On Tue, Jan 13, 2009 at 5:39 AM, Dominik Schips domi...@s235.de wrote: Here is my output from ifconfig: The bridge looks fine. The interfaces that are plugged in are forwarding, the ones that don't have link are discarding. Which interface wasn't working when you ran that? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Intel Atom Motherboards or Similar Systems
On Wed, Jan 14, 2009 at 4:01 PM, Chuck Mariotti cmario...@xunity.com wrote: To be honest, I hate the idea of having to use a terminal to set it up, not because I can't, just because I'd have to teach the other admins how to do it in case of an emergency. It also probably means I'd have to get a second one setup for failover. Not a big deal, but it's out of the comfort zone. Your other admins haven't set stuff up over consoles before? That's how (IME) the majority of (non-consumer) network hardware gets (at least initially) configured, or are these guys systems admins rather than network techs? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Intel Atom Motherboards or Similar Systems
System Admins... It could save a phone call in the middle of the night. Since they have been using pfSense for a while, I can hear the complaining already. What do you mean I can't just switch to it? Although I agree that terminal access has been pretty standard over the many years, IMHO it can be more painful at time than just doing a KVM switch when you are in a datacenter. Rather than having another machine to access it. Easy access to BIOS info, etc... Today's hardware is so cheap, it's just another convenience that's nice to have. -Original Message- From: Morgan Reed [mailto:morgan.s.r...@gmail.com] Sent: Wednesday, January 14, 2009 12:41 AM To: support@pfsense.com Subject: Re: [pfSense Support] Intel Atom Motherboards or Similar Systems On Wed, Jan 14, 2009 at 4:01 PM, Chuck Mariotti cmario...@xunity.com wrote: To be honest, I hate the idea of having to use a terminal to set it up, not because I can't, just because I'd have to teach the other admins how to do it in case of an emergency. It also probably means I'd have to get a second one setup for failover. Not a big deal, but it's out of the comfort zone. Your other admins haven't set stuff up over consoles before? That's how (IME) the majority of (non-consumer) network hardware gets (at least initially) configured, or are these guys systems admins rather than network techs? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org