Re: [pfSense Support] connecting netgear fvs124g to openvpn for site to site vpn
On 1/27/2009 3:03 PM, Nick Smith wrote: The nightmare is trying to make it work with anything else but pfsense. Take a look a Linksys wrt54gl reflashed with linux distro (DD-WRT / OpenWRT / Other). - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Possible to boot pfSense with WAN interface down?
Hi Marty There will be a boot file that you can append the ifconfig command to, to take the WAN down on reboot. This file would need to be watched for change if upgrading, for example if using a later CF image. With alternative network dial in access you may be able to trigger pfsense to boot of there is WOL capability built in the pfsense PC BIOS and LAN. Have you also considered using a VPN in and keeping pfsense otherwise closed? Kind regards David - Original Message - From: Marty Nelson To: support@pfsense.com Sent: Wednesday, January 28, 2009 10:06 AM Subject: [pfSense Support] Possible to boot pfSense with WAN interface down? Greetings all. I have a customer who's putting in a DSL line for us to be able to better support them (we're currently dialing in). In doing so, they are somewhat breaking their corporate rules. Even with their current dial in setup, we have to call them and tell them to plug it in when we want access. Well now with the DSL line going in, even though I'm throwing pfSense in, they are now even more concerned with security. What I was wondering was if it was possible to have pfSense start with the WAN interface down so that we could then call them - dial in - connect to pfSense and manually fire up the WAN interface. As far as I can tell, I can issue an ifconfig fxp1 down command from the web interface (or by sshing in), but should the machine be rebooted the interface starts up automatically. Is what I'm looking for do-able? Thanks! -Marty
[pfSense Support] Odd Stunnel Behaviour
I've noticed something rather odd whilst attempting to do a combination of things with pfsense. I have a simple lab environment setup. pfsense: wan - 10.0.0.1 wan vip (carp) 10.0.0.10 Lan - 192.168.1.1 Server1: 192.168.1.20 Server2: 192.168.1.21 What i've been attempting to do, is setup a load balancer VIP on 10.0.0.10 that forwards through to 192.168.1.20 and 192.168.1.21. This works as expected, and does it's job perfectly. Where the oddness comes in, is when attempting to setup stunnel to forward connections in through from 10.0.0.10:443 to 10.0.0.10:8080 (the load balanced pool vip). I get an odd error in the STUNNEL logs; Operation Not Permitted Has anyone encountered this before? is there something obvious i've missed, for the lab tests, i've allowed everything on both the LAN/WAN devices to ensure no firewalls got in the way. (also disabled bogan networks etc). Any help would be greatly appreciated, i'm rather noobish when it comes to bsd and i'm a little confused as to where to even start looking. -- *Leon Strong *| Technical Engineer *DDI:* +64 9 950 2203 *Fax:* +64 9 302 0518 *Mobile:* +64 21 0202 8870 *Freephone:* 0800 SMX SMX (769 769) Level 11, 290 Queen Street, Auckland, New Zealand | SMX Ltd | smx.co.nz http://smx.co.nz SMX | Business Email Specialists The information contained in this email and any attachments is confidential. If you are not the intended recipient then you must not use, disseminate, distribute or copy any information contained in this email or any attachments. If you have received this email in error or you are not the originally intended recipient please contact SMX immediately and destroy this email.
Re: [pfSense Support] Possible to boot pfSense with WAN interface down?
On Thu, Jan 29, 2009 at 9:14 AM, Tortise tort...@paradise.net.nz wrote: Hi Marty There will be a boot file that you can append the ifconfig command to, to take the WAN down on reboot. I think you can just do an ifconfig interface down at the bottom of /etc/rc, although the interface would probably be brought up a few seconds before it can be brought down. For more control, check out interfaces_configure() at /etc/inc/interfaces.inc. =) Regards, [ simon.cpu ] - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org