[pfSense Support] HAVP+SQUID Transparent
Helloo Im not able to put HAVP + SQUID in tranasparent mode, using cache_peer options... Somebody succesfull in this task? Thanks -- Mikel Jimenez Fernandez Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com +34 94.404.81.82 - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: Can captive portal authenticate based on windows login
Automatic WEB access authentication on FreeBSD based web proxy I have seen a couple of ways round this in the past. one was to automate an ssh connection to logon from the windows client machine (useing an ssl key from the user's home directory) This resulted in a scripted PF access list change that gave access to the logged on computer based on logged on user. The down side is you need accounts for all your users on the pf machine. The other was a mixture of SQUID and samba that used a mapped drive on the SQUID machine to check samba connections and hence allow access. This was some time ago and we took the view that in an open plan office the internet is regulated by the fact your monitor is on view Rob
Re: [pfSense Support] bridging 2 networks with pfsense+openvpn
2009/4/23 Jaime Díaz jnd...@gmail.com: What you could also do is subnet the 192.168.1.0/24 network in two, using 192.168.1.0/25 and 192.168.1.128/25. That will give you 126 IP addresses for each site, with only changing your subnet mask. Thank you all. I will use two different networks as it's not that big a deal to change one of the office lans, and it will give the advantage that all the pptp users still on the network on the DC won't have problems when their home networks are 192.168.1.0/24. I will post results about throughput later on, the slow link is embedded on soekris 4801 -- Med venlig hilsen / Best regards Brian Josefsen - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Attention Firebox X Series Users - Testing Needed
Is there an update path from 1.2.2 to 1.2.3-RC1 embedded? I only see Full images on the mirrors. I can do a backup/swap CF/restore, but the box I was going to test on is 120 miles away. I have a pile of the X500 boxes here and would love to deploy them, but the watchdog timeouts are killing me. Thanks for working on this! Thanks, Andrew - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Attention Firebox X Series Users - Testing Needed
On Fri, Apr 24, 2009 at 10:32 AM, Andrew Cotter andrew.cot...@somersetcapital.com wrote: Is there an update path from 1.2.2 to 1.2.3-RC1 embedded? I only see Full images on the mirrors. I can do a backup/swap CF/restore, but the box I was going to test on is 120 miles away. I have not had a successful embedded in-place upgrade since version 1.0.mumble (or perhaps earlier...) I always expect I will need to re-flash, and I always end up having to re-flash if i try the in-place upgrade. Your best bet is to try the upgrade via the ssh (or serial) console. For our remote office which is *very* far away, we usually make a new CF card with the config pre-loaded on a test box we have here, then ship it to them for swapping. This has worked great the last three major upgrades we did. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Attention Firebox X Series Users - Testing Needed
On Fri, Apr 24, 2009 at 10:32 AM, Andrew Cotter andrew.cot...@somersetcapital.com wrote: Is there an update path from 1.2.2 to 1.2.3-RC1 embedded? Not a guaranteed reliable one. You can grab an embedded update file off the snapshot server but it may blow up. That'll be resolved with the new embedded that's on the way, including a 1.2.x release, though post-1.2.3. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Attention Firebox X Series Users - Testing Needed
-Original Message- From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris Buechler Sent: Friday, April 24, 2009 1:12 PM To: support@pfsense.com Subject: Re: [pfSense Support] Attention Firebox X Series Users - Testing Needed On Fri, Apr 24, 2009 at 10:32 AM, Andrew Cotter andrew.cot...@somersetcapital.com wrote: Is there an update path from 1.2.2 to 1.2.3-RC1 embedded? Not a guaranteed reliable one. You can grab an embedded update file off the snapshot server but it may blow up. That'll be resolved with the new embedded that's on the way, including a 1.2.x release, though post-1.2.3. Thanks. I'll fire up one of the extra ones we have to test it. Andrew - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] No IP over DHCP
Hello List, I try the new 1.2.3-RC1-Embedded release on an ALix board. WAN -- sis0, dhcp LAN -- sis1, 10.0.0.1/24 WLAN -- ath0 bridged with LAN (atheros 5212 chipset) dhcp-server is enabled for LAN. the first firewallrules on the LAN and WLAN interfaces are UDP * 67-68*67/68 The porblem: After I seted up the system and tried to get an wireless IP over dhcp it worked fine the first couple of times, but after a while it stops working and i can?t get an ip. Thanks a lot for any ideas. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] 440BX Chipset
Is anyone using pfSense on a motherboard with the 440BX chipset? Does your CPU use drop to zero? A bug is suspected with this chipset and FreeBSD. The bug is evident when running /sbin/sysctl -n kern.cp_time successively from the command prompt reports the same non-incrementing numbers. Positive and negative reports would be appreciated. Kind regards David - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] possible bug pfsense 1.2.3
Hello Im watching that probably is a bug in Pfsense 1.2.3 First of all, sorry if Im not correct. I have installed pfsense 1.2.3 RC1 with squid package and HAVP. I put squid in transparent mode, and i look that it adds a pf rule in nat table. Corect, it works perfect, I see logs in /var/squid/log/access.log The problem is when rebooting machine this rule don't appear. You have to go to web interface, squid, an click save to enable transparent proxy... If I don't do this manula process, I dont see new logs in /var/squid/log/access.log. When I click save, it adds a pf rule and it works OK Somebody ? I m also experimenting this in pfsense 1.2.2. Im using vmware - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] No IP over DHCP
On Fri, Apr 24, 2009 at 5:27 PM, Michael Schmitt stiff...@linuxnoob.net wrote: Hello List, I try the new 1.2.3-RC1-Embedded release on an ALix board. WAN -- sis0, dhcp LAN -- sis1, 10.0.0.1/24 WLAN -- ath0 bridged with LAN (atheros 5212 chipset) dhcp-server is enabled for LAN. the first firewallrules on the LAN and WLAN interfaces are UDP * 67-68 * 67/68 The porblem: After I seted up the system and tried to get an wireless IP over dhcp it worked fine the first couple of times, but after a while it stops working and i can?t get an ip. Thanks a lot for any ideas. Make sure something is plugged into the LAN port if nothing is currently plugged in there. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] 440BX Chipset
Interesting thanks Jim, I note for me it is 440 BX and not 440BX!: pfSense:~# dmesg | grep 440 pcib0: Intel 82443BX (440 BX) host to PCI bridge pcibus 0 on motherboard Kind regards David - Original Message - From: Jim Pingle li...@pingle.org To: support@pfsense.com Sent: Saturday, April 25, 2009 12:11 PM Subject: Re: [pfSense Support] 440BX Chipset Tortise wrote: Is anyone using pfSense on a motherboard with the 440BX chipset? Does your CPU use drop to zero? A bug is suspected with this chipset and FreeBSD. The bug is evident when running /sbin/sysctl -n kern.cp_time successively from the command prompt reports the same non-incrementing numbers. Positive and negative reports would be appreciated. # dmesg | grep 440BX ACPI APIC Table: Intel N440BX # /sbin/sysctl -n kern.cp_time 29192 66135 337891 13623 44026017 # /sbin/sysctl -n kern.cp_time 29198 66135 337904 13624 44026271 # /sbin/sysctl -n kern.cp_time 29199 66135 337905 13624 44026491 # /sbin/sysctl -n kern.cp_time 29200 66135 337906 13624 44026705 # /sbin/sysctl -n kern.cp_time 29200 66135 337908 13624 44026913 # /sbin/sysctl -n kern.cp_time 29200 66137 337931 13625 44036089 NB: This is a dual CPU Intel LG440BX board with 2xPIII-800. The consumer version may behave differently, but I don't believe I still have any of those in place anywhere. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org