[pfSense Support] pf tagging

[Matias Surdi]

Does pfSense 1.2 support pf's packet tagging?


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] pf tagging

[Ermal Luçi]

Only 2.0 from the gui

On Wed, Apr 29, 2009 at 1:49 PM, Matias Surdi  wrote:
> Does pfSense 1.2 support pf's packet tagging?
>
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>



-- 
Ermal

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

[pfSense Support] network interface mismatch

[Pete Boyd]

When installing pfSense 1.2.2 from the Live CD, if I use 2 network cards
of a similar type, for example 3Com 3C905B-TX or 3C905C-TX, I get "Network
interface mismatch -- Running interface assignment option" and right after
it only shows one 'xl0' interface.

I've had this issue every time I install pfSense using various 1.2 series
versions. I think I used to have it with IPCop too. I've tried the cards
in various PCI slots. I normally work around it by using two differing
3Com 3C905 variants, or perhaps a 3C900 and a 3C905 I can't recall. Today
I'm seeing it whilst using one 3C905B-TX and one 3C905C-TX (I can't
remember if I've gotten this particular card combination to work
previously).

The machine is a HP Vectra VL800, part number P3629AV, has a Pentium 4 CPU.
There's no BIOS update available from HP.

I've tried installing with and without PCI bus master in BIOS setup for
all PCI slots.

What's going on here? Is there anything I can do to work around it whilst
still using these cards as these types are all I have left in stock? Is
there any more info you need in order to help me?

Thanks


-- 
Pete Boyd

Open Plan IT - http://openplanit.co.uk
The Golden Ear - http://thegoldenear.org



-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

RE: [pfSense Support] network interface mismatch

[Chuck Mariotti]

I ran into the same thing but never resolved it. I just went out and bought two 
DLink $10 cards. I gave up on the 3Coms.

-Original Message-
From: Pete Boyd [mailto:petes-li...@thegoldenear.org] 
Sent: Wednesday, April 29, 2009 9:06 AM
To: support@pfsense.com
Subject: [pfSense Support] network interface mismatch

When installing pfSense 1.2.2 from the Live CD, if I use 2 network cards
of a similar type, for example 3Com 3C905B-TX or 3C905C-TX, I get "Network
interface mismatch -- Running interface assignment option" and right after
it only shows one 'xl0' interface.

I've had this issue every time I install pfSense using various 1.2 series
versions. I think I used to have it with IPCop too. I've tried the cards
in various PCI slots. I normally work around it by using two differing
3Com 3C905 variants, or perhaps a 3C900 and a 3C905 I can't recall. Today
I'm seeing it whilst using one 3C905B-TX and one 3C905C-TX (I can't
remember if I've gotten this particular card combination to work
previously).

The machine is a HP Vectra VL800, part number P3629AV, has a Pentium 4 CPU.
There's no BIOS update available from HP.

I've tried installing with and without PCI bus master in BIOS setup for
all PCI slots.

What's going on here? Is there anything I can do to work around it whilst
still using these cards as these types are all I have left in stock? Is
there any more info you need in order to help me?

Thanks


-- 
Pete Boyd

Open Plan IT - http://openplanit.co.uk
The Golden Ear - http://thegoldenear.org



-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

[pfSense Support] SNMP and NAT / Filtering

[Tim Roberts]

I have had an issue the past few years with PFSense I have never figured 
out. Im sure its something Ive setup wrong.


I have a variety of PFSense firewalls/routers and have the same issue with 
ALL of them regardless of version or how many interfaces they have.


In one example:
LAN - 172.16.x.x
CORE - 192.168.x.x
WAN - X

A workstation on the LAN can ping, http, telnet, ftp, ssh etc a device 
on 192.168.x.x network located on the CORE network. It cannot SNMPWalk or 
SNMPSet. If I take the same workstation, set its ip to 192.168.x.x and jack 
it into the CORE switch (so it bypasses any NAT/Routeing/Filtering)  I can 
do anything with SNMP I want on the remote device.


I do have SNMP enabled on the actual firewall so we can monitor it but I 
have tried turning it off to make sure there was not something getting 
mangled there.


I have also setup a specific outbound NAT rule for the LAN to the CORE that 
sends the traffic out a different 192.168.x.x virtual IP on the firewall and 
it behaves the same way. It just times out.


I have also went into the remote device and enabled read/write access for 
0.0.0.0/0 instead of 192.168.0.0/16 in case it was an acces restriction and 
was seeing the traffic come in from a weird network..


I setup a POS Linksys router with a 172.x.x.x LAN and a 192.168.x.x WAN for 
giggles and It works fine setting a workstation behind the Linksys and 
connecting remotly to the 192 device.


Any thoughts? Not much in the mailing lists for this so Im sure its end user 
stupidity.

Thanks
Tim


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

[pfSense Support] Wireless card recommendation

[k_o_l]

I would like to setup pfsense as an AP for home use, I have seen the
hardware compatibility  list, but I was wondering if anyone has a
recommendation for not so expensive (Best buy /microcenter) card based on
personal experience.

 

Thanks

Sam

 

 

RE: [pfSense Support] Attention Firebox X Series Users - Testing Needed

[Dimitri Rodis]

Currently, we have a couple of people (including myself just Monday) that
were able to reproduce watchdog timeouts on these units, although they seem
to be significantly reduced relative to previous builds. I am still working
with Pyun to try and get the issue resolved. Of course, we won't know that
it's fully resolved without people willing to beat these units up after
patches make their way into builds, so the more people we have, the better.

Folks interested in trying to narrow the remaining issues down should follow
(and post) on the forum, here:
http://forum.pfsense.org/index.php/topic,15669.0.html

Thanks,

Dimitri Rodis
Integrita Systems LLC 
http://www.integritasystems.com

-Original Message-
From: Joshua Schmidlkofer [mailto:joshl...@gmail.com] 
Sent: Tuesday, April 28, 2009 8:23 PM
To: support@pfsense.com; j...@pax2cargo.com
Subject: Re: [pfSense Support] Attention Firebox X Series Users - Testing
Needed

On 4/18/09 11:17 AM, Dimitri Rodis wrote:
> Attention Firebox X500/700/1000 Users using pfSense:
>
>
>
> Watchdog timeouts getting' you down? Thinkin' about throwin' that old
> Firebox in to the fireplace? Don't do that just yet! J
>
>
>
> Thanks to the pfSense devs, along with Pyun YongHyeon, the maintainer for
> the FreeBSD Realtek network driver, it appears that we may have solved the
> issue with the watchdog timeouts on the Realtek 8139C+ chips that are used
> in these units. For the past couple of days, I have worked with Pyun, and
> yesterday Pyun sent me a patch, and that patch was committed to the 1.2.3
> snapshot builds, as well as to the 2.0 alpha snapshot builds by the
pfSense
> devs, and is part of any snapshot build as of yesterday (4/17) at 2pm
> Eastern time, or later.
>
>
>
> Snapshot builds can be downloaded from
>
> http://snapshots.pfsense.org/FreeBSD7/RELENG_1_2/
>
> or
>
> http://snapshots.pfsense.org/FreeBSD7/HEAD/
>
>
>
> I have been testing a build with this patch since yesterday, and have yet
to
> see a single watchdog timeout on my interfaces-and no modifications to
> loader.conf have been made. This is a default install-no special options
> have been set anywhere.
>
>
>
> If at all possible, please try to install a recent snapshot build on your
> firebox units (those of you that have them) and test this patch.  If you
do
> still receive watchdog timeouts, please let me know either on this list,
or
> off-list. Either way, please try to detail what you were doing when the
> watchdog timeout occurred so that we can try to reproduce it, and Pyun can
> fix it.
>
>
>
> Thanks to all that have helped, and thanks to those that are willing to
> test!
>
>
>
> Dimitri Rodis
>
> Integrita Systems LLC
>
>     http://www.integritasystems.com
>
>
>
>
>
HOT!  We are so looking into this.  We have 5 watchguards which we can 
use for this project, and I hate the idea of them collecting dust.  
Count us IN!

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org



smime.p7s
Description: S/MIME cryptographic signature

RE: [pfSense Support] Wireless card recommendation

[Richard Davis]

I've been using a Wistron CM9 and it has been working great with my Alix
board.  It's a low power card but I added an 8db ceiling antenna and it
covers the whole house from the basement.  

 

 

Richard

rich...@bizsyscon.com

  _  

From: k_o_l [mailto:k_...@hotmail.com] 
Sent: Wednesday, April 29, 2009 11:00 AM
To: support@pfsense.com
Subject: [pfSense Support] Wireless card recommendation

 

I would like to setup pfsense as an AP for home use, I have seen the
hardware compatibility  list, but I was wondering if anyone has a
recommendation for not so expensive (Best buy /microcenter) card based on
personal experience.

 

Thanks

Sam

 

 

Re: [pfSense Support] SNMP and NAT / Filtering

[Scott Ullrich]

On Wed, Apr 29, 2009 at 10:49 AM, Tim Roberts  wrote:
> I have had an issue the past few years with PFSense I have never figured
> out. Im sure its something Ive setup wrong.
>
> I have a variety of PFSense firewalls/routers and have the same issue with
> ALL of them regardless of version or how many interfaces they have.
>
> In one example:
> LAN - 172.16.x.x
> CORE - 192.168.x.x
> WAN - X
>
> A workstation on the LAN can ping, http, telnet, ftp, ssh etc a device
> on 192.168.x.x network located on the CORE network. It cannot SNMPWalk or
> SNMPSet. If I take the same workstation, set its ip to 192.168.x.x and jack
> it into the CORE switch (so it bypasses any NAT/Routeing/Filtering)  I can
> do anything with SNMP I want on the remote device.
>
> I do have SNMP enabled on the actual firewall so we can monitor it but I
> have tried turning it off to make sure there was not something getting
> mangled there.
>
> I have also setup a specific outbound NAT rule for the LAN to the CORE that
> sends the traffic out a different 192.168.x.x virtual IP on the firewall and
> it behaves the same way. It just times out.
>
> I have also went into the remote device and enabled read/write access for
> 0.0.0.0/0 instead of 192.168.0.0/16 in case it was an acces restriction and
> was seeing the traffic come in from a weird network..
>
> I setup a POS Linksys router with a 172.x.x.x LAN and a 192.168.x.x WAN for
> giggles and It works fine setting a workstation behind the Linksys and
> connecting remotly to the 192 device.
>
> Any thoughts? Not much in the mailing lists for this so Im sure its end user
> stupidity.

http://doc.m0n0.ch/handbook/faq-snmpovervpn.html

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] udp load balancing

[Chris Buechler]

On Mon, Apr 27, 2009 at 11:55 AM, Paul Mansfield
 wrote:
> is this going to be feature of 1.2.3 or do we need to wait for 1.3?
>

No new features in 1.2.x releases (though a couple came by association
with bug fixes). There isn't a 1.3 anymore, that's 2.0. At a glance,
it doesn't seem to support UDP at the moment, but work on the load
balancer isn't finished yet.

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org