Re: [pfSense Support] Does it matter which interface I specify for static routes?
On Tue, Jun 02, 2009 at 10:32:01PM CEST, Chris Buechler said: > On Tue, Jun 2, 2009 at 4:24 PM, Evgeny Yurchenko > wrote: > > May I ask why pfSense web-interface has this option? > > It needs to know for NAT rule generation and other purposes. It's a > hold over from m0n0wall, it could figure it out without specifying. except when you do failover or load balancing, then you can specify wether the conenctions should be load balanced or use interfaces with priority (failover), depending on the pattern. -- Erwan David, IT Team manager == Trusted Logic Tel: +33 1 30 97 25 03 5 rue du BailliageStd: +33 1 30 97 25 00 78000 Versailles Fax: +33 1 30 97 25 19 France - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Squid package installed
Hello all Sorry to disturb again. I install squid package and it's say installation completed but I can find any package in "Installed packages" and it still show "Unable to retrieve package info from www.pfsense.com. Cached data will be used. " what's it mean? Thank you. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 7:02 PM, Tim Nelson wrote: > > Quickly looking at the previous posts, I don't see where you've specified > what type of connection you're setting your WAN to. Is it PPPoE? Static? > DHCP? Etc? > And also, is it on a private subnet? Same subnet as your LAN? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
- "David Burgess" wrote: > On Tue, Jun 2, 2009 at 4:22 PM, Joseph Wagner > wrote: > > > I tried assigning the WAN to a new interface and that didn't work > either. I > > even unplugged and plugged the cable and checked the status of the > link in > > the interface status page just to see if Pfsense was "looking" at > the right > > port. It sensed whether or not the cable was plugged on whatever > port I had > > set up as the WAN at the time. I hope that makes sense. The funny > thing is > > that I actually have two of these soekris boards (one that I just > bought and > > another that I've had for about a year) and I have the same problem > on both > > of them. So, I really don't think it's a hardware issue. > > Here's what I would suggest trying. > > 1. Plug into the serial console. Reset to default. When setting up > interfaces use autodetect. Don't plug in the cable until it tells you > to. Just set up WAN and LAN. Apply changes and then try pinging an > internet host that you know will respond. yahoo.com will, > microsoft.com will not (you should see an IP address anyway if DNS is > working). > > 2. Download the config file from your pfsense that is working as > expected. Edit it, changing only the name of the WAN and LAN > interfaces to vr0 and vr1, or as you like. Upload the config to your > soekris box and test. > > If neither of the above works for you then I would have to suspect > hardware troubles or serious user error. > Joe- Quickly looking at the previous posts, I don't see where you've specified what type of connection you're setting your WAN to. Is it PPPoE? Static? DHCP? Etc? Just another quick item to check on... --Tim - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 4:22 PM, Joseph Wagner wrote: > I tried assigning the WAN to a new interface and that didn't work either. I > even unplugged and plugged the cable and checked the status of the link in > the interface status page just to see if Pfsense was "looking" at the right > port. It sensed whether or not the cable was plugged on whatever port I had > set up as the WAN at the time. I hope that makes sense. The funny thing is > that I actually have two of these soekris boards (one that I just bought and > another that I've had for about a year) and I have the same problem on both > of them. So, I really don't think it's a hardware issue. Here's what I would suggest trying. 1. Plug into the serial console. Reset to default. When setting up interfaces use autodetect. Don't plug in the cable until it tells you to. Just set up WAN and LAN. Apply changes and then try pinging an internet host that you know will respond. yahoo.com will, microsoft.com will not (you should see an IP address anyway if DNS is working). 2. Download the config file from your pfsense that is working as expected. Edit it, changing only the name of the WAN and LAN interfaces to vr0 and vr1, or as you like. Upload the config to your soekris box and test. If neither of the above works for you then I would have to suspect hardware troubles or serious user error. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 5:24 PM, Scott Ullrich wrote: > On Tue, Jun 2, 2009 at 6:14 PM, Victor Padro wrote: > > Excuse me Chris, > > > > I know that, but here in Mexico I had to do that a couple times with > > Telmex(ADSL ISP), and didn't know the reason of that behaviour. > > Even my old Pentium II has that boxes unchecked in other to surf the net. > > Then you must have a seriously misconfigured network. Chris was dead > on and I am looking at the rules: > > antispoof for $wan > block in log quick on $wan from 10.0.0.0/8 to any label "block private > networks from wan block 10 > /8" > block in log quick on $wan from 127.0.0.0/8 to any label "block > private networks from wan block 1 > 27/8" > block in log quick on $wan from 172.16.0.0/12 to any label "block > private networks from wan block > 172.16/12" > block in log quick on $wan from 192.168.0.0/16 to any label "block > private networks from wan bloc > k 192.168/16" > > These rules do *NOT* any way shape or form affect LAN -> Internet traffic. > > Scott > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > Does it matter that my home subnet is 192.168.50.0/24? I have nothing but the pfsense box controlling my LAN, DNS Caching, DHCP, NAT, Port Fowarding, nothing else, it is running on a 2GB CF Card on a IDE Adapter and I have one Airlink 8 port gigabit switch, and a couple Home made Linux Servers, a couple workstations, couple laptops and that's it. Actually I told you that this happened in two setups I did, one was on the subnet 192.168.1.0/24(Small Office, 20 net devices) and the other was on the 192.168.72.0/24(Big network about 1000 net devices) both using Dual 4Mbps ADSL from Telmex. -- "It is human nature to think wisely and act in an absurd fashion." "Todo el desorden del mundo proviene de las profesiones mal o mediocremente servidas"
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 6:14 PM, Victor Padro wrote: > Excuse me Chris, > > I know that, but here in Mexico I had to do that a couple times with > Telmex(ADSL ISP), and didn't know the reason of that behaviour. > Even my old Pentium II has that boxes unchecked in other to surf the net. Then you must have a seriously misconfigured network. Chris was dead on and I am looking at the rules: antispoof for $wan block in log quick on $wan from 10.0.0.0/8 to any label "block private networks from wan block 10 /8" block in log quick on $wan from 127.0.0.0/8 to any label "block private networks from wan block 1 27/8" block in log quick on $wan from 172.16.0.0/12 to any label "block private networks from wan block 172.16/12" block in log quick on $wan from 192.168.0.0/16 to any label "block private networks from wan bloc k 192.168/16" These rules do *NOT* any way shape or form affect LAN -> Internet traffic. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 4:50 PM, Joseph Wagner wrote: > Has anyone been able to get pfsense to run properly on a Soekris net5501 > embedded pc? > > I've installed the embedded image into my board and everything work fine > except I can't get any traffic to go through the WAN port. I am able to > access the webconfigurator from the LAN port and ping things from the LAN > port fine. I've tried switching which ports pfsense uses, different network > setups, firewall rules, changing cables, you name it. I still can't get the > WAN port to ping my DSL gateway or contact anything else. > > I have another old desktop pc running the same version and everything works > just fine on that box. It is able to ping my gateway and servers on the > internet as well. In fact this box has been running pfsense for years now > without any issues. > > Any help would be much appreciated. Thanks! > > -Joseph Wagner > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > Sometimes you have to uncheck the Block private networks and the Block bogon networks boxes on the WAN interface page, have you alredy done that? -- "It is human nature to think wisely and act in an absurd fashion." "Todo el desorden del mundo proviene de las profesiones mal o mediocremente servidas"
Re: [pfSense Support] running pfsense on soekris net5501
David Burgess wrote: On Tue, Jun 2, 2009 at 4:05 PM, Joseph Wagner mailto:lawn.dart.de...@gmail.com>> wrote: I power cycled it and it didn't help. It's one of those DSL modem/router combos with 4 ethernet ports in it. I've plugged tons of stuff into this thing over the years and I've never had to do anything special to get the device to at least be able to ping the router itself let alone contact stuff on the internet. I actually have two gateways running pfsense on this thing just fine. They are both able to ping the router and internet. I never had to set up MAC spoofing or power cycle my modem/router to get them to work. I even tried putting the soekris box on a small lan and having it try and ping a PC and it couldn't even do that. I'm not seeing any errors when I boot the box or in the logs. Is there anything else I can look into? Make sure your interfaces are assigned correctly? Try assigning WAN to a new interface to rule out hardware issues. db I tried assigning the WAN to a new interface and that didn't work either. I even unplugged and plugged the cable and checked the status of the link in the interface status page just to see if Pfsense was "looking" at the right port. It sensed whether or not the cable was plugged on whatever port I had set up as the WAN at the time. I hope that makes sense. The funny thing is that I actually have two of these soekris boards (one that I just bought and another that I've had for about a year) and I have the same problem on both of them. So, I really don't think it's a hardware issue. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 5:07 PM, Chris Buechler wrote: > On Tue, Jun 2, 2009 at 6:01 PM, Victor Padro wrote: > > > > Sometimes you have to uncheck the Block private networks and the Block > bogon > > networks boxes on the WAN interface page, have you alredy done that? > > > > You never have to uncheck that for access out to the Internet. Those > only affect traffic initiated from the WAN side, not egress from > internal networks. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > Excuse me Chris, I know that, but here in Mexico I had to do that a couple times with Telmex(ADSL ISP), and didn't know the reason of that behaviour. Even my old Pentium II has that boxes unchecked in other to surf the net. -- "It is human nature to think wisely and act in an absurd fashion." "Todo el desorden del mundo proviene de las profesiones mal o mediocremente servidas"
Re: [pfSense Support] running pfsense on soekris net5501
Sometimes you have to uncheck the Block private networks and the Block bogon networks boxes on the WAN interface page, have you alredy done that? -- "It is human nature to think wisely and act in an absurd fashion." "Todo el desorden del mundo proviene de las profesiones mal o mediocremente servidas" Yes, I've done that already. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 6:01 PM, Victor Padro wrote: > > Sometimes you have to uncheck the Block private networks and the Block bogon > networks boxes on the WAN interface page, have you alredy done that? > You never have to uncheck that for access out to the Internet. Those only affect traffic initiated from the WAN side, not egress from internal networks. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 4:05 PM, Joseph Wagner wrote: > I power cycled it and it didn't help. It's one of those DSL modem/router > combos with 4 ethernet ports in it. I've plugged tons of stuff into this > thing over the years and I've never had to do anything special to get the > device to at least be able to ping the router itself let alone contact stuff > on the internet. > > I actually have two gateways running pfsense on this thing just fine. They > are both able to ping the router and internet. I never had to set up MAC > spoofing or power cycle my modem/router to get them to work. > > I even tried putting the soekris box on a small lan and having it try and > ping a PC and it couldn't even do that. I'm not seeing any errors when I > boot the box or in the logs. > > Is there anything else I can look into? Make sure your interfaces are assigned correctly? Try assigning WAN to a new interface to rule out hardware issues. db
Re: [pfSense Support] running pfsense on soekris net5501
I power cycled it and it didn't help. It's one of those DSL modem/router combos with 4 ethernet ports in it. I've plugged tons of stuff into this thing over the years and I've never had to do anything special to get the device to at least be able to ping the router itself let alone contact stuff on the internet. I actually have two gateways running pfsense on this thing just fine. They are both able to ping the router and internet. I never had to set up MAC spoofing or power cycle my modem/router to get them to work. I even tried putting the soekris box on a small lan and having it try and ping a PC and it couldn't even do that. I'm not seeing any errors when I boot the box or in the logs. Is there anything else I can look into? Chris Buechler wrote: On Tue, Jun 2, 2009 at 5:50 PM, Joseph Wagner wrote: Has anyone been able to get pfsense to run properly on a Soekris net5501 embedded pc? Lots of people. I've installed the embedded image into my board and everything work fine except I can't get any traffic to go through the WAN port. I am able to access the webconfigurator from the LAN port and ping things from the LAN port fine. I've tried switching which ports pfsense uses, different network setups, firewall rules, changing cables, you name it. I still can't get the WAN port to ping my DSL gateway or contact anything else. Power cycle your DSL modem. And/or try MAC spoofing whatever you had plugged in before. Sounds like an ISP issue, one or both of those may resolve it. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] running pfsense on soekris net5501
On Tue, Jun 2, 2009 at 5:50 PM, Joseph Wagner wrote: > Has anyone been able to get pfsense to run properly on a Soekris net5501 > embedded pc? > Lots of people. > I've installed the embedded image into my board and everything work fine > except I can't get any traffic to go through the WAN port. I am able to > access the webconfigurator from the LAN port and ping things from the LAN > port fine. I've tried switching which ports pfsense uses, different network > setups, firewall rules, changing cables, you name it. I still can't get the > WAN port to ping my DSL gateway or contact anything else. > Power cycle your DSL modem. And/or try MAC spoofing whatever you had plugged in before. Sounds like an ISP issue, one or both of those may resolve it. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] running pfsense on soekris net5501
Has anyone been able to get pfsense to run properly on a Soekris net5501 embedded pc? I've installed the embedded image into my board and everything work fine except I can't get any traffic to go through the WAN port. I am able to access the webconfigurator from the LAN port and ping things from the LAN port fine. I've tried switching which ports pfsense uses, different network setups, firewall rules, changing cables, you name it. I still can't get the WAN port to ping my DSL gateway or contact anything else. I have another old desktop pc running the same version and everything works just fine on that box. It is able to ping my gateway and servers on the internet as well. In fact this box has been running pfsense for years now without any issues. Any help would be much appreciated. Thanks! -Joseph Wagner - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Does it matter which interface I specify for static routes?
On Tue, Jun 2, 2009 at 4:24 PM, Evgeny Yurchenko wrote: > May I ask why pfSense web-interface has this option? It needs to know for NAT rule generation and other purposes. It's a hold over from m0n0wall, it could figure it out without specifying. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Does it matter which interface I specify for static routes?
May I ask why pfSense web-interface has this option? I noticed that whatever you choose in Interface dropdown list the static route will be applied correctly (according to what you configured in gateway). Eugene -Original Message- From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris Buechler Sent: June 2, 2009 2:01 PM To: support@pfsense.com Subject: Re: [pfSense Support] Does it matter which interface I specify for static routes? On Tue, Jun 2, 2009 at 5:54 AM, Steve Harman wrote: > Hi! > > > > We have four internal NICs on our pfSense box; "LAN" , "LAN2", "LAN3" and > "LAN4". > > > > I need to setup a static route for a remotely hosted network at our parent > company's office so any traffic destined for that network is directed > towards our site-to-site VPN concentrator / gateway box sitting on "LAN3". > > > > My question is this; when creating static routes for a remote network, say > 10.0.19.0 in System > Static Routes I'm asked to specify the "Interface" > from a pulldown menu. If I specify "LAN" as my Interface does that mean the > static route is only in effect for traffic on the LAN interface? (and not > LAN2, LAN3 and LAN4). > No, only use one route, the interface is where that router and subnet are reachable and applies to everything. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Help with ldap integration
You want to check the support forums. The author of the squid package is very active on there and your question has been asked and answered in various forms already. Good luck. Diego B. Sechin wrote: Hi, i'm not retrieving sucess in integrate openldap with squid. My configuration. auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -v 3 -b dc=asa,dc=ind,dc=br -D cn=admin,dc=asa,dc=ind,dc=br -w Ldap123123 -f "uid=%s" -u uid -P 192.168.0.1 15 auth_param basic children 2 auth_param basic realm Informe seu usuario e senha para acessar a Internet auth_param basic credentialsttl 60 minutes acl password proxy_auth REQUIRED http_access allow password localnet Someone Help me... Plese! - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Does it matter which interface I specify for static routes?
On Tue, Jun 2, 2009 at 5:54 AM, Steve Harman wrote: > Hi! > > > > We have four internal NICs on our pfSense box; “LAN” , “LAN2”, “LAN3” and > “LAN4”. > > > > I need to setup a static route for a remotely hosted network at our parent > company’s office so any traffic destined for that network is directed > towards our site-to-site VPN concentrator / gateway box sitting on “LAN3”. > > > > My question is this; when creating static routes for a remote network, say > 10.0.19.0 in System > Static Routes I’m asked to specify the “Interface” > from a pulldown menu. If I specify “LAN” as my Interface does that mean the > static route is only in effect for traffic on the LAN interface? (and not > LAN2, LAN3 and LAN4). > No, only use one route, the interface is where that router and subnet are reachable and applies to everything. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Help with ldap integration
Hi, i'm not retrieving sucess in integrate openldap with squid. My configuration. auth_param basic program /usr/local/libexec/squid/squid_ldap_auth -v 3 -b dc=asa,dc=ind,dc=br -D cn=admin,dc=asa,dc=ind,dc=br -w Ldap123123 -f "uid=%s" -u uid -P 192.168.0.1 15 auth_param basic children 2 auth_param basic realm Informe seu usuario e senha para acessar a Internet auth_param basic credentialsttl 60 minutes acl password proxy_auth REQUIRED http_access allow password localnet Someone Help me... Plese! - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Recommended pfSense Hardware ( UK ~£100) ?
Hi, On Mon, Jun 1, 2009 at 03:20, Volker Kuhlmann wrote: > ALIX 2C3 + case. > What are my options if I need 4 NICs (not UK, but the options so far > have been international)? ALIX 2c3 + case + VLAN capable switch ? -Aarno -- Aarno Aukia +41764000464 - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Does it matter which interface I specify for static routes?
On Tue, Jun 02, 2009 at 08:57:20AM -0700, Tim Dickson wrote: > >Thinking out loud here... > >But the static routes are only for those subnets which are not >directly routable to the interface. I'm assuming your vpn >concentrator takes care of that already? > >I think you'd be better off setting up the LAN3 as a gateway and >routing your packets with rules? ( any with dest 10.0.19.0 out gw >LAN3) Please do not top post. Please use proper citing to indicate who wrote what. > >From: Steve Harman [mailto:steve.har...@envisional.com] >Sent: Tuesday, June 02, 2009 2:55 AM >To: support@pfsense.com >Subject: [pfSense Support] Does it matter which interface I specify >for static routes? > > >Hi! > > >We have four internal NICs on our pfSense box; "LAN" , "LAN2", "LAN3" >and "LAN4". > > >I need to setup a static route for a remotely hosted network at our >parent company's office so any traffic destined for that network is >directed towards our site-to-site VPN concentrator / gateway box >sitting on "LAN3". > > >My question is this; when creating static routes for a remote network, >say 10.0.19.0 in System > Static Routes I'm asked to specify the >"Interface" from a pulldown menu. If I specify "LAN" as my Interface >does that mean the static route is only in effect for traffic on the >LAN interface? (and not LAN2, LAN3 and LAN4). > > >After adding my 10.0.19.0 route I've tried adding additional static >routes to 10.0.19.0 and selecting "LAN2" but the system tells me "A >route to this destination network already exists" (which of course it >does!) > > >Thanks in advance, > > >Steve -- Eugen* Leitl http://leitl.org";>leitl http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Does it matter which interface I specify for static routes?
Thinking out loud here. But the static routes are only for those subnets which are not directly routable to the interface. I'm assuming your vpn concentrator takes care of that already? I think you'd be better off setting up the LAN3 as a gateway and routing your packets with rules? ( any with dest 10.0.19.0 out gw LAN3) From: Steve Harman [mailto:steve.har...@envisional.com] Sent: Tuesday, June 02, 2009 2:55 AM To: support@pfsense.com Subject: [pfSense Support] Does it matter which interface I specify for static routes? Hi! We have four internal NICs on our pfSense box; "LAN" , "LAN2", "LAN3" and "LAN4". I need to setup a static route for a remotely hosted network at our parent company's office so any traffic destined for that network is directed towards our site-to-site VPN concentrator / gateway box sitting on "LAN3". My question is this; when creating static routes for a remote network, say 10.0.19.0 in System > Static Routes I'm asked to specify the "Interface" from a pulldown menu. If I specify "LAN" as my Interface does that mean the static route is only in effect for traffic on the LAN interface? (and not LAN2, LAN3 and LAN4). After adding my 10.0.19.0 route I've tried adding additional static routes to 10.0.19.0 and selecting "LAN2" but the system tells me "A route to this destination network already exists" (which of course it does!) Thanks in advance, Steve
[pfSense Support] Does it matter which interface I specify for static routes?
Hi! We have four internal NICs on our pfSense box; "LAN" , "LAN2", "LAN3" and "LAN4". I need to setup a static route for a remotely hosted network at our parent company's office so any traffic destined for that network is directed towards our site-to-site VPN concentrator / gateway box sitting on "LAN3". My question is this; when creating static routes for a remote network, say 10.0.19.0 in System > Static Routes I'm asked to specify the "Interface" from a pulldown menu. If I specify "LAN" as my Interface does that mean the static route is only in effect for traffic on the LAN interface? (and not LAN2, LAN3 and LAN4). After adding my 10.0.19.0 route I've tried adding additional static routes to 10.0.19.0 and selecting "LAN2" but the system tells me "A route to this destination network already exists" (which of course it does!) Thanks in advance, Steve
