[pfSense Support] Switching to serial console during the boot
Hello, I am working on setting up couple of high end firewall based on Advantech Hardware. http://www.osnet.eu/en/content/opensource-firewall-fwa-3140 Everything goes well if we use the embedded version of the OS = infos are displayed correctly on the console during the boot, and after when the pfSense menu is displayed, User can input data at any stage. If I install a full version, then I only have infos up to a certain point (early boot of the OS) after that, nothing is displayed on the console port… but everything is mapped to the VGA port which is located inside the firewall on these device… I have to completely open the box to access the VGA port. Furthermore, It is very annoying for customers not to have a full console access as this is the best emergency solution to use. Would you please let me know which file(s) I have to copy from the embedded version to the full version in order to have the same console behavior on full install? Thank you very much. Gregober --- PGP ID -- 0x1BA3C2FD bsd @at@ todoo.biz P Please consider your environmental responsibility before printing this e-mail - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Switching to serial console during the boot
On Thu, Oct 15, 2009 at 3:03 AM, bsd b...@todoo.biz wrote: Hello, I am working on setting up couple of high end firewall based on Advantech Hardware. http://www.osnet.eu/en/content/opensource-firewall-fwa-3140 Everything goes well if we use the embedded version of the OS = infos are displayed correctly on the console during the boot, and after when the pfSense menu is displayed, User can input data at any stage. If I install a full version, then I only have infos up to a certain point (early boot of the OS) after that, nothing is displayed on the console port… but everything is mapped to the VGA port which is located inside the firewall on these device… I have to completely open the box to access the VGA port. Furthermore, It is very annoying for customers not to have a full console access as this is the best emergency solution to use. Would you please let me know which file(s) I have to copy from the embedded version to the full version in order to have the same console behavior on full install? None. check the box under System-Advanced for the serial console. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] DHCP fatal error in services_dhcp.php line 48
Chris Buechler wrote:
On Wed, Oct 14, 2009 at 2:28 PM, Roberto Greiner mrgrei...@gmail.com wrote:
At beginning of the file I have the following:
failover peer dhcp0 state {
my state normal at 3 2009/10/14 14:23:17;
partner state normal at 3 2009/10/14 14:13:17;
}
lease 172.16.89.254 {
starts 3 2009/10/14 17:04:35;
ends 3 2009/10/14 19:04:35;
tsfp 3 2009/10/14 20:04:35;
atsfp 3 2009/10/14 20:04:35;
cltt 3 2009/10/14 17:04:35;
binding state active;
next binding state expired;
hardware ethernet 00:0a:e4:5e:b5:a3;
}
That IP is for the notebook I'm using for setup.
After that, there are thousand of entries like the following:
lease 172.16.255.254 {
starts 3 2009/10/14 14:08:33;
binding state backup;
}
All those failover entries on that big of a scope exhaust PHP's memory
limit. No way around that for the time being, I opened a bug ticket
but you won't see that fixed in 1.2.x at least. Either use a smaller
scope, or use something else as your DHCP server. Or send patches to
fix the problem. :)
Ok,
as soon as possible I will try using a smaller scope.
Tks.
Roberto
--
-
Marcos Roberto Greiner
Os otimistas acham que estamos no melhor dos mundos
Os pessimistas tem medo de que isto seja verdade
James Branch Cabell
-
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] potential pfsense hardware
Anybody else? I don't have any experience with Marvell other than in my Laptop. I assume they are better than Realtek... I have a myriad of Intel, Broadcom, 1 marvell now and several realtek nics on various equipment I manage. Although the realtek's aren't performers like the Broadcoms or Intels and some need additional drivers in some distro's they all work. I have seen every preposterous event with a Yukon like providing bad mac address during pxe boot, poor performance and some needed some absolutely pedantic methods to configure parameters like Yukon's under Solaris. I'd rather have a Realtek if I had to. jlc
RE: [pfSense Support] potential pfsense hardware
On Thu, 2009-10-15 at 15:32 +, Joseph L. Casale wrote: I'd rather have a Realtek if I had to. I second that! Cheers, Phil
RE: [pfSense Support] potential pfsense hardware
Does anyone make an atom board with intel onboard. I'd rather intel if i had my choice. I have seen a couple of flexatx atom boards that look real promising, but they don't have intel nics. Ryan Rodrigue http://www.aarelectronics.com/ http://www.aarelectronics.com/ http://www.aarelectronics.com/ http://www.aarelectronics.com/ Office: (985) 876-4096 Fax: (985) 853-0134 radiote...@aaremail.com mailto:radiote...@aaremail.com _ From: Philippe LeCavalier [mailto:supp...@plecavalier.com] Sent: Thursday, October 15, 2009 12:16 PM To: support@pfsense.com Subject: RE: [pfSense Support] potential pfsense hardware On Thu, 2009-10-15 at 15:32 +, Joseph L. Casale wrote: I'd rather have a Realtek if I had to. I second that! Cheers, Phil __ NOD32 4511 (20091015) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com image002.gif
Re: [pfSense Support] potential pfsense hardware
Ryan wrote: Does anyone make an atom board with intel onboard. I'd rather intel if i had my choice. I have seen a couple of flexatx atom boards that look real promising, but they don't have intel nics. MSI has a board with 2x1GB Intel NICs, the IM-945GSE http://www.mini-box.com/MSI-IM-945GSE-Mini-ITX-Motherboard Looks promising, indeed, but I'd prefer a dual core atom board, personally. I've got a couple of these on order for a customer, I'm going to try to beat them around a bit and see how the Realtek nics hold up: http://www.newegg.com/Product/Product.aspx?Item=N82E16816101262 You can get a PCI-E riser for that and then get a multi-port Intel card to use if you want, too. I think (but don't quote me on it) that I heard there was a Jetway daughtboard with intel NICs also. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] potential pfsense hardware
Hi Ryan, I'm just testing an atom wth re(4) but the NIC-Chip shouldn't be the problem. I started a thread in the Forum, so i don't want to crosspost here. http://forum.pfsense.org/index.php/topic,19808.0.html I just try to build a Kernel working with that board and PF-Sense ... Am 15.10.2009 um 19:25 schrieb Ryan: Does anyone make an atom board with intel onboard. I'd rather intel if i had my choice. I have seen a couple of flexatx atom boards that look real promising, but they don't have intel nics. Ryan Rodrigue image002.gif Office: (985) 876-4096 Fax: (985) 853-0134 radiote...@aaremail.com From: Philippe LeCavalier [mailto:supp...@plecavalier.com] Sent: Thursday, October 15, 2009 12:16 PM To: support@pfsense.com Subject: RE: [pfSense Support] potential pfsense hardware On Thu, 2009-10-15 at 15:32 +, Joseph L. Casale wrote: I'd rather have a Realtek if I had to. I second that! Cheers, Phil __ NOD32 4511 (20091015) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com -- kommunity GmbH Co.KG - Goseriede 4, D-30159 Hannover Telefon: +49 (0)5 11 - 80 72 58 - 0 Fax: +49 (0)5 11 - 80 72 58 - 10 Mail: mailto:tmu...@kommunity.net, Web: http://www.kommunity.net USt.-IDNr.: DE 813740826; Handelsregister: Amtsgericht Hannover; Registernummer: HRA 26721; Persönlich haftende Gesellschafterin: kommunity Verwaltungsgesellschaft mbH vertreten durch den Geschäftsführer Tom Müller-Kortkamp; Handelsregister: Amtsgericht Hannover; Registernummer: HRB 60200 Teamviewer-Support-Link: http://www.kommunity.biz - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] potential pfsense hardware
Hi Ryan, I'm just testing an atom wth re(4) but the NIC-Chip shouldn't be the problem. I started a thread in the Forum, so i don't want to crosspost here. http://forum.pfsense.org/index.php/topic,19808.0.html I just try to build a Kernel working with that board and PF-Sense ... I find most of these Atom board use realtek nics. I gues in an attempt to keep cost down. I am not interested in atom for its size or power consumption. I guess i am stange, but i like the idea of building a decent system for under $250 For the price of the MSI board mentioned in a different post, I can buy a chaep Intel MB and processor for about $160 and have room for expansion. I like the $120 price range expecially since it includes the processor. That pus a cheap case with PSU ($30), 3 intel nics ($20 each - 6$, and a transcend ide or sata disk module ($30) and i have a working system for $240. If it had 2 onboard intel nics, that drops $40 off the price and leaves room for expansion. I also like the low poer consumtion and low heat that mans i can slap a larger heatsink and get rid of the processor fan. That helps eliminate a point of failure and maintance. Just my $.02 PS. sorry for top posting earlier. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] potential pfsense hardware
On Thu, Oct 15, 2009 at 11:32 AM, Joseph L. Casale jcas...@activenetwerx.com wrote: Anybody else? I don't have any experience with Marvell other than in my Laptop. I assume they are better than Realtek... I have a myriad of Intel, Broadcom, 1 marvell now and several realtek nics on various equipment I manage. Although the realtek's aren't performers like the Broadcoms or Intels and some need additional drivers in some distro's they all work. I have seen every preposterous event with a Yukon like providing bad mac address during pxe boot, poor performance and some needed some absolutely pedantic methods to configure parameters like Yukon's under Solaris. I'd rather have a Realtek if I had to. I'd rather have neither. I've seen some really bad behavior on onboard Realtek cards on Atom boards, all kinds of various things not working properly depending on the board. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] PFSense 1.2.2 - Polycom PVX
- Dominic vamp...@vortex.co.za wrote: Hi, I'm hoping someone can assist me in getting Polycom's PVX software to work from behind PFsense. I am trying to connect a Windows machine with the Polycom software (PVX) to a Polycom unit with a WAN IP (Polycom). The problem I experience is that the site with the Polycom unit can see the cam and hear the audio of the PVX client. But the PVX client cannot see or get audio from the Polycom unit. I have added all the port forwards as per the PVX software an example of which is below: WAN TCP/UDP 1503 LANIP (ext.: WANIP) 1503 PVX These were added using Firewall - Nat and also allowing the firewall rule to be auto created. I have checked the States on the PFSense box and many of those relating to the Polycom units IP show as: SINGLE:NO_TRAFFIC The Polycom unit previously connected and worked fine with the same PVX client machine which was based behind a IPCOP firewall. The only change has been the replacement of IPCOP with PFSense. IPCOP required no port forwards and setting my PFSense WAN IP on the Windows machine resolves the problem which indicates the problem is within my PFSense config... Any help would be appreciated. Dominic. Try using Manual Outbound NAT and setting Static Port to YES. By default, pfSense uses a random source port on outbound NAT as a security measure but this can severly screw with some protocols. Changing those options alleviates many of the issues I face with SIP or other 'noisy' protocols behind pfSense. It may work for you as well. Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105
Re: [pfSense Support] PFSense 1.2.2 - Polycom PVX
Will try that as soon as my remote site is back in the office and revert back. Thank you. Tim Nelson wrote: - Dominic vamp...@vortex.co.za wrote: Hi, I'm hoping someone can assist me in getting Polycom's PVX software to work from behind PFsense. I am trying to connect a Windows machine with the Polycom software (PVX) to a Polycom unit with a WAN IP (Polycom). The problem I experience is that the site with the Polycom unit can see the cam and hear the audio of the PVX client. But the PVX client cannot see or get audio from the Polycom unit. I have added all the port forwards as per the PVX software an example of which is below: WAN TCP/UDP 1503 LANIP (ext.: WANIP) 1503 PVX These were added using Firewall - Nat and also allowing the firewall rule to be auto created. I have checked the States on the PFSense box and many of those relating to the Polycom units IP show as: SINGLE:NO_TRAFFIC The Polycom unit previously connected and worked fine with the same PVX client machine which was based behind a IPCOP firewall. The only change has been the replacement of IPCOP with PFSense. IPCOP required no port forwards and setting my PFSense WAN IP on the Windows machine resolves the problem which indicates the problem is within my PFSense config... Any help would be appreciated. Dominic. Try using Manual Outbound NAT and setting Static Port to YES. By default, pfSense uses a random source port on outbound NAT as a security measure but this can severly screw with some protocols. Changing those options alleviates many of the issues I face with SIP or other 'noisy' protocols behind pfSense. It may work for you as well. Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105
[pfSense Support] Agere ET-131x driver (et)
Greetings list, Does anyone know if/when the Agere ET-131x driver in FBSD7 (and hence pfSense) is likely to include VLAN support? I've had a trawl through the pfSense forums and the only posts refer to its inclusion in FBSD7, but nothing about VLAN support (or lack of). TIA. Regards, Chris -- For full contact details visit http://www.minotaur.it This email is made from 100% recycled electrons - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] potential pfsense hardware
I'd rather have neither. Won't argue that:) All of this has me concerned, I am waiting on some other issues but was about to order a 3 nic Alix board and saw it uses Via VT6105M 10/100 nics? I haven't used Via in years, how do these perform, and issues you have seen Chris? Thanks! jlc - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] potential pfsense hardware
On Thu, Oct 15, 2009 at 6:50 PM, Joseph L. Casale jcas...@activenetwerx.com wrote: I'd rather have neither. Won't argue that:) All of this has me concerned, I am waiting on some other issues but was about to order a 3 nic Alix board and saw it uses Via VT6105M 10/100 nics? I haven't used Via in years, how do these perform, and issues you have seen Chris? They do well, you can push ~85 Mbps through them and the NICs work fine, no known quirks. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] PFSense 1.2.2 - Polycom PVX
Dominic wrote: Hi, I'm hoping someone can assist me in getting Polycom's PVX software to work from behind PFsense. I am trying to connect a Windows machine with the Polycom software (PVX) to a Polycom unit with a WAN IP (Polycom). The problem I experience is that the site with the Polycom unit can see the cam and hear the audio of the PVX client. But the PVX client cannot see or get audio from the Polycom unit. I have added all the port forwards as per the PVX software an example of which is below: WAN TCP/UDP 1503 LANIP (ext.: WANIP) 1503 PVX These were added using Firewall - Nat and also allowing the firewall rule to be auto created. I have checked the States on the PFSense box and many of those relating to the Polycom units IP show as: SINGLE:NO_TRAFFIC The Polycom unit previously connected and worked fine with the same PVX client machine which was based behind a IPCOP firewall. The only change has been the replacement of IPCOP with PFSense. IPCOP required no port forwards and setting my PFSense WAN IP on the Windows machine resolves the problem which indicates the problem is within my PFSense config... Any help would be appreciated. Dominic. tcpdump will definitely help understand what ports to be opened, what nat to be done. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
