[pfSense Support] sip device disconnects every 2 days.
Hi, I stepped over to pfsense (using monowall before for years), because I liked the extras :) But my Voip device keeps disconnecting each and every 1,5 to 2 days... and there is nothing I can do about on the sip-device itself... rebooting won't help. I always have to reboot the pfSense (1.2.3). I tried your recommendations for the registering part - and that went well... But now it disconnects every 2 days (and forever after that, until I restart pfsense itself). I also am guessing that it might be my DSL line that the provider disconnects each 36 hours... (I tried the pppoerestart schedule - but somehow this doesn't listen to good to the scheduler (when doing the ppporestart by hand in the CLI, it does what it supposed to do). I was thinking to upgrade to the 2.0 beta release ~ but will it help my case ? Also, if I'm upgrading (already tried it once) I have the distinct feeling, that the packages aren't well upgraded either... How can I do an inplace upgrade without the packages being installed... or might it be better to just take the CF card out, rewrite it with a full image ?? (I guess I answered my own question here :-) ) Kind regards, Michel - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] sip device disconnects every 2 days.
Michel, I had the same problem This is caused by a wrong entry in the state table. The workaround is posted in http://forum.pfsense.org/index.php/topic,18053.0.html H. Michel Servaes wrote: Hi, I stepped over to pfsense (using monowall before for years), because I liked the extras :) But my Voip device keeps disconnecting each and every 1,5 to 2 days... and there is nothing I can do about on the sip-device itself... rebooting won't help. I always have to reboot the pfSense (1.2.3). I tried your recommendations for the registering part - and that went well... But now it disconnects every 2 days (and forever after that, until I restart pfsense itself). I also am guessing that it might be my DSL line that the provider disconnects each 36 hours... (I tried the pppoerestart schedule - but somehow this doesn't listen to good to the scheduler (when doing the ppporestart by hand in the CLI, it does what it supposed to do). I was thinking to upgrade to the 2.0 beta release ~ but will it help my case ? Also, if I'm upgrading (already tried it once) I have the distinct feeling, that the packages aren't well upgraded either... How can I do an inplace upgrade without the packages being installed... or might it be better to just take the CF card out, rewrite it with a full image ?? (I guess I answered my own question here :-) ) Kind regards, Michel - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Kernel ARP in the logs
I'm getting a lot of these messages. Anything that I should be concerned about? fw01 kernel: arp: 10.55.0.33 moved from c5:dc:15:69:6c:05 to 46:1d:d2:34:40:0c on vlan1 Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Kernel ARP in the logs
On Wed, Jan 27, 2010 at 11:35 AM, Curtis LaMasters curtislamast...@gmail.com wrote: I'm getting a lot of these messages. Anything that I should be concerned about? fw01 kernel: arp: 10.55.0.33 moved from c5:dc:15:69:6c:05 to 46:1d:d2:34:40:0c on vlan1 The most common reasons for that here: http://doc.pfsense.org/index.php/ARP_moved_log_messages - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Kernel ARP in the logs
The most common reasons for that here: http://doc.pfsense.org/index.php/ARP_moved_log_messages Thanks Chris. In this case I have servers that aren't teaming and only have one NIC (XenServer). I think I need to investigate. Thanks, Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Kernel ARP in the logs
This is something to consider: http://discussions.apple.com/thread.jspa?threadID=2160614start=0tstart=45 I believe this started happening to me in the Snow Leopard timeframe, but it may be airport extreme acting as a Bonjour Sleep Proxy and not the snow leopard machines, per se. John --- Chris Buechler cbuech...@gmail.com wrote: On Wed, Jan 27, 2010 at 11:35 AM, Curtis LaMasters curtislamast...@gmail.com wrote: I'm getting a lot of these messages. Anything that I should be concerned about? fw01 kernel: arp: 10.55.0.33 moved from c5:dc:15:69:6c:05 to 46:1d:d2:34:40:0c on vlan1 The most common reasons for that here: http://doc.pfsense.org/index.php/ARP_moved_log_messages - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Noob Multiple Public IP Question
Ok, I am pretty inexperienced with IP addressing, particularly when it comes to configuring firewalls with multiple public IPs, but at my small business I'm the most experienced with IT stuff in general so I get to be the one who deals with all this stuff. We have Comcast as our internet provider with a range of public IPs of which we are currently only using one. I'd like to be able to use another public IP in order to expose more services, such as a separate mail or web server.Comcast provided public IPs: *.*.0.206/28Current WAN IP: *.*.0.193/28Current WAN Gateway: *.*.0.206This was setup with a different firewall (a crappy consumer box) before I got here, so after I started I switched over to pfSense and just used the settings that were in the old box. Currently, everything is working fine with this setup but now I am trying to set things up so I can use another public IP (ie *.*.0.175) to expose different web and mail services hosted on a different internal server and I can't get it to work.What I have tried is to add a virtual IP (I've tried both Proxy ARP and Other) with the following settings:Interface: WANIP Address: *.*.0.175/32And I then setup 1:1 NAT mapping *.*.0.175/32 to 192.168.100.10.Lastly, I create a firewall rule on the WAN interface to allow port 80 where the destination is 192.168.100.10.However, this does not seem to work...what am I missing? _ Hotmail: Trusted email with Microsoft’s powerful SPAM protection. http://clk.atdmt.com/GBL/go/196390706/direct/01/
Re: [pfSense Support] Noob Multiple Public IP Question
Assuming Comcast gave you a contiguous netblock, your netblock would be *.*.0.192-207 (192 being the network address and 207 being the broadcast) leaving 193-206 as usable IP addresses. *.*.0.175 isn't in that net block and so its not likely that its available for you to use. Adam Van Ornum wrote: Ok, I am pretty inexperienced with IP addressing, particularly when it comes to configuring firewalls with multiple public IPs, but at my small business I'm the most experienced with IT stuff in general so I get to be the one who deals with all this stuff. We have Comcast as our internet provider with a range of public IPs of which we are currently only using one. I'd like to be able to use another public IP in order to expose more services, such as a separate mail or web server. Comcast provided public IPs: *.*.0.206/28 Current WAN IP: *.*.0.193/28 Current WAN Gateway: *.*.0.206 This was setup with a different firewall (a crappy consumer box) before I got here, so after I started I switched over to pfSense and just used the settings that were in the old box. Currently, everything is working fine with this setup but now I am trying to set things up so I can use another public IP (ie *.*.0.175) to expose different web and mail services hosted on a different internal server and I can't get it to work. What I have tried is to add a virtual IP (I've tried both Proxy ARP and Other) with the following settings: Interface: WAN IP Address: *.*.0.175/32 And I then setup 1:1 NAT mapping *.*.0.175/32 to 192.168.100.10. Lastly, I create a firewall rule on the WAN interface to allow port 80 where the destination is 192.168.100.10. However, this does not seem to work...what am I missing? Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now. http://clk.atdmt.com/GBL/go/196390706/direct/01/ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Noob Multiple Public IP Question
Date: Wed, 27 Jan 2010 21:19:17 -0600 From: g...@s4f.com To: support@pfsense.com Subject: Re: [pfSense Support] Noob Multiple Public IP Question Assuming Comcast gave you a contiguous netblock, your netblock would be *.*.0.192-207 (192 being the network address and 207 being the broadcast) leaving 193-206 as usable IP addresses. *.*.0.175 isn't in that net block and so its not likely that its available for you to use. Adam Van Ornum wrote: Ok, I am pretty inexperienced with IP addressing, particularly when it comes to configuring firewalls with multiple public IPs, but at my small business I'm the most experienced with IT stuff in general so I get to be the one who deals with all this stuff. We have Comcast as our internet provider with a range of public IPs of which we are currently only using one. I'd like to be able to use another public IP in order to expose more services, such as a separate mail or web server. Comcast provided public IPs: *.*.0.206/28 Current WAN IP: *.*.0.193/28 Current WAN Gateway: *.*.0.206 This was setup with a different firewall (a crappy consumer box) before I got here, so after I started I switched over to pfSense and just used the settings that were in the old box. Currently, everything is working fine with this setup but now I am trying to set things up so I can use another public IP (ie *.*.0.175) to expose different web and mail services hosted on a different internal server and I can't get it to work. What I have tried is to add a virtual IP (I've tried both Proxy ARP and Other) with the following settings: Interface: WAN IP Address: *.*.0.175/32 And I then setup 1:1 NAT mapping *.*.0.175/32 to 192.168.100.10. Lastly, I create a firewall rule on the WAN interface to allow port 80 where the destination is 192.168.100.10. However, this does not seem to work...what am I missing? Thanks for pointing that out...that was actually just a mistake in my email...I meant *.*.0.195. I'm not really that much of a noob. :) Apparently I had 175 stuck in my head for some reason...I'll double check the config when I get back to work tomorrow but I'm pretty sure I had it right (195) there. Are there any other issues that jump out? Should the WAN IP be set to /28 or should it be set to something else like /32? Just to see what would happen I tried setting it to /32 and then our Internet access went completely down. _ Hotmail: Powerful Free email with security by Microsoft. http://clk.atdmt.com/GBL/go/196390710/direct/01/
Re: [pfSense Support] Noob Multiple Public IP Question
Adam Van Ornum wrote: Ok, I am pretty inexperienced with IP addressing, particularly when it comes to configuring firewalls with multiple public IPs, but at my small business I'm the most experienced with IT stuff in general so I get to be the one who deals with all this stuff. We have Comcast as our internet provider with a range of public IPs of which we are currently only using one. I'd like to be able to use another public IP in order to expose more services, such as a separate mail or web server.Comcast provided public IPs: *.*.0.206/28Current WAN IP: *.*.0.193/28Current WAN Gateway: *.*.0.206This was setup with a different firewall (a crappy consumer box) before I got here, so after I started I switched over to pfSense and just used the settings that were in the old box. Currently, everything is working fine with this setup but now I am trying to set things up so I can use another public IP (ie *.*.0.175) to expose different web and mail services hosted on a different internal server a nd I can't get it to work.What I have tried is to add a virtual IP (I've tried both Proxy ARP and Other) with the following settings:Interface: WANIP Address: *.*.0.175/32And I then setup 1:1 NAT mapping *.*.0.175/32 to 192.168.100.10.Lastly, I create a firewall rule on the WAN interface to allow port 80 where the destination is 192.168.100.10.However, this does not seem to work...what am I missing? I am on a comcast business account as well with multiple statics. My approach was somewhat different than yours. I ended up making the externals virtual IP's and use NAT and port forwarding to allow everything to talk to each other (I didn't see a need for 1:1 NAT). I have five static IP's, which results in a subnet of /29. The pfsense box has one of them with the default route being the IP of the SMC, subnet of /29. All of my other IP's are virtual IP's using Proxy ARP (each IP has a subnet of /32) assigned to the WAN interface. It was just a matter of firewall, port forwarding and outbound NAT rules to get it all working. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org