Re: [pfSense Support] PPTP Connected?
On Thu, Apr 1, 2010 at 1:29 AM, Tortise tort...@paradise.net.nz wrote: - Original Message - From: Chris Buechler cbuech...@gmail.com To: support@pfsense.com Sent: Tuesday, March 30, 2010 10:41 PM Subject: Re: [pfSense Support] PPTP Connected? On Tue, Mar 30, 2010 at 5:39 AM, Tortise tort...@paradise.net.nz wrote: Hi Using 1.2.3-RELEASE (embedded) I have a PPTP server configured and I can connect remotely however I still cannot connect with anything on the LAN. I think the issue is the IP assigned to remote connections is remotely said to be 255.255.255.255 while the LAN is using 255.255.255.0, the IP address assigned seems OK. That's normal. You're probably missing a firewall rule on the PPTP tab. With a bit of list help it seems not so much a missing rule, but rather a rule that was too tight. The rule says Hint: in most cases, you should specify TCP here. It seems somewhat more than the TCP rule is required in my case. I'll do some more testing to clarify which is required, however * works well of course! If anyone wants to know more of what I find works then let me know. Btw it makes me wonder if the rules tightened up in a recent version here, as this used to work with the TCP rule on its own in the past? Allowing all TCP does what it's always done - allow all TCP. That will work for most things, but won't allow pings, or any other non-TCP protocol. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Issue with virtual floppy drive
Hi, I wanted to use pfSense as a m0n0wall replacement in a virtual machine setup (VMware Server 2.0.2 Linux host). With m0n0wall, I had a virtual floppy disk so that m0n0wall thought it was saving its configuration data to a floppy. After powering off the VM, I could loop-mount the floppy image from the host and save the config file somewhere else for backup purposes. The idea behind that was that I don't have to back up the entire VM image when the config changes. Trying to do this with pfSense 1.2.3 or a recent 2.0 Beta fails, as it doesn't recognize the floppy: On boot, it displays: - Looking for config.xml on fd0 g_vfs_done():fd0[READ(offset=0, length=8192)]error = 6 - Logging into the shell and trying the following commands also results in errors: - # mount /dev/fd0 /mnt g_vfs_done():fd0[READ(offset=65536, length=8192)]error = 6 mount: /dev/fd0 : Device not configured - - # mount -t msdosfs /dev/fd0 /mnt g_vfs_done():fd0[READ(offset=0, length=8192)]error = 6 mount_msdosfs: /dev/fd0 : Device not configured - Is there a way to fix this? Also, I'm having another floppy-related issue, though I am not sure if that issue is also caused by the issue mentioned above: When using the VMware image, it seems impossible to save the config to an external medium (floppy, USB stick, second hard drive, etc.) with the options provided by the menu. I ended up adding a line to /etc/fstab telling the system where to mount the second hard disk where I wanted to save my configuration, and two earlyshellcmds to check for this line and re-add it if necessary, and to perform the mount if it's not already mounted. I consider that a nasty hack though, and would prefer to avoid it. Kind regards, Stefan - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Issue with virtual floppy drive
On Thu, Apr 1, 2010 at 3:25 PM, Michel Servaes mic...@mcmc.be wrote: On Thu, Apr 1, 2010 at 12:21 PM, Stefan Baur newsgroups.ma...@stefanbaur.de wrote: Hi, I wanted to use pfSense as a m0n0wall replacement in a virtual machine setup (VMware Server 2.0.2 Linux host). With m0n0wall, I had a virtual floppy disk so that m0n0wall thought it was saving its configuration data to a floppy. After powering off the VM, I could loop-mount the floppy image from the host and save the config file somewhere else for backup purposes. The idea behind that was that I don't have to back up the entire VM image when the config changes. Trying to do this with pfSense 1.2.3 or a recent 2.0 Beta fails, as it doesn't recognize the floppy: FWIW You could and try to save to an USB flash (let VM port the USB port to your VM environment) ? I thought that saving to an USB flash disk was one of the options... I thought of that, however, there are a few problems with that idea: 1) It needs a physical USB flash disk, virtual USB flash disks are not available in VMware Server 2.0.2. 2) Matching physical USB devices to VMs is rather error-prone, if you have several of these devices attached to one server running several VMs. 3) I'm not 100% sure if I tried it with a USB stick, but I believe the VMware image simply does not allow the use of external storage (be it floppy, USB or a second hard disk). (My guess is that whoever created the image thought Hey, it's running from a hard disk where it has unlimited writes, why would it need to support external storage?) Also, using a USB flash disk would still be a workaround - if you're advertising can save config to floppy, then it should just work(TM). Kind Regards, Stefan
[pfSense Support] CPU Throttle
I have noticed when I boot up pfsense 1.2.3, I see stuff like this on dmesg: kernel: acpi_throttle0: ACPI CPU Throttling on cpu0 I have an Intel Core 2 Quad and have disabled IntelSpeedStep in the BIOS but want to make sure nothing in pfsense throttles or reduces CPU speed or power. Is there anything I need to change/tweak to make sure this doesnt happen or is this message simply stating a feature that isnt necessarily used? Thanks, -- J.D. Bronson Information Technology Aurora Health Care - Milwaukee WI - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CPU Throttle
On 4/1/2010 12:38 PM, J.D. Bronson wrote: I have noticed when I boot up pfsense 1.2.3, I see stuff like this on dmesg: kernel: acpi_throttle0: ACPI CPU Throttling on cpu0 I have an Intel Core 2 Quad and have disabled IntelSpeedStep in the BIOS but want to make sure nothing in pfsense throttles or reduces CPU speed or power. Is there anything I need to change/tweak to make sure this doesnt happen or is this message simply stating a feature that isnt necessarily used? It is just stating a feature it found, it isn't used without extra software like powerd, which I don't think is present (or setup anywhere). Though you can check some of those parameters via sysctl to see if they are present, I believe they are under here somewhere: sysctl hw.acpi Jim - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] pfsense reset
On 31/03/2010 19:18, Evgeny Yurchenko wrote: Brent Clark wrote: Hiya d R I need would like to reset my pfsense to the factory default settings. How would one setup pfsense via command line to enable access the webgui. Kind Regards Brent Clark Connect console or ssh to your pfSense and choose option 4) pfSense console setup *** 0) Logout (SSH only) 1) Assign Interfaces 2) Set LAN IP address 3) Reset webConfigurator password 4) Reset to factory defaults 5) Reboot system 6) Halt system 7) Ping host 8) Shell 9) PFtop 10) Filter Logs 11) Restart webConfigurator 12) pfSense Developer Shell 13) Upgrade from console 14) Disable Secure Shell (sshd) Enter an option: Thanks for this But let me try this again What I was refering to and asking for is ... I press 8, what is the firewall command or the process to allow access to the webgui from the WAN. I dont have physical access to the machine, but I can access the console via a DRAC. Regards Brent Clark - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] VPN LAN TO LAN
If you left the HTTPS port in the config to 443 it would be https://IP If you made it another port (say ), you'll want to open that port in your firewall and put https://IP: It sounds like the pfsense book would be a good companion for you! http://www.amazon.com/pfSense-Definitive-Christopher-M-Buechler/dp/0979034280/ref=sr_1_1?ie=UTF8s=booksqid=1270137863sr=8-1 Well worth the 30 bucks, and you'll come away understanding your network infinitely better. From: Joseph Rotan [mailto:joseph.ro...@gmail.com] Sent: Wednesday, March 31, 2010 7:44 PM To: support@pfsense.com Subject: Re: [pfSense Support] VPN LAN TO LAN OK, i've Enable HTTPS(443) on the WAN interface of my pfsense box; then how could I access my box remotely through internet is it https://ip address:443 Correct me if i'm wrong as looks like i could not access my box using https(443) what went wrong that i could not access by pfsense box. Joseph. On Sat, Mar 27, 2010 at 5:18 AM, Tim Dickson tdick...@aubergeresorts.com wrote: -- any hint on how to apply https over the INTERNET to my PFSENSE box ??? Enable HTTPS (443) on the WAN interface in your ruleset. -- and how could i access my LAN (clients PC) You were correct with VPN being the best way. You could put port forwards in as well, and you could also enable SSH and use tunneling. Totally depends on your needs - I'd check out OpenVPN. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CPU Throttle
The cpu will automatically throttle when the cooler fails to prevent a burnout. You should also see a message when it does. Regards, Seth Op 1-4-2010 18:38, J.D. Bronson schreef: I have noticed when I boot up pfsense 1.2.3, I see stuff like this on dmesg: kernel: acpi_throttle0: ACPI CPU Throttling on cpu0 I have an Intel Core 2 Quad and have disabled IntelSpeedStep in the BIOS but want to make sure nothing in pfsense throttles or reduces CPU speed or power. Is there anything I need to change/tweak to make sure this doesnt happen or is this message simply stating a feature that isnt necessarily used? Thanks, - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Avaya VOIP + PFSENSE + IPSEC not working
Avaya VOIP + PFSENSE + IPSEC not working. Both ends were running 1.something, pfsense, and tunnel was ipsec vpn. Branch office, could not get voip phone to work over the tunnel. Prior to this, we had rv042 on both ends, and avaya voip phones worked. Anyone gotten over ipsec, avaya voip phone to work. Thanks -- Justin IT-TECH
Re: [pfSense Support] VPN LAN TO LAN
Tim, well strange because i can access my box with the following http://IPhttp://ip/address:443 how is it possible as you you've said it should be https://IP https://ip/ address:443 So i can use any port nubers as you've said , this will gurantee my PPTP tunneling secure ??? Thanks for the avise i will try on our test lab then see how it goes before implementing out on our live network. As for purchasing the pfsense book is it poosible to send money through wired transfer like western union money transfer then the book is send to my postal address ??? Here in Fiji only limited people have visa cards as for me I don't have a visa card, sure I can buy the book but do not have the resource to purchase the book online. Any possible help if i send the money through wire transfer ??? Joseph. On Fri, Apr 2, 2010 at 5:05 AM, Tim Dickson tdick...@aubergeresorts.comwrote: If you left the HTTPS port in the config to 443 it would be https://IPhttps://ip/ If you made it another port (say ), you'll want to open that port in your firewall and put https://IP: https://ip:/ It sounds like the pfsense book would be a good companion for you! http://www.amazon.com/pfSense-Definitive-Christopher-M-Buechler/dp/0979034280/ref=sr_1_1?ie=UTF8s=booksqid=1270137863sr=8-1 Well worth the 30 bucks, and you'll come away understanding your network infinitely better. From: Joseph Rotan [mailto:joseph.ro...@gmail.com] Sent: Wednesday, March 31, 2010 7:44 PM To: support@pfsense.com Subject: Re: [pfSense Support] VPN LAN TO LAN OK, i've Enable HTTPS(443) on the WAN interface of my pfsense box; then how could I access my box remotely through internet is it https://ipaddress:443 Correct me if i'm wrong as looks like i could not access my box using https(443) what went wrong that i could not access by pfsense box. Joseph. On Sat, Mar 27, 2010 at 5:18 AM, Tim Dickson tdick...@aubergeresorts.com wrote: -- any hint on how to apply https over the INTERNET to my PFSENSE box ??? Enable HTTPS (443) on the WAN interface in your ruleset. -- and how could i access my LAN (clients PC) You were correct with VPN being the best way. You could put port forwards in as well, and you could also enable SSH and use tunneling. Totally depends on your needs - I'd check out OpenVPN. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] VPN LAN TO LAN
well strange because i can access my box with the following http://IP address:443 how is it possible as you you've said it should be https://IP address:443 If you setup HTTP as port 443 I this would work - kind of goes against web standards - but it's your box :) - you probably just didn't tick HTTPS as the protocol So i can use any port nubers as you've said , this will gurantee my PPTP tunneling secure ??? Yes - System | General Setup As for PPTP - totally different thing, and you'll need to open those ports as well. PPTP not being the most secure means of VPN - but probably sufficient for your needs. As for purchasing the pfsense book is it poosible to send money through wired transfer like western union money transfer then the book is send to my postal address ??? Standard Amazon billing applies - not sure if they do wire transfers... This may help? http://www.amazon.com/gp/help/customer/display.html/ref=help_search_1-1?ie=UTF8nodeId=15399401qid=1270158715sr=1-1 Can you purchase a prepaid visa gift card at a local market? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org