[pfSense Support] Declined:
BEGIN:VCALENDAR PRODID:-//Microsoft Corporation//Outlook 12.0 MIMEDIR//EN VERSION:2.0 METHOD:REPLY X-MS-OLK-FORCEINSPECTOROPEN:TRUE BEGIN:VEVENT ATTENDEE;PARTSTAT=DECLINED:mailto:ciaro...@tfop.net CLASS:PRIVATE CREATED:20090319T184849Z DTEND:20090319T053000Z DTSTAMP:20090319T184849Z DTSTART:20090319T043000Z LAST-MODIFIED:20090319T184849Z PRIORITY:5 SEQUENCE:0 SUMMARY:Declined: TRANSP:OPAQUE UID:b2vqdqrcj8k2iiau4k3gb4u...@google.com X-MICROSOFT-CDO-BUSYSTATUS:BUSY X-MICROSOFT-CDO-IMPORTANCE:1 X-MS-OLK-AUTOFILLLOCATION:TRUE X-MS-OLK-CONFTYPE:0 END:VEVENT END:VCALENDAR - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Date Change Bug
What did you change it to? If you chose a GMT -X setting, they don't work properly. You have to choose a location time zone, not just the GMT + or - setting. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 From: Nathan Eisenberg [mailto:nat...@atlasnetworks.us] Sent: Sunday, February 15, 2009 6:59 PM To: support@pfsense.com Subject: [pfSense Support] Date Change Bug Hello, I recently changed the timezone on one of our PFSense boxes, as it thought it was 12 hours ahead of where it actually is. Since I have made that change, states do not appear to be expiring normally, and the logs are still labeled with the old date/time offset. However, the result of 'date' in the command line is correct. Restarting this box is pretty difficult, although I am confident that a reboot would fix the issue. Do I have any other options? Best Regards, Nathan Eisenberg Atlas Networks, LLC Phone: 206-577-3078 supp...@atlasnetworks.us www.atlasnetworks.us
RE: [pfSense Support] Multi-WAN PPTP?
Now THAT is easy. That being said, I can't wait for 2.0 to come out. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris Buechler Sent: Wednesday, January 14, 2009 3:00 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? On Wed, Jan 14, 2009 at 2:50 PM, Christopher Iarocci wrote: > I'd love to use OpenVPN, but the end users have to set it up themselves, and > honestly, it's not easy enough for an end user to do. You can build an installer file that has no prompts for the user to click and auto installs the config - double click the installer, wait a bit, and you're done. pfSense 2.0 has the capability to create such an install file for Windows clients. I wouldn't recommend running that in production yet, though it does work perfectly last I tried it. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
I'd love to use OpenVPN, but the end users have to set it up themselves, and honestly, it's not easy enough for an end user to do. Editing a text file with technical information is beyond most end users capability. If there was a point and click GUI made for it, that would be different. Getting them just to run an install on their laptops to install OpenVPN is a chore (and that's the easy part). Configuring it, well, I gave up completely after talking to too many end users who just sat on the other end of the phone silent because they didn't know what a text file was, or how to find Notepad...etc. I do agree that OpenVPN is better than PPTP, except when it comes to setting it up. In that part if falls way behind PPTP. Maybe someone can prove me wrong and show me a simple tutorial that a typical computer illiterate end user can follow and be successful. BTW, when you're not stupid like me, and you don't enable your local PPTP server on your local PFSense box, PPTP just works too. This was the first time I ever had a problem with it, and the fact that the other administrator enabled it on the same day as the upgrade I did made me think it was upgrade related when in fact it was not. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Paul Mansfield [mailto:it-admin-pfse...@taptu.com] Sent: Wednesday, January 14, 2009 1:42 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? Tim Nelson wrote: > If you simply need to give road warriors access to your network, *PLEASE* check out OpenVPN yes, what he said. we've got windows (XP, vista), linux and Mac users all on openVPN and it mainly "just works". don't make life hard for yourself :-) - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
I'm embarrassed to write this, and I'm having trouble finding someone to lend me a gun, but you were right. The PPTP server was enabled on my side causing the problem. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Tim Nelson [mailto:tnel...@rockbochs.com] Sent: Monday, January 12, 2009 9:56 AM To: support@pfsense.com Cc: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? Is the PPTP server enabled on the 'other' pfSense firewall where the clients are connecting *FROM*? That may be your problem... see here: http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=43 ' Specifically this text: Limitations * Because of limitations in pf NAT, when the PPTP Server is enabled, PPTP clients cannot use the same public IP for outbound PPTP connections. This means if you have only one public IP, and use the PPTP Server, PPTP clients inside your network will not work. The work around is to use a second public IP with Advanced Outbound NAT for your internal clients. See also the PPTP limitation under NAT on this page. Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 - "Christopher Iarocci" wrote: > Tried putting an unused LAN IP in the server field, no difference > whatsoever. It gives me the same exact errors on the client side and > in the > PFSense logs. Anything else I can try? Just as an FYI, the clients I > am > testing with are XP Pro and Vista Ultimate. Both are behind another > PFSense > firewall. I only try a single machine at any one time. I can't get > my head > wrapped around the fact that it used to work like a charm with the > same > exact config. I even went back into previously saved configs and > compared > them and there is no difference. It worked with this config as > recently as > 12/29/07 (last PPTP log entry). > > Christopher Iarocci > Network Solutions Manager > Twin Forks Office Products > 631-727-3354 > > -Original Message- > From: Chris Buechler [mailto:cbuech...@gmail.com] > Sent: Friday, January 09, 2009 2:31 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] Multi-WAN PPTP? > > On Fri, Jan 9, 2009 at 1:08 PM, Christopher Iarocci > > wrote: > > Chris, > > > > Does it matter which IP address on my LAN it is? Should it be the > LAN IP > of > > the PFSense box, or something other than that? > > > > Just pick an unused IP on your LAN. > > > > Does the radius server see requests coming from the IP address > specified > > there or the LAN IP? In the past with the WAN IP in that field, > requests > to > > the radius server came from the LAN IP. > > > > The IP of the interface closest to the RADIUS server, usually LAN. > The > server IP is just for PPTP client - server communication. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
Tim, If that is it, I'm going to shoot myself. I'll check again tonight when I am home. I've never used the PPTP server at home so my first instinct would be no, it is not enabled, but who knows. Maybe I checked the box at one time, or maybe someone else did (there is another admin in my web of IPSec VPNs that can modify my firewall). Thank you for pointing that out though. I wouldn't have checked it. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Tim Nelson [mailto:tnel...@rockbochs.com] Sent: Monday, January 12, 2009 9:56 AM To: support@pfsense.com Cc: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? Is the PPTP server enabled on the 'other' pfSense firewall where the clients are connecting *FROM*? That may be your problem... see here: http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=43 ' Specifically this text: Limitations * Because of limitations in pf NAT, when the PPTP Server is enabled, PPTP clients cannot use the same public IP for outbound PPTP connections. This means if you have only one public IP, and use the PPTP Server, PPTP clients inside your network will not work. The work around is to use a second public IP with Advanced Outbound NAT for your internal clients. See also the PPTP limitation under NAT on this page. Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 - "Christopher Iarocci" wrote: > Tried putting an unused LAN IP in the server field, no difference > whatsoever. It gives me the same exact errors on the client side and > in the > PFSense logs. Anything else I can try? Just as an FYI, the clients I > am > testing with are XP Pro and Vista Ultimate. Both are behind another > PFSense > firewall. I only try a single machine at any one time. I can't get > my head > wrapped around the fact that it used to work like a charm with the > same > exact config. I even went back into previously saved configs and > compared > them and there is no difference. It worked with this config as > recently as > 12/29/07 (last PPTP log entry). > > Christopher Iarocci > Network Solutions Manager > Twin Forks Office Products > 631-727-3354 > > -Original Message- > From: Chris Buechler [mailto:cbuech...@gmail.com] > Sent: Friday, January 09, 2009 2:31 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] Multi-WAN PPTP? > > On Fri, Jan 9, 2009 at 1:08 PM, Christopher Iarocci > > wrote: > > Chris, > > > > Does it matter which IP address on my LAN it is? Should it be the > LAN IP > of > > the PFSense box, or something other than that? > > > > Just pick an unused IP on your LAN. > > > > Does the radius server see requests coming from the IP address > specified > > there or the LAN IP? In the past with the WAN IP in that field, > requests > to > > the radius server came from the LAN IP. > > > > The IP of the interface closest to the RADIUS server, usually LAN. > The > server IP is just for PPTP client - server communication. > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
Tried putting an unused LAN IP in the server field, no difference whatsoever. It gives me the same exact errors on the client side and in the PFSense logs. Anything else I can try? Just as an FYI, the clients I am testing with are XP Pro and Vista Ultimate. Both are behind another PFSense firewall. I only try a single machine at any one time. I can't get my head wrapped around the fact that it used to work like a charm with the same exact config. I even went back into previously saved configs and compared them and there is no difference. It worked with this config as recently as 12/29/07 (last PPTP log entry). Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Chris Buechler [mailto:cbuech...@gmail.com] Sent: Friday, January 09, 2009 2:31 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? On Fri, Jan 9, 2009 at 1:08 PM, Christopher Iarocci wrote: > Chris, > > Does it matter which IP address on my LAN it is? Should it be the LAN IP of > the PFSense box, or something other than that? > Just pick an unused IP on your LAN. > Does the radius server see requests coming from the IP address specified > there or the LAN IP? In the past with the WAN IP in that field, requests to > the radius server came from the LAN IP. > The IP of the interface closest to the RADIUS server, usually LAN. The server IP is just for PPTP client - server communication. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
Chris, Thank you. I will try the new config tonight and report back. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Chris Buechler [mailto:cbuech...@gmail.com] Sent: Friday, January 09, 2009 2:31 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? On Fri, Jan 9, 2009 at 1:08 PM, Christopher Iarocci wrote: > Chris, > > Does it matter which IP address on my LAN it is? Should it be the LAN IP of > the PFSense box, or something other than that? > Just pick an unused IP on your LAN. > Does the radius server see requests coming from the IP address specified > there or the LAN IP? In the past with the WAN IP in that field, requests to > the radius server came from the LAN IP. > The IP of the interface closest to the RADIUS server, usually LAN. The server IP is just for PPTP client - server communication. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
Chris, Does it matter which IP address on my LAN it is? Should it be the LAN IP of the PFSense box, or something other than that? [Christopher Iarocci] Does the radius server see requests coming from the IP address specified there or the LAN IP? In the past with the WAN IP in that field, requests to the radius server came from the LAN IP. Sorry for the double post. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris Buechler Sent: Friday, January 09, 2009 1:34 AM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? On Wed, Jan 7, 2009 at 7:29 PM, Christopher Iarocci wrote: > I also noticed that when I save the config, it shows the PPTP server address > as 0.0.0.0 in the log, even though I clearly have the WAN IP address in that > field. There's at least one problem, that has to be an IP on your LAN, assuming you're putting the PPTP clients on your LAN subnet. I don't know how that ever could have worked. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
Chris, Does it matter which IP address on my LAN it is? Should it be the LAN IP of the PFSense box, or something other than that? Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris Buechler Sent: Friday, January 09, 2009 1:34 AM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? On Wed, Jan 7, 2009 at 7:29 PM, Christopher Iarocci wrote: > I also noticed that when I save the config, it shows the PPTP server address > as 0.0.0.0 in the log, even though I clearly have the WAN IP address in that > field. There's at least one problem, that has to be an IP on your LAN, assuming you're putting the PPTP clients on your LAN subnet. I don't know how that ever could have worked. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
Anything I can do to diagnose it? Every time I search the error from the log it brings me back to the m0n0wall or PFSense mailing lists with no resolution. Up until now, I've always had great luck using PPTP. It's generally easy to use and works reliably. One last thing I can say about it, an authentication request never makes it to the radius server. Windows tries to authenticate, but obviously cannot due to the error. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris Buechler Sent: Thursday, January 08, 2009 3:26 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? On Thu, Jan 8, 2009 at 3:10 PM, Christopher Iarocci wrote: > That being said, does ANYONE have a clue why my PPTP server is suddenly > broken after the 1.2.1 upgrade? BTW, doing more testing, I tried > eliminating the Radius server and used local authentication. The same exact > errors appear, so it does not seem to be a problem with the radius setup. > Not sure, I did look at the PPTP server last night and didn't have any trouble at all. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
That being said, does ANYONE have a clue why my PPTP server is suddenly broken after the 1.2.1 upgrade? BTW, doing more testing, I tried eliminating the Radius server and used local authentication. The same exact errors appear, so it does not seem to be a problem with the radius setup. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Chris Buechler [mailto:cbuech...@gmail.com] Sent: Wednesday, January 07, 2009 8:59 PM To: support@pfsense.com Subject: Re: [pfSense Support] Multi-WAN PPTP? On Wed, Jan 7, 2009 at 8:55 PM, Morgan Reed wrote: > On Thu, Jan 8, 2009 at 11:29 AM, Christopher Iarocci wrote: >> I have a single WAN setup and PPTP has been broken since I upgraded to >> 1.2.1. In version 1.2 it worked perfectly. I've tried changing settings >> and putting them back, but it continues to fail at the authentication >> process as you've described. I have the same setup as you, a W2K3 server >> acting as radius and the PFSense machine acting as the PPTP server. Anyone >> else notice that PPTP has broken since 1.2.1 upgrade? Here is a snippit of >> my logs > > Apparently there are three major bugs being fixed in 1.2.2, this may > be one of them. > They aren't major, aside from the setup wizard issue they're rare edge cases or minor things. PPTP isn't one. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] pfsense 1.2.1 wizard bug
173.2.245.101 Upon going to diagnostics-->ping, I put in google.com as the host and it resolved and returned pings. I believe my firewall can access the internet. I can say that I discovered the problem about 12 hours after the firewall was up and running. I'm not sure if that was enough time for the bogon networks to update. Maybe there should be a way force the update? Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Chris Buechler [mailto:cbuech...@gmail.com] Sent: Wednesday, January 07, 2009 10:33 AM To: support@pfsense.com Subject: Re: [pfSense Support] pfsense 1.2.1 wizard bug On Wed, Jan 7, 2009 at 8:22 AM, Christopher Iarocci wrote: > I found that the bogon networks in 1.2.1 include at least one legit network. > I found out the hard way when one of my VPN tunnels wouldn't establish and > it drove me crazy for hours. Turned out unclicking the bogon network option > fixed it. After realizing that that particular network couldn't communicate > with mine at all, then I looked towards the bogon network option. I feel > this option should at least list the networks affected so one can see > exactly what they are blocking. > No reason that should have taken hours, always check your firewall logs when something doesn't work. The list is auto updated monthly if your firewall can get to the Internet. Clean installs aren't immediately updated. Send me what IP was listed there that shouldn't be and I'll make sure it isn't in the list. Every time I've checked on that for someone else, it had been removed months prior and their firewall didn't have DNS configured so it couldn't update. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Multi-WAN PPTP?
en though I clearly have the WAN IP address in that field. Here is a snippit of that.. Jan 7 19:26:28 mpd: [pt15] using interface ng16 Jan 7 19:26:28 mpd: [pt15] ppp node is "mpd57834-pt15" Jan 7 19:26:28 mpd: [pt14] using interface ng15 Jan 7 19:26:28 mpd: [pt14] ppp node is "mpd57834-pt14" Jan 7 19:26:28 mpd: [pt13] using interface ng14 Jan 7 19:26:28 mpd: [pt13] ppp node is "mpd57834-pt13" Jan 7 19:26:28 mpd: [pt12] using interface ng13 Jan 7 19:26:28 mpd: [pt12] ppp node is "mpd57834-pt12" Jan 7 19:26:28 mpd: [pt11] using interface ng12 Jan 7 19:26:28 mpd: [pt11] ppp node is "mpd57834-pt11" Jan 7 19:26:28 mpd: [pt10] using interface ng11 Jan 7 19:26:28 mpd: [pt10] ppp node is "mpd57834-pt10" Jan 7 19:26:28 mpd: [pt9] using interface ng10 Jan 7 19:26:28 mpd: [pt9] ppp node is "mpd57834-pt9" Jan 7 19:26:28 mpd: [pt8] using interface ng9 Jan 7 19:26:28 mpd: [pt8] ppp node is "mpd57834-pt8" Jan 7 19:26:28 mpd: [pt7] using interface ng8 Jan 7 19:26:28 mpd: [pt7] ppp node is "mpd57834-pt7" Jan 7 19:26:28 mpd: [pt6] using interface ng7 Jan 7 19:26:28 mpd: [pt6] ppp node is "mpd57834-pt6" Jan 7 19:26:28 mpd: [pt5] using interface ng6 Jan 7 19:26:28 mpd: [pt5] ppp node is "mpd57834-pt5" Jan 7 19:26:28 mpd: [pt4] using interface ng5 Jan 7 19:26:28 mpd: [pt4] ppp node is "mpd57834-pt4" Jan 7 19:26:28 mpd: [pt3] using interface ng4 Jan 7 19:26:28 mpd: [pt3] ppp node is "mpd57834-pt3" Jan 7 19:26:28 mpd: [pt2] using interface ng3 Jan 7 19:26:28 mpd: [pt2] ppp node is "mpd57834-pt2" Jan 7 19:26:28 mpd: [pt1] using interface ng2 Jan 7 19:26:28 mpd: [pt1] ppp node is "mpd57834-pt1" Jan 7 19:26:28 mpd: [pt0] using interface ng1 Jan 7 19:26:28 mpd: mpd: local IP address for PPTP is 0.0.0.0 Jan 7 19:26:28 mpd: [pt0] ppp node is "mpd57834-pt0" Jan 7 19:26:28 mpd: mpd: pid 57834, version 3.18 (r...@freebsd7-releng_1_2.pfsense.org 20:18 9-Nov-2008) Any help would be appreciated as I'm at a loss as to why it worked perfectly under 1.2 but not under 1.2.1 with the same config. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Morgan Reed [mailto:morgan.s.r...@gmail.com] Sent: Monday, January 05, 2009 7:27 AM To: support@pfsense.com Subject: [pfSense Support] Multi-WAN PPTP? Hi all, We've a multi-WAN setup on our pfSense (no redundancy or load balancing, one is dedicated to office internet traffic, the other is dedicated to inbound server traffic), just wondering if it's possible to setup pfSense so we can accept PPTP in on either WAN link (that way if the main link is down we can come in the backup and vice versa). pfSense is our PPTP server, and it authenticates against our Windows 2000 AD via RADIUS/IAS if that makes any difference. I've added a firewall rule to allow 1723 in on WAN2 but there appears to be something else required as my connection attempts timeout at authentication (I've been able to connect PPTP to the WAN2 interface from inside the office with no trouble so I assume that means that the PPTP daemon listens on all interfaces) I recall PPTP also uses IP Proto 47 (GRE), do I need to add a rule to allow that traffic on WAN2? Any suggestions? Thanks, Morgan - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] pfsense 1.2.1 wizard bug
I found that the bogon networks in 1.2.1 include at least one legit network. I found out the hard way when one of my VPN tunnels wouldn't establish and it drove me crazy for hours. Turned out unclicking the bogon network option fixed it. After realizing that that particular network couldn't communicate with mine at all, then I looked towards the bogon network option. I feel this option should at least list the networks affected so one can see exactly what they are blocking. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris Buechler Sent: Wednesday, January 07, 2009 2:44 AM To: support@pfsense.com Subject: Re: [pfSense Support] pfsense 1.2.1 wizard bug On Wed, Jan 7, 2009 at 2:20 AM, Veiko Kukk wrote: > I reinstalled my two machines and on both times the initial setup wizard > asked for wan IP-s, but did not save the address. Later, when checking WAN > interface configuration, the IP address field was empty, but gateway was > filled correctly. > Yeah, 1.2.2 is coming sometime this week to fix that and 3 other things that have been fixed since 1.2.1. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: Re[2]: [pfSense Support] Error thrown only for a URL
My configuration is static for WAN and LAN and the only DNS servers configured in the PFSense box are my internal ones (which is configured in the DHCP server portion of PFSense). Since DNS resolution works on the PFSense box, and the only DNS servers it knows about are in the DHCP config, I can conclude that those servers are used for squid. Please, someone correct me if I'm wrong. I don't see anywhere else in PFSense that DNS servers are configured when using a static IP configuration. I do not have the DNS forwarder enabled either. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 From: Ugur00 [mailto:ugu...@gmail.com] Sent: Wednesday, December 31, 2008 9:05 AM To: Christopher Iarocci Subject: Re[2]: [pfSense Support] Error thrown only for a URL Merhaba Christopher, how to use your pf box your internal dns servers? ps. similar conf, www.nytimes.com and nytimes.com works fine. Wednesday, December 31, 2008, 3:55:21 PM, şunu yazdınız: Jose, I'm not sure I can help you figure out why it is not working for you, but I can tell you this which might help you eliminate certain things. I have version 1.2.1 release of PFSense running with squid and squidguard. Both nytimes.com and <http://www.nytimes.com> www.nytimes.com work fine for me. I used firefox on a windows computer to test it. My DNS servers are internal on the network and my PFSense box also uses the internal DNS server. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 From: jose thomas [mailto:tk.j...@gmail.com] Sent: Wednesday, December 31, 2008 8:21 AM To: support@pfsense.com Subject: [pfSense Support] Error thrown only for a URL Hello, I have installed pfSense 1.2 for our Office network and it is working perfectly with squid configured. However, facing a problem for a single site - <http://www.nytimes.com> www.nytimes.com. The following error is thrown immediately giving the URL <http://www.nytimes.com> http://www.nytimes.com "The error is "Network Error (dns_server_failure) Your request could not be processed because a error occurred contacting the DNS server. The DNS server may be temporarily unavailable, or there could be a network problem." If I try " <http://nytimes.com> nytimes.com" it works. <http://www.nytimes.com> www.nytimes.com is "ping"able as well as reach via traceroute from my PC as well as from the pfSense box. Can anybody suggest me how to resolve this. TIA Jose -- Mobile: +971-50-9943477 Office: +971-4-4370703 Residence: +971-4-2232044 -- Saygılar, Ugur00 <mailto:ugu...@gmail.com> mailto:ugu...@gmail.com - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Error thrown only for a URL
Jose, I'm not sure I can help you figure out why it is not working for you, but I can tell you this which might help you eliminate certain things. I have version 1.2.1 release of PFSense running with squid and squidguard. Both nytimes.com and www.nytimes.com work fine for me. I used firefox on a windows computer to test it. My DNS servers are internal on the network and my PFSense box also uses the internal DNS server. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 From: jose thomas [mailto:tk.j...@gmail.com] Sent: Wednesday, December 31, 2008 8:21 AM To: support@pfsense.com Subject: [pfSense Support] Error thrown only for a URL Hello, I have installed pfSense 1.2 for our Office network and it is working perfectly with squid configured. However, facing a problem for a single site - www.nytimes.com. The following error is thrown immediately giving the URL http://www.nytimes.com "The error is "Network Error (dns_server_failure) Your request could not be processed because a error occurred contacting the DNS server. The DNS server may be temporarily unavailable, or there could be a network problem." If I try "nytimes.com" it works. www.nytimes.com is "ping"able as well as reach via traceroute from my PC as well as from the pfSense box. Can anybody suggest me how to resolve this. TIA Jose -- Mobile: +971-50-9943477 Office: +971-4-4370703 Residence: +971-4-2232044
RE: [pfSense Support] Help to get a pfSense with two subnets in separate vlan's to work
Thomas, If you actually have a private IP on the WAN, do you have the "Block private networks" box unchecked? If that is checked, no traffic will come in your WAN because it is on a private network. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 From: Thomas Elsgaard [mailto:thomas.elsga...@gmail.com] Sent: Monday, December 15, 2008 5:20 PM To: support@pfsense.com Subject: [pfSense Support] Help to get a pfSense with two subnets in separate vlan's to work Hi Guys I have started to play around with pfSense, and i have some problems getting my test setup to work, i am sure that i have just forgot something, but i am not sure what :-( I have attached an diagram of what i want' and what i have configured, but basically this is what i want to do: sis0 is my wan port, nothing fancy here, untagged traffic sis1 is my lan port, only used for mgmt sis2 is my trunk, with two enterprises, each in it's own vlan (10,11) The built in DHCP server to serve both vlans So far i can get following to work: The clients connected to the ports on the L2 switch is getting dhcp leases in the the correct subnets, so i am relative sure that the vlan setup + dhcp is working, what is giving me the problem is the routing, i have added pass rules for all interfaces. But i can still not get any traffic thru? have i forgot something, or is it just a question about some correct static routes? or do i need virtual IP's with ARP-Proxy? Any good ideas? Best regards ///Thomas
RE: [pfSense Support] RE: DNS Forwarder/Authoritative DNS Server
Chris Buechler answered you a few days back. His answer was: No, feature request opened (patches welcome). http://cvstrac.pfsense.org/tktview?tn=1849 Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 From: Dimitri Rodis [mailto:dimit...@integritasystems.com] Sent: Friday, December 12, 2008 2:03 AM To: support@pfsense.com Subject: [pfSense Support] RE: DNS Forwarder/Authoritative DNS Server No love? Dimitri Rodis Integrita Systems LLC From: Dimitri Rodis [mailto:dimit...@integritasystems.com] Sent: Tuesday, December 02, 2008 9:36 AM To: support@pfsense.com Subject: [pfSense Support] DNS Forwarder/Authoritative DNS Server On one of my networks, I have 4 Windows server domain controllers that run DNS for Active Directory on this network in particular. On the services_dnsmasq.php page in pfSense, the bottom section allows you to specify authoritative DNS servers for domains that are not part of the internet (or to override for the purpose of split-brain DNS). Let's say that this particular domain is internaldomain.local. There are 4 authoritative DNS servers for this zone-however, the interface on this page only allows you to add one: https://24.120.123.222/themes/pfsense/images/icons/icon_error.gif The following input errors were detected: * A override already exists for this domain. Is there a way that I can specify multiple DNS servers for a particular domain suffix? You should be able to, IMO. Thanks, Dimitri Rodis Integrita Systems LLC <>
RE: [pfSense Support] Transparent Firewall
Glenn, A few questions come to mind off the top of my head. Did you enable filtering bridge in the System-->Advanced section? If so, did you put rules in place to pass the traffic you want? You didn't tell us anything about the config of your PFSense box, other than it's a bridge, so it's hard to really tell what's wrong. Christopher Iarocci Network Solutions Manager Twin Forks Office Products 631-727-3354 -Original Message- From: Glenn Kelley [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2008 10:06 AM To: support@pfsense.com Subject: [pfSense Support] Transparent Firewall Greetings folks - After a really nice long google search I ended up here ... In short we have a number of ip's a client of ours is looking to setup PFSense as a transparent bridge/firewall for. Setup is as follows Incoming Ethernet Connection from Data Center | | | SWITCH | | | PF SENSE WAN (IP 216.119.x.x) ~ ... external ip for management 24.182.x.x ~ PFSense LAN ( IP 216.119.x.x) | | | SWITCH ~ ~ Their Systems ~~ running ip ranges 216.119.x.x 67.184.x.x 65.194.x.x so here is the deal - we allowed all traffic from WAN / LAN bridged LAN to WAN Internally / externally we can ping the ip ranges when the incoming ethernet is into the last switch touching their internal network - but when we move that to the WAN Switch - no luck. We know the connections are good - switch is good - Any suggestions? I would be willing to pay a small bounty - (as this non-profit customer is willing (a church entity ) ) if someone could help. Thanks a ton in advance After 3 days of scratching our heads - redoing this 1400 times (ok so maybe not that much) but enough to know the steps in our heads ... we thought it might be time to ask. If this works - I can see a great value to this PFSense product ... Really nice looking - and it actually can compare very well to the SonicWall, WatchGuard and other Pix products we see here... Gotta love Open Source... Let's hope this works out. Thank again Glenn - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] monitoring bandwidth usage of individual lan addresses
I stuck a 60GB hard drive in a NET5501 and run the full install. Works beautifully and I'm not worried about killing my CF card. Maybe Patrick is doing the same or could do the same if he is not. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Buechler Sent: Monday, June 16, 2008 3:11 AM To: support@pfsense.com Subject: Re: [pfSense Support] monitoring bandwidth usage of individual lan addresses On Mon, Jun 16, 2008 at 3:07 AM, David Rees <[EMAIL PROTECTED]> wrote: > On Sun, Jun 15, 2008 at 5:43 PM, Daniel Lloyd <[EMAIL PROTECTED]> wrote: >> The bandwithd package does just that. > > But he's running on a ALIX board, isn't he most likely using the > embedded version which does not support packages? > Ah, missed that. No way currently to run packages on embedded, it's not capable of saving data for things of this nature because of the limits of CF. Some people do full installs on CF and run that way, it's not recommended because theoretically it'll kill your CF. In practice, I know of a number of people running that way and have yet to hear from one who killed a CF card. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] bsdperimeter.com down -- what is the state of commercial support for pfSense?
Found this at the bottom of the Centipede Networks site: If you would like more information regarding this release, please contact Gary Buckmaster with Centipede Networks at (918) 524-1010 x 114 or at [EMAIL PROTECTED] I'm sure he could help. -Original Message- From: Timo Schoeler [mailto:[EMAIL PROTECTED] Sent: Friday, May 09, 2008 5:33 AM To: support@pfsense.com Subject: [pfSense Support] bsdperimeter.com down -- what is the state of commercial support for pfSense? Hi there, I'm about to sell a bunch of pfSense-based Firewalls to a customer (who wants to run a nice loadbalanced setup). What about commercial support? bsdperimeter.com is down, as it seems to me... Any ideas? Thanks in advance, Timo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] panic on install of stable pfsense on latests Dell PE 1950 server
I'll trade you that machine for one that works. ;-) Seriously though, disable the ACPI in the bios. There was just a thread on a similar problem yesterday. See here: http://www.mail-archive.com/support@pfsense.com/msg13026.html HTH Chris From: Harrie Bonenkamp (Colson) [mailto:[EMAIL PROTECTED] Sent: Thursday, May 08, 2008 11:39 AM To: support@pfsense.com Subject: [pfSense Support] panic on install of stable pfsense on latests Dell PE 1950 server Dear Support, I tried to install the latest stable pfsense 1.2 on a brand new Dell PowerEdge 1950 With the default (ACPI enabled) install It came back to me with this error: DELL_PE_SC3 Panic ACPI0sDerivePciId unable to initialize PCI bus And system reboots in 15 seconds. The server has this specification: PE1950 III Quad-Core Xeon E5430 2.66GHz/2x6MB 1333FSB PE1950 PCIE Riser (2 Slots) PE1950 Bezel Assembly 4GB FB 667MHz Memory (2x2GB dual rank DIMMs) No second Processor option 300GB SAS (10,000 rpm) 3.5inch Hard Drive PE1950 III 3.5" HDD support chassis Perc 6i Integrated Controller 8X IDE DVD-ROM Drive PE1950 III Non-Redundant Power Supply - No Power Cord Broadcom TCP/IP Offload Engine functionality (TOE) Not Enabled No Operating System PE1950 OpenManage kit and FI Driver PE1950 III - C3,MSSR1, ADD IN PERC 5i/6i or SAS6iR, min 2 / max 2 Harrie Bonenkamp
RE: [pfSense Support] 1.2 package add-on missing
Doesn't it matter WHICH image you install, not just that you install it to a hard drive? I think only the Live CD image supports packages. Chris From: Paul Peziol [mailto:[EMAIL PROTECTED] Sent: Monday, May 05, 2008 12:06 PM To: support@pfsense.com Subject: Re: [pfSense Support] 1.2 package add-on missing 1: Its installed to the hd. Under System I have Advanced, Firmware, Gen Setup, Setup Wizard, and static routes, Last time I installed it, it had a packages section that appears missing. This is the latest one that I downloaed and dont have older version anymore 2. Ahh. should've looked better. thank for your help On Mon, May 5, 2008 at 10:45 AM, Dimitri Rodis <[EMAIL PROTECTED]> wrote: 1. Did you install pfSense to the hard drive? (You need to for packages) 2. Yes.. Go to the interfaces page and add it. Dimitri Rodis Integrita Systems LLC From: Paul Peziol [mailto:[EMAIL PROTECTED] Sent: Monday, May 05, 2008 8:41 AM To: support@pfsense.com Subject: [pfSense Support] 1.2 package add-on missing Not sure if its a bug or something in my installation but the new version appears to not have a choice to add packages and the firmware update page seems to be out of line. If its a installation issue I will re-install it. 2nd question I have 3 NIC's. I only setup 2 of them on the initial setup. Is there a way to add the 2nd optional one after the fact. Paul
RE: [pfSense Support] LogMe In Block!!
Since he is trying to allow logmein, I don't think this is all that helpful. ;-) Chris -Original Message- From: Christoph Hanle [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 08, 2008 3:32 PM To: support@pfsense.com Subject: Re: [pfSense Support] LogMe In Block!! Sebastián Veloso Varas wrote: > Hello, I am new in this list so from already my greetings to all. I have the following doubt: how can I leak LogMeIn in pfsense? > > Should I leak only everything what it avenges from *.logmein.com? Hi, there are some possibilities to deny access from and to peer to peer services like logmein.com. - have a policy within your network, which denies the installing of the logmein client and the visiting of logmein pages. But if you need technical solutions, i will you show some: - install a client on a testmachine and find out the IPs of the logmein.com servers the clients connect to, use wireshark or the logs of pfsense. Block (https) access to these IPs + - Block (http(s)) access to www.logmein.com, secure.logmein.com and whatever will be after the login at secure.logmein.com. These settings must be checked periodicly. - And/or use the DNS forwarder of pfsense or your own DNS to manipulate the proper nameresolution, but the browsercache and the possibility to use IPs instead of names are leaks of the solution. - Use a proxy server, maybe with content filter, there you will have other possibilities to filter. hope this helps bye Christoph - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Snapshots
I just got there fine, it's 1:42PM EST here. Chris From: Atkins, Dwane P [mailto:[EMAIL PROTECTED] Sent: Thursday, January 03, 2008 1:18 PM To: support@pfsense.com Subject: [pfSense Support] Snapshots I am trying to connect to the following url http://snapshots.pfsense.com/FreeBSD6/RELENG_1/updates/ Is there a problem with this? Thank you Dwane Dwane Atkins 210-567-0158 [EMAIL PROTECTED]
RE: [pfSense Support] Squidguard blocks all traffic
127.0.0.1 Pound away. ;-) Chris -Original Message- From: Paul M [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 02, 2008 10:20 AM To: support@pfsense.com Subject: Re: [pfSense Support] Squidguard blocks all traffic Christopher Iarocci wrote: > I entered in a ticket because they are currently in RC status and I thought ... > Devs, > > Please slap me if I did the wrong thing. My heart was in the right place. just publish your pfSense box's IP, and then your punishment can then be to have your firewall tested to destruction :-) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.17.13/1207 - Release Date: 1/2/2008 11:29 AM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Squidguard blocks all traffic
Anyone know who the author is? I've had that question up for a while now and not heard any response (other than confirmation that it does not work). I will certainly delete the ticket. Chris -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 02, 2008 10:45 AM To: support@pfsense.com Subject: Re: [pfSense Support] Squidguard blocks all traffic On Jan 2, 2008 10:06 AM, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > Since this is a package (and one that is currently still under > development) the best way to file the bug is with the package maintainer. That is right. The author hangs out on the forum. Since the author does not use cvstrac, please delete the ticket. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.17.13/1207 - Release Date: 1/2/2008 11:29 AM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: RE: RE: [pfSense Support] Squidguard blocks all traffic
I entered in a ticket because they are currently in RC status and I thought a bug should be reported in a timely fashion to avoid the RC being released as stable with a bug in it. Devs, Please slap me if I did the wrong thing. My heart was in the right place. :-) Christopher Iarocci Network Solutions Manager Twin Forks Office Products, Inc. 631-727-3354 X107 -Original Message- From: DLStrout [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 02, 2008 9:04 AM To: support@pfsense.com; support@pfsense.com Subject: Re: RE: RE: [pfSense Support] Squidguard blocks all traffic I think it is the ticket process .. (create a ticket), but might want to see how the devs want this handled. -- David L. Strout Engineering Systems Plus, LLC - Original Message - Subject: RE: RE: [pfSense Support] Squidguard blocks all traffic From: [EMAIL PROTECTED] To: support@pfsense.com Date: 01-02-2008 8:46 am > What is the bug report procedure for pfSense? Since no one seems to have > this working and 2 of us have confirmed that it doesn't work maybe a bug > report should be put in. > > Christopher Iarocci > Network Solutions Manager > Twin Forks Office Products, Inc. > 631-727-3354 X107 > > > > -Original Message- > From: DLStrout [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 02, 2008 8:18 AM > To: support@pfsense.com; support@pfsense.com > Subject: Re: RE: [pfSense Support] Squidguard blocks all traffic > > I have found the same to be true. I have been > tinkering with it for weeks trying to get it to > properly write the config file and police traffic > based on the ACL/rules settings, but have had very > little luck. > > I found that it somewhat temperamental about > writing the config file and that seems (at least > in my case & HO) to be the break point. > > -- > David L. Strout > Engineering Systems Plus, LLC > > - Original Message - > Subject: RE: [pfSense Support] Squidguard blocks > all traffic > From: [EMAIL PROTECTED] > To: support@pfsense.com > Date: 01-02-2008 8:01 am > > > > Anybody > > > > -Original Message- > > From: Christopher Iarocci > [mailto:[EMAIL PROTECTED] > > Sent: Friday, December 28, 2007 6:57 PM > > To: support@pfsense.com > > Subject: [pfSense Support] Squidguard blocks all > traffic > > > > When I turn on squidguard, all http traffic is > blocked. Is this normal? What do I need to do to > have it pass traffic and only block what I want > blocked? Does anyone have squidguard working on a > 1.2RC3 pfsense box? > > > > Chris > > > > > - > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > -- > > No virus found in this incoming message. > > Checked by AVG Free Edition. > > Version: 7.5.476 / Virus Database: > 269.17.12/1203 - Release Date: 12/30/2007 11:27 AM > > > > > > > > > - > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > -- > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.516 / Virus Database: 269.17.13/1207 - Release Date: 1/2/2008 > 11:29 AM > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.17.13/1207 - Release Date: 1/2/2008 11:29 AM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: RE: [pfSense Support] Squidguard blocks all traffic
What is the bug report procedure for pfSense? Since no one seems to have this working and 2 of us have confirmed that it doesn't work maybe a bug report should be put in. Christopher Iarocci Network Solutions Manager Twin Forks Office Products, Inc. 631-727-3354 X107 -Original Message- From: DLStrout [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 02, 2008 8:18 AM To: support@pfsense.com; support@pfsense.com Subject: Re: RE: [pfSense Support] Squidguard blocks all traffic I have found the same to be true. I have been tinkering with it for weeks trying to get it to properly write the config file and police traffic based on the ACL/rules settings, but have had very little luck. I found that it somewhat temperamental about writing the config file and that seems (at least in my case & HO) to be the break point. -- David L. Strout Engineering Systems Plus, LLC - Original Message - Subject: RE: [pfSense Support] Squidguard blocks all traffic From: [EMAIL PROTECTED] To: support@pfsense.com Date: 01-02-2008 8:01 am > Anybody > > -Original Message- > From: Christopher Iarocci [mailto:[EMAIL PROTECTED] > Sent: Friday, December 28, 2007 6:57 PM > To: support@pfsense.com > Subject: [pfSense Support] Squidguard blocks all traffic > > When I turn on squidguard, all http traffic is blocked. Is this normal? What do I need to do to have it pass traffic and only block what I want blocked? Does anyone have squidguard working on a 1.2RC3 pfsense box? > > Chris > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > -- > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.476 / Virus Database: 269.17.12/1203 - Release Date: 12/30/2007 11:27 AM > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.17.13/1207 - Release Date: 1/2/2008 11:29 AM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Squidguard blocks all traffic
Anybody -Original Message- From: Christopher Iarocci [mailto:[EMAIL PROTECTED] Sent: Friday, December 28, 2007 6:57 PM To: support@pfsense.com Subject: [pfSense Support] Squidguard blocks all traffic When I turn on squidguard, all http traffic is blocked. Is this normal? What do I need to do to have it pass traffic and only block what I want blocked? Does anyone have squidguard working on a 1.2RC3 pfsense box? Chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.476 / Virus Database: 269.17.12/1203 - Release Date: 12/30/2007 11:27 AM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Squidguard blocks all traffic
When I turn on squidguard, all http traffic is blocked. Is this normal? What do I need to do to have it pass traffic and only block what I want blocked? Does anyone have squidguard working on a 1.2RC3 pfsense box? Chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Squid running, squidguard blocking all traffic??
Squid is running. The filter service is stopped. When I start the filter service all http traffic is blocked. Any ideas on how to configure it to allow traffic? The GUI looks pretty straight forward but I can't seem to get it to work. I was even able to upload a filter set from the web through it and it loaded ok. But the second I switch it on, even if I leave default settings, bam, no more http traffic. Chris From: Curtis LaMasters [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 26, 2007 9:32 AM To: support@pfsense.com Subject: Re: [pfSense Support] Squid running, squidguard blocking all traffic?? First check under the Services page under the status drop down menu. Squid should be in there. Curtis
[pfSense Support] Squid running, squidguard blocking all traffic??
I'm using 1.2RC3. In the instructions for installing squid it says to start the package. I can't see anywhere to start it, and I don't see anywhere that tells me if it is started or not. I have it configured as a transparent proxy. Also, when I start squidguard, no HTML traffic will pass at all. I'm wondering if that is happening because squid is simply not running. How do I tell? How do I get squidguard to pass traffic? Christopher Iarocci Network Solutions Manager Twin Forks Office Products, Inc. 631-727-3354 X107
RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features
Thank you. I had to enable SSH to do it (the direct connect terminal kept doing funky things in VI), but I got it done. Thank you everyone for your help. Chris -Original Message- From: Jaye Mathisen [mailto:[EMAIL PROTECTED] Sent: Thursday, December 20, 2007 5:48 PM To: support@pfsense.com Subject: Re: [pfSense Support] Setting up on Soekris NET5501-70 with all features Edit /etc/fstab from a shell, and change the entry for / to the right device. On Thu, Dec 20, 2007 at 04:37:44PM -0500, Christopher Iarocci wrote: > Chris, > > So I got the firewall installed on the hard drive, inserted into the Soekris > board and I'm able to see the boot up from the serial console. I thought > everything was good but then it got to the mount part and was not able to > mount root (Trying to mount root from ufs:/dev/ad4s1a). I had to manually > enter in ufs:ad1s1a (Note, it's ad1, not ad4) to get it to boot. It seems > it's trying to mount root from the wrong place and I must manually enter in > the mount command to get it to go. Once I do that it boots up fine and the > firewall works. How do I get the firewall to automatically mount the > correct drive? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.17.5/1190 - Release Date: 12/19/2007 7:37 PM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features
Chris, So I got the firewall installed on the hard drive, inserted into the Soekris board and I'm able to see the boot up from the serial console. I thought everything was good but then it got to the mount part and was not able to mount root (Trying to mount root from ufs:/dev/ad4s1a). I had to manually enter in ufs:ad1s1a (Note, it's ad1, not ad4) to get it to boot. It seems it's trying to mount root from the wrong place and I must manually enter in the mount command to get it to go. Once I do that it boots up fine and the firewall works. How do I get the firewall to automatically mount the correct drive? Christopher Iarocci -Original Message- From: Chris Buechler [mailto:[EMAIL PROTECTED] Sent: Thursday, December 20, 2007 12:51 AM To: support@pfsense.com Subject: Re: [pfSense Support] Setting up on Soekris NET5501-70 with all features Christopher Iarocci wrote: > > Sean, > > > > Will the ISO allow me to install to a hard drive hung off a machine by > a USB adapter, or will it only work if the hard drive is connected to > the motherboard? I imagine I have to boot a machine off the CD > created by the ISO and that will run me through an install to hard drive. > Yes to both, USB adapters work fine for install and operation, and you'll need to run the installer off the live CD (option 99). - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.17.4/1189 - Release Date: 12/18/2007 9:40 PM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features
No, I did not do that. I will the next time. Thanks for the tip. For this machine, it wasn't really an option anyway since the built in NIC wasn't even detected. Chris wrote: > > It's been about 6 months since I did it last... but did you try and add vlans > for the WAN? > > -Original Message----- > From: Christopher Iarocci [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 19, 2007 4:57 PM > To: support@pfsense.com > Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all > features > > Tim, > > I appreciate the help. I didn't think you were bashing. > > Anyway, I ran the liveCD on my laptop, and as I suspected it complains that I > do not have 2 working interfaces and will not go any further (it also doesn't > recognize my NIC card in the machine). So, I'm stuck needing an image with > the serial port on, or needing instructions on how to do it myself (I do not > have the hardware needed to install it, configure it, and then move the hard > drive). Can anyone help me??? I really want to use pfsense for this > project, but right now I'm stuck without some guidance. > > The live CD does allow for shell access. I'm wondering if I can somehow do > it through there or if I need to decompress the ISO and modify the loader. > The other question I have is, once I know how to modify the files needed, > what exactly do I put in them, and where? > > Thanks. > > Chris > > P.S. Couldn't an image be made for this purpose? I didn't think I was doing > anything out of the ordinary putting a hard disk in a Net5501. It is quite a > robust little machine and certainly can handle the full version. > > wrote: > > > > Yes that would be fine. > > All you need is to setup the LAN with an IP so you can get in and turn on > > the console. > > Then when you pull it up via serial on the new device choose assign > > interfaces and set it up with the new interfaces. > > Btw... "- and it isn't as difficult as you seem to be thinking it is" was > > supposed to be encouraging, re-reading it I can see it coming off as a bash > > - so sorry if it did come across that way. > > -Tim > > > > -Original Message- > > From: Christopher Iarocci [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, December 19, 2007 12:34 PM > > To: support@pfsense.com > > Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all > > features > > > > Tim, > > > > I'm not thinking it's difficult. I'm used to m0n0wall where you must have > > 2 interfaces. Also, the drive I am using is a SATA drive. The only > > machine I have with a SATA interface is a laptop. Could I use a laptop to > > set this up with a single interface? If the answer is yes, then I can do > > it simply enough. If the answer is no, then I'm stuck with not having the > > hardware to do it in the manner suggested. > > > > Chris > > > > -Original Message- > > From: Tim Dickson [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, December 19, 2007 3:28 PM > > To: support@pfsense.com > > Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all > > features > > > > Embedded images running on compact flash are not designed for the kinds of > > page writes that would be involved with most packages. > > This is to make the system as stable as possible. > > Once SSD becomes a standard I'm sure they'll take a look at that, but for > > now - the stability wouldn't be there. > > > > As for your install get it up and running on another machine (doesn't > > matter about the interfaces - just get the LAN setup so you can turn on the > > console) Then when you swap the drive over it will detect the new > > interfaces upon boot and you can reassign them. > > I've done this several times - and it isn't as difficult as you seem to be > > thinking it is. > > -Tim > > > > > > > > -Original Message- > > From: Chris Bagnall [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, December 19, 2007 12:14 PM > > To: support@pfsense.com > > Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all > > features > > > > > the embedded install image has a disk image for putting it on compact > > > flash, but that wont let you install any packages once up and running. > > > > Perhaps the answer might be to modify that behaviour so that packages can > > b
Re: [pfSense Support] Setting up on Soekris NET5501-70 with all features
Good. This means my choice of hardware to use for install just got much larger. Thanks. Chris wrote: > > Christopher Iarocci wrote: > > > > Sean, > > > > > > > > Will the ISO allow me to install to a hard drive hung off a machine by > > a USB adapter, or will it only work if the hard drive is connected to > > the motherboard? I imagine I have to boot a machine off the CD > > created by the ISO and that will run me through an install to hard drive. > > > Yes to both, USB adapters work fine for install and operation, and > you'll need to run the installer off the live CD (option 99). > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features
Tim, I appreciate the help. I didn't think you were bashing. Anyway, I ran the liveCD on my laptop, and as I suspected it complains that I do not have 2 working interfaces and will not go any further (it also doesn't recognize my NIC card in the machine). So, I'm stuck needing an image with the serial port on, or needing instructions on how to do it myself (I do not have the hardware needed to install it, configure it, and then move the hard drive). Can anyone help me??? I really want to use pfsense for this project, but right now I'm stuck without some guidance. The live CD does allow for shell access. I'm wondering if I can somehow do it through there or if I need to decompress the ISO and modify the loader. The other question I have is, once I know how to modify the files needed, what exactly do I put in them, and where? Thanks. Chris P.S. Couldn't an image be made for this purpose? I didn't think I was doing anything out of the ordinary putting a hard disk in a Net5501. It is quite a robust little machine and certainly can handle the full version. wrote: > > Yes that would be fine. > All you need is to setup the LAN with an IP so you can get in and turn on the > console. > Then when you pull it up via serial on the new device choose assign > interfaces and set it up with the new interfaces. > Btw... "- and it isn't as difficult as you seem to be thinking it is" was > supposed to be encouraging, re-reading it I can see it coming off as a bash - > so sorry if it did come across that way. > -Tim > > -Original Message- > From: Christopher Iarocci [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 19, 2007 12:34 PM > To: support@pfsense.com > Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all > features > > Tim, > > I'm not thinking it's difficult. I'm used to m0n0wall where you must have 2 > interfaces. Also, the drive I am using is a SATA drive. The only machine I > have with a SATA interface is a laptop. Could I use a laptop to set this up > with a single interface? If the answer is yes, then I can do it simply > enough. If the answer is no, then I'm stuck with not having the hardware to > do it in the manner suggested. > > Chris > > -Original Message- > From: Tim Dickson [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 19, 2007 3:28 PM > To: support@pfsense.com > Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all > features > > Embedded images running on compact flash are not designed for the kinds of > page writes that would be involved with most packages. > This is to make the system as stable as possible. > Once SSD becomes a standard I'm sure they'll take a look at that, but for now > - the stability wouldn't be there. > > As for your install get it up and running on another machine (doesn't matter > about the interfaces - just get the LAN setup so you can turn on the console) > Then when you swap the drive over it will detect the new interfaces upon boot > and you can reassign them. > I've done this several times - and it isn't as difficult as you seem to be > thinking it is. > -Tim > > > > -Original Message- > From: Chris Bagnall [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 19, 2007 12:14 PM > To: support@pfsense.com > Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all > features > > > the embedded install image has a disk image for putting it on compact > > flash, but that wont let you install any packages once up and running. > > Perhaps the answer might be to modify that behaviour so that packages can be > installed onto systems built using the embedded images? Surely that'd resolve > the issue the OP was trying to work around? > > Regards, > > Chris > -- > C.M. Bagnall, Director, Minotaur I.T. Limited For full contact details visit > http://www.minotaur.it This email is made from 100% recycled electrons > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features
Or, make an image for the full version that is an image, not an iso, that also have the serial port enabled. This way it could be written to a hard drive bound for an embedded machine and just plopped in place with no fancy work arounds. -Original Message- From: Chris Bagnall [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 19, 2007 3:14 PM To: support@pfsense.com Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features > the embedded install image has a disk image for putting it on compact flash, > but > that wont let you install any packages once up and running. Perhaps the answer might be to modify that behaviour so that packages can be installed onto systems built using the embedded images? Surely that'd resolve the issue the OP was trying to work around? Regards, Chris -- C.M. Bagnall, Director, Minotaur I.T. Limited For full contact details visit http://www.minotaur.it This email is made from 100% recycled electrons - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.17.4/1189 - Release Date: 12/18/2007 9:40 PM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features
Tim, I'm not thinking it's difficult. I'm used to m0n0wall where you must have 2 interfaces. Also, the drive I am using is a SATA drive. The only machine I have with a SATA interface is a laptop. Could I use a laptop to set this up with a single interface? If the answer is yes, then I can do it simply enough. If the answer is no, then I'm stuck with not having the hardware to do it in the manner suggested. Chris -Original Message- From: Tim Dickson [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 19, 2007 3:28 PM To: support@pfsense.com Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features Embedded images running on compact flash are not designed for the kinds of page writes that would be involved with most packages. This is to make the system as stable as possible. Once SSD becomes a standard I'm sure they'll take a look at that, but for now - the stability wouldn't be there. As for your install get it up and running on another machine (doesn't matter about the interfaces - just get the LAN setup so you can turn on the console) Then when you swap the drive over it will detect the new interfaces upon boot and you can reassign them. I've done this several times - and it isn't as difficult as you seem to be thinking it is. -Tim -Original Message- From: Chris Bagnall [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 19, 2007 12:14 PM To: support@pfsense.com Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features > the embedded install image has a disk image for putting it on compact > flash, but that wont let you install any packages once up and running. Perhaps the answer might be to modify that behaviour so that packages can be installed onto systems built using the embedded images? Surely that'd resolve the issue the OP was trying to work around? Regards, Chris -- C.M. Bagnall, Director, Minotaur I.T. Limited For full contact details visit http://www.minotaur.it This email is made from 100% recycled electrons - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features
Sean, Will the ISO allow me to install to a hard drive hung off a machine by a USB adapter, or will it only work if the hard drive is connected to the motherboard? I imagine I have to boot a machine off the CD created by the ISO and that will run me through an install to hard drive. Chris From: Sean Cavanaugh [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 19, 2007 2:35 PM To: support@pfsense.com Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features the full install image is an ISO, meaning CD based install. the embedded install image has a disk image for putting it on compact flash, but that wont let you install any packages once up and running. -Sean _ > From: [EMAIL PROTECTED] > To: support@pfsense.com > Date: Wed, 19 Dec 2007 14:09:22 -0500 > Subject: RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features > > > > -Original Message- > From: Chris Buechler [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 19, 2007 1:24 PM > To: support@pfsense.com > Subject: Re: [pfSense Support] Setting up on Soekris NET5501-70 with all features > > Christopher Iarocci wrote: > > Is there no way to default it to the serial console before putting the hard drive in the 5501 except this procedure? This means I have to have a piece of hardware with VGA, keyboard and 2 NIC cards that also will connect a SATA II drive. I don't have that sort of hardware laying around that is not in use. > > > > I appreciate trying to get around modifying the image, but I really need to do it that way due to the hardware constraints. What I really need is a how-to modify the image to have serial enabled on a full pfsense version. Is it as simple as modifying the default config.xml file in the image? > > > > You can modify config.xml or loader.conf, but you need some way to > install to the HD and you can't put a CD-ROM on a 5501, so I don't see > what the problem is with doing it that way. > > I was going to install to the hard drive by using my USB to SATA adapter hung off another computer the same way I do m0n0wall. Will PFSense boot from USB? Maybe I can do it your way if it does. Maybe I am not sure on the install procedure and am missing something. You refer to a CDRom. Is it not possible to download and put the image on a hard drive without a CDRom? Maybe I need to be pointed in the direction of RTFM. I was assuming the image could simply be put on a hard drive using physdiskwrite in the same manner as m0n0wall. > > Chris > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > -- > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.503 / Virus Database: 269.17.4/1189 - Release Date: 12/18/2007 9:40 PM > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > _ i'm is proud to present Cause Effect, a series about real people making a difference. Learn more <http://im.live.com/Messenger/IM/MTV/?source=text_Cause_Effect>
RE: [pfSense Support] Setting up on Soekris NET5501-70 with all features
-Original Message- From: Chris Buechler [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 19, 2007 1:24 PM To: support@pfsense.com Subject: Re: [pfSense Support] Setting up on Soekris NET5501-70 with all features Christopher Iarocci wrote: > Is there no way to default it to the serial console before putting the hard > drive in the 5501 except this procedure? This means I have to have a piece > of hardware with VGA, keyboard and 2 NIC cards that also will connect a SATA > II drive. I don't have that sort of hardware laying around that is not in > use. > > I appreciate trying to get around modifying the image, but I really need to > do it that way due to the hardware constraints. What I really need is a > how-to modify the image to have serial enabled on a full pfsense version. Is > it as simple as modifying the default config.xml file in the image? > You can modify config.xml or loader.conf, but you need some way to install to the HD and you can't put a CD-ROM on a 5501, so I don't see what the problem is with doing it that way. I was going to install to the hard drive by using my USB to SATA adapter hung off another computer the same way I do m0n0wall. Will PFSense boot from USB? Maybe I can do it your way if it does. Maybe I am not sure on the install procedure and am missing something. You refer to a CDRom. Is it not possible to download and put the image on a hard drive without a CDRom? Maybe I need to be pointed in the direction of RTFM. I was assuming the image could simply be put on a hard drive using physdiskwrite in the same manner as m0n0wall. Chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.17.4/1189 - Release Date: 12/18/2007 9:40 PM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Setting up on Soekris NET5501-70 with all features
Is there no way to default it to the serial console before putting the hard drive in the 5501 except this procedure? This means I have to have a piece of hardware with VGA, keyboard and 2 NIC cards that also will connect a SATA II drive. I don't have that sort of hardware laying around that is not in use. I appreciate trying to get around modifying the image, but I really need to do it that way due to the hardware constraints. What I really need is a how-to modify the image to have serial enabled on a full pfsense version. Is it as simple as modifying the default config.xml file in the image? Chris wrote: > > Christopher Iarocci wrote: > > > > None of the images I can download will work with my application. I’m > > setting up PFSense on a Soekris NET5501-70 with a hard drive and wish > > to have all the features. Is there a way to get the serial console > > working on the full version of PFSense? If so, is there a tutorial I > > can follow to do so or does anyone have such an image? Thanks. > > > > You'll have to install with the hard drive in a different machine that > has VGA and keyboard (and can support a CD-ROM). On that same machine, > you can go into the web GUI post-install and enable the serial console > on the advanced page. Then shut it down, move the HD to the 5501, and > power it up. You'll have to reassign interfaces at the serial console, > then you'll be set. > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Setting up on Soekris NET5501-70 with all features
None of the images I can download will work with my application. I'm setting up PFSense on a Soekris NET5501-70 with a hard drive and wish to have all the features. Is there a way to get the serial console working on the full version of PFSense? If so, is there a tutorial I can follow to do so or does anyone have such an image? Thanks. Christopher Iarocci Network Solutions Manager Twin Forks Office Products, Inc. 631-727-3354 X107
