AW: AW: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
I'll have to check... last time i tested it messed up openvpn-server... so i'd say, it'll be seen in pfSense 1.3... perhaps in 1.2... cannot tell until now... I'm trying with tos also for openvpn for traffic priorisation... We'll see... Martin -Ursprüngliche Nachricht- Von: Mike Lee [mailto:[EMAIL PROTECTED] Gesendet: Samstag, 19. Mai 2007 00:42 An: support@pfsense.com Betreff: Re: AW: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two) Ok. I'll just hold tight for now. Do you know if this functionality will make it into the final 1.2 release or will it be in future point (1.3, etc.) releases? Thanks. Mike Fuchs, Martin wrote: Shaping only works from client side at the moment... I'm looking how to shape from server side but at the monemt it's not possible... -Ursprüngliche Nachricht- Von: Mike Lee [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 18. Mai 2007 22:48 An: support@pfsense.com Betreff: Re: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two) Sorry guys, but when I looked at the OpenVPN server options on one of our OpenVPN boxes running the 5/14 snapshot, I don't see any options for shaping the tunnel. Below are the options I have: Disable this tunnel Protocol Dynamic IP Local port Address pool Use static IPs Local network Remote network Client-to-client VPN Cryptography Authentication method Shared key etc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mike Lee IT Manager - Biosource America Biosource America, Inc. The contents of this e-mail correspondence are considered confidential and privileged and otherwise protected from disclosure by BIOSOURCE AMERICA, INC., a wholly owned subsidiary of Nova Biosource Fuels, Inc. This correspondence and its contents are for distribution to and for use by the named parties only. If you have received this correspondence in error, please contact us without delay. -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.4.1 (Darwin) mQGiBEZN5H8RBADDzHaIUMPXer3aBqLUGF8h+sRdSTvUAIueqzd9Lbxwn0S09sYf J6X4gnmxjoZDyN+aCAQQxK1biAd95nPn0vbyIoEIaPo0UYgG9KjsKK4DHNv0C/Os ttYVzJX3rsezB87GTFHznYzJxIXFJZoKyXcW2SQp9wUhpaEw7ddA3DJyDwCghoXq IS4wyPK0M9qAXNKGjmWt7bkD/RJAqY7GdMFTTmu1MZ+hbmfHT0pdsS3KoBGTlngP mvbL2cIS0KeB7haYLGcjddrg2E0FiC1I9NBuwVrfvA8mItemHshYo+YkQHblAUhc JQC7dGTQU+YimJyp3HnGRKvONfb6uvSfQDcYARINqcS75+ufJgmdH2ZZXogjDS7N WnKFBAC7/+VM1FkVZRS4TIk2JiIEz1h9zBlRADJzzTTf+WeJvWCrXeEQ5TaPEH7X Xvc8g30uP9xSK/1fQ8G1eb+jvXBHnZOfyjXqHFK/dPzp1z+XHTkGq6ByvcWg5jnf BPL2zOF3c003mVPqUinnLdUbGc5K7SDScN5/+6CQWNFg4NNLZLQ5TWljaGFlbCBM ZWUgKEJpb3NvdXJjZSBBbWVyaWNhKSA8bWxlZUBiaW9zb3VyY2VmdWVscy5jb20+ iGQEExECACQFAkZN5H8CGwMFCQHhM4AGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQ QSbcfXk9NL9z1ACeN6SIM02US339IcsCIOAHZHuJ0/QAn1mgTuKU6yfbtdEvg0by cd+nb4E+uQINBEZN5NAQCADg7GcN/KjGb7pa6qQvOFz4YGDj0vigYGh5s6PKeUoM TW65h5zOcWmJYsYNv7Rg90RFOdRS/sqaOrmBD1bGuC3jN+JXM71vnHK+P/nNlT2y DoP3xJgGDqbqr74cjNSxaaVQnr7k2Ns2hHpG/b5oYB0Dn6UTkOvPIfRYFnENq1X0 /YmAEVSCUF5pjmcykXbuZ8AfX4zoBVH/js6ufY14yqhIiGzxYralrS69ATTL65VH wOWmU54bMX9iOWBySBnj46lEjn4KLsrouL04m6cKKO2w1aeR8vu12UxxLcAdMQ3b vE83p6CW1bC0h/ifyziThNznm3Pk3dBQlVxSVanVjnb3AAMFB/4oV7FIjunmDsvP Fczv/4femQsSMYEt6VdsU16R6u4ZpTNmupSVdJy+Gr+AzDzvvdkk/FFenywaU/WG aWamv456oRKe26jJQxAbKXIdlL3pGsSu+E8eirgZB//rNfUvc5zBAVjE3kfDSr6X MlzBlMiQIRWtakxGB2I/R9YrHQ0AwPzMM4ENE915tc6hRHJhQu/bcHjhhszxmB+I T+rHnsbOj6h0K8m1CW8FNhwTHBmHAJERoD8zwNOHMgXXQ0Ll8eXtrM9FlcGKzglq f+sWoKTBS+esKp/wAXHJgZVlkxL855ln+YdRhUvLZnuNTYf6Xme4Lf3G60pBxUbh h6CSIarAiE8EGBECAA8FAkZN5NACGwwFCQHhM4AACgkQQSbcfXk9NL8nVwCdGYBD K2HaCtPrv5B1JZHNiAQl4H4AnR5QcJV7O3+NoMsC3nzjJ2NB6QGy =hkcV -END PGP PUBLIC KEY BLOCK- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
In the latest snap 14-5 it's present... Von: Mike Lee [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 18. Mai 2007 18:30 An: support@pfsense.com Betreff: Re: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two) Are you talking about the most recent 1.2 beta snapshot? I am running 1.2beta1 from 5/9/07 and it does not have this feature on the OpenVPN client setup. Thanks again. Mike Fuchs, Martin wrote: Have a look at the openvpn client in the actual snapshot, there's the option to shape an entire tunnel from clientside... perhaps it helps... -Ursprüngliche Nachricht- Von: Mike Lee [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 18. Mai 2007 15:46 An: support@pfsense.com Betreff: Re: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two) Martin, Actually this is exactly what I want. I want to shape the entire OpenVPN tunnel entirely. This is because I will only be passing VoIP traffic within this tunnel. Therefore, if I want to run my VoIP OpenVPN tunnel over the standard port 1194 then I would like to shape all traffic on port 1194. I have tried this by using the wizard, specifying I want to shape VoIP, and then going and modifying the VoIP shaping rules to shape only port 1194. Unfortunately, I never see the traffic in the VoIP queue when I place calls to our remote offices over the OpenVPN tunnel. Thanks. Mike Fuchs, Martin wrote: The general problem is not solved until now - encrypted tunnels cannot be shaped... There's the possibility to shape a whole OpenVPN tunnel (clientside) for outgoing traffic, but I believe this is not what wou really want... What you are planning is some sort of traffic shaping on port based rules. It might be possible to do so, but perhaps you better ask scott for this when he's back from bsdcan... Regards, Martin -Ursprüngliche Nachricht- Von: Mike Lee [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 17. Mai 2007 16:40 An: support@pfsense.com Betreff: [pfSense Support] Shaping OpenVPN Tunnels (Take two) Hello Everyone, I did some searching and found this previous discussion on shaping OpenVPN tunnels: http://forum.pfsense.org/index.php?PHPSESSID=836df07da7c9becd9259e22e1847c7aetopic=3013.0 Basically the discussion ended with, that you cannot shape the OpenVPN tunnels because openvpn uses the TUN interface and the shaper looks for traffic on the LAN interface heading towards the WAN to shape. My question is, since this discussion is somewhat old, has there been any more progress/talk on getting the OpenVPN tunnels to shape properly? I would like to be able to shape them because I have some remote offices and plan on using OpenVPN tunnels for VoIP. I know you cannot shape traffic within VPN tunnels because they are encrypted, but I am planning on using specific ports for certain tunnels to pass only VoIP traffic through and shaping those OpenVPN ports. Thanks in advance. Mike Lee - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
The option resides in the OpenVPN server configuration screen.
Scott
On 5/18/07, Mike Lee [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've upgraded my embedded client to
1.2-BETA-1-TESTING-SNAPSHOT-05-14-2007 and I still don't
see the
option to shape the entire tunnel under the OpenVPN-Client screen. Am
I looking in the wrong area. I also tried to create a new tunnel and
no shaping option either. Also re-ran the shaping wizard and no
OpenVPN option. Thanks again for your help, it's much appreciated.
Mike
**
Fuchs, Martin wrote:
!-- /* Font Definitions */ @font-face {font-family:Cambria Math;
panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;} @font-face {font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal,
li.MsoNormal, div.MsoNormal {margin:0cm; margin-bottom:.0001pt;
font-size:12.0pt; font-family:Times New Roman,serif;
color:black;} a:link, span.MsoHyperlink {mso-style-priority:99;
color:blue; text-decoration:underline;} a:visited,
span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple;
text-decoration:underline;} pre {mso-style-priority:99;
mso-style-link:HTML Vorformatiert Zchn; margin:0cm;
margin-bottom:.0001pt; font-size:10.0pt; font-family:Courier New;
color:black;} span.HTMLVorformatiertZchn {mso-style-name:HTML
Vorformatiert Zchn; mso-style-priority:99; mso-style-link:HTML
Vorformatiert; font-family:Consolas; color:black;}
span.E-MailFormatvorlage19 {mso-style-type:personal-reply;
font-family:Calibri,sans-serif; color:#1F497D;}
MsoChpDefault
{mso-style-type:export-only; font-size:10.0pt;} @page Section1
{size:612.0pt 792.0pt; margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.Section1 {page:Section1;} --
In the latest snap 14-5 it's present…
*Von:* Mike Lee [mailto:[EMAIL PROTECTED]
*Gesendet:* Freitag, 18. Mai 2007 18:30
*An:* support@pfsense.com
*Betreff:* Re: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels
(Take two)
Are you talking about the most recent 1.2 beta snapshot? I am
running 1.2beta1 from 5/9/07 and it does not have this feature on
the OpenVPN client setup. Thanks again.
Mike
Fuchs, Martin wrote:
Have a look at the openvpn client in the actual snapshot, there's the
option to shape an entire tunnel from clientside... perhaps it helps...
-Ursprüngliche Nachricht-
Von: Mike Lee [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 18. Mai 2007 15:46
An: support@pfsense.com mailto:support@pfsense.com
Betreff: Re: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Martin,
Actually this is exactly what I want. I want to shape the entire
OpenVPN tunnel entirely. This is because I will only be passing VoIP
traffic within this tunnel. Therefore, if I want to run my VoIP OpenVPN
tunnel over the standard port 1194 then I would like to shape all
traffic on port 1194. I have tried this by using the wizard, specifying
I want to shape VoIP, and then going and modifying the VoIP shaping
rules to shape only port 1194. Unfortunately, I never see the traffic
in the VoIP queue when I place calls to our remote offices over the
OpenVPN tunnel.
Thanks.
Mike
Fuchs, Martin wrote:
The general problem is not solved until now - encrypted tunnels
cannot be shaped...
There's the possibility to shape a whole OpenVPN tunnel (clientside)
for outgoing traffic, but I believe this is not what wou really want...
What you are planning is some sort of traffic shaping on port based
rules.
It might be possible to do so, but perhaps you better ask scott for
this when he's back from bsdcan...
Regards,
Martin
-Ursprüngliche Nachricht-
Von: Mike Lee [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 17. Mai 2007 16:40
An: support@pfsense.com mailto:support@pfsense.com
Betreff: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Hello Everyone,
I did some searching and found this previous discussion on
shaping
OpenVPN tunnels:
http://forum.pfsense.org/index.php?PHPSESSID=836df07da7c9becd9259e22e1847c7aetopic=3013.0
Basically the discussion ended with, that you cannot shape the
OpenVPN tunnels because openvpn uses the TUN interface and the shaper
looks for traffic on the LAN interface heading towards the WAN to
shape. My question is, since this discussion is somewhat old, has
there
been any more progress/talk on getting the OpenVPN tunnels to shape
properly?
I would like to be able to shape them because I have some remote
offices and plan on using OpenVPN tunnels for VoIP. I know you
cannot
shape traffic within VPN tunnels because they are
Re: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've upgraded my embedded client to
1.2-BETA-1-TESTING-SNAPSHOT-05-14-2007 and I still don't see the
option to shape the entire tunnel under the OpenVPN-Client screen. Am
I looking in the wrong area. I also tried to create a new tunnel and
no shaping option either. Also re-ran the shaping wizard and no
OpenVPN option. Thanks again for your help, it's much appreciated.
Mike
**
Fuchs, Martin wrote:
!-- /* Font Definitions */ @font-face {font-family:Cambria Math;
panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;} @font-face {font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal,
li.MsoNormal, div.MsoNormal {margin:0cm; margin-bottom:.0001pt;
font-size:12.0pt; font-family:Times New Roman,serif;
color:black;} a:link, span.MsoHyperlink {mso-style-priority:99;
color:blue; text-decoration:underline;} a:visited,
span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple;
text-decoration:underline;} pre {mso-style-priority:99;
mso-style-link:HTML Vorformatiert Zchn; margin:0cm;
margin-bottom:.0001pt; font-size:10.0pt; font-family:Courier New;
color:black;} span.HTMLVorformatiertZchn {mso-style-name:HTML
Vorformatiert Zchn; mso-style-priority:99; mso-style-link:HTML
Vorformatiert; font-family:Consolas; color:black;}
span.E-MailFormatvorlage19 {mso-style-type:personal-reply;
font-family:Calibri,sans-serif; color:#1F497D;} .MsoChpDefault
{mso-style-type:export-only; font-size:10.0pt;} @page Section1
{size:612.0pt 792.0pt; margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.Section1 {page:Section1;} --
In the latest snap 14-5 it’s present…
*Von:* Mike Lee [mailto:[EMAIL PROTECTED]
*Gesendet:* Freitag, 18. Mai 2007 18:30
*An:* support@pfsense.com
*Betreff:* Re: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels
(Take two)
Are you talking about the most recent 1.2 beta snapshot? I am
running 1.2beta1 from 5/9/07 and it does not have this feature on
the OpenVPN client setup. Thanks again.
Mike
Fuchs, Martin wrote:
Have a look at the openvpn client in the actual snapshot, there's the
option to shape an entire tunnel from clientside... perhaps it helps...
-Ursprüngliche Nachricht-
Von: Mike Lee [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 18. Mai 2007 15:46
An: support@pfsense.com mailto:support@pfsense.com
Betreff: Re: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Martin,
Actually this is exactly what I want. I want to shape the entire
OpenVPN tunnel entirely. This is because I will only be passing VoIP
traffic within this tunnel. Therefore, if I want to run my VoIP OpenVPN
tunnel over the standard port 1194 then I would like to shape all
traffic on port 1194. I have tried this by using the wizard, specifying
I want to shape VoIP, and then going and modifying the VoIP shaping
rules to shape only port 1194. Unfortunately, I never see the traffic
in the VoIP queue when I place calls to our remote offices over the
OpenVPN tunnel.
Thanks.
Mike
Fuchs, Martin wrote:
The general problem is not solved until now - encrypted tunnels
cannot be shaped...
There's the possibility to shape a whole OpenVPN tunnel
(clientside) for outgoing traffic, but I believe this is not what wou
really want...
What you are planning is some sort of traffic shaping on port based
rules.
It might be possible to do so, but perhaps you better ask scott for
this when he's back from bsdcan...
Regards,
Martin
-Ursprüngliche Nachricht-
Von: Mike Lee [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 17. Mai 2007 16:40
An: support@pfsense.com mailto:support@pfsense.com
Betreff: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Hello Everyone,
I did some searching and found this previous discussion on shaping
OpenVPN tunnels:
http://forum.pfsense.org/index.php?PHPSESSID=836df07da7c9becd9259e22e1847c7aetopic=3013.0
Basically the discussion ended with, that you cannot shape the
OpenVPN tunnels because openvpn uses the TUN interface and the shaper
looks for traffic on the LAN interface heading towards the WAN to
shape. My question is, since this discussion is somewhat old, has
there
been any more progress/talk on getting the OpenVPN tunnels to shape
properly?
I would like to be able to shape them because I have some remote
offices and plan on using OpenVPN tunnels for VoIP. I know you cannot
shape traffic within VPN tunnels because they are encrypted, but I am
planning on using specific ports for certain tunnels to pass only VoIP
traffic through and shaping those OpenVPN ports.
Thanks in advance.
Mike Lee
Re: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Oh. I though you meant the client side. I'll upgrade our main pfSense
box (server-side) and try again. Thanks and have a great weekend.
Mike
Scott Ullrich wrote:
The option resides in the OpenVPN server configuration screen.
Scott
On 5/18/07, Mike Lee [EMAIL PROTECTED] wrote:
I've upgraded my embedded client to
1.2-BETA-1-TESTING-SNAPSHOT-05-14-2007 and I still don't
see the
option to shape the entire tunnel under the OpenVPN-Client screen. Am
I looking in the wrong area. I also tried to create a new tunnel and
no shaping option either. Also re-ran the shaping wizard and no
OpenVPN option. Thanks again for your help, it's much appreciated.
Mike
**
Fuchs, Martin wrote:
!-- /* Font Definitions */ @font-face {font-family:Cambria Math;
panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;} @font-face {font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal,
li.MsoNormal, div.MsoNormal {margin:0cm; margin-bottom:.0001pt;
font-size:12.0pt; font-family:Times New Roman,serif;
color:black;} a:link, span.MsoHyperlink {mso-style-priority:99;
color:blue; text-decoration:underline;} a:visited,
span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple;
text-decoration:underline;} pre {mso-style-priority:99;
mso-style-link:HTML Vorformatiert Zchn; margin:0cm;
margin-bottom:.0001pt; font-size:10.0pt; font-family:Courier New;
color:black;} span.HTMLVorformatiertZchn {mso-style-name:HTML
Vorformatiert Zchn; mso-style-priority:99; mso-style-link:HTML
Vorformatiert; font-family:Consolas; color:black;}
span.E-MailFormatvorlage19 {mso-style-type:personal-reply;
font-family:Calibri,sans-serif; color:#1F497D;}
MsoChpDefault
{mso-style-type:export-only; font-size:10.0pt;} @page Section1
{size:612.0pt 792.0pt; margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.Section1 {page:Section1;} --
In the latest snap 14-5 it's present
*Von:* Mike Lee [mailto:[EMAIL PROTECTED]
*Gesendet:* Freitag, 18. Mai 2007 18:30
*An:* support@pfsense.com
*Betreff:* Re: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels
(Take two)
Are you talking about the most recent 1.2 beta snapshot? I am
running 1.2beta1 from 5/9/07 and it does not have this feature on
the OpenVPN client setup. Thanks again.
Mike
Fuchs, Martin wrote:
Have a look at the openvpn client in the actual snapshot, there's the
option to shape an entire tunnel from clientside... perhaps it helps...
-Ursprüngliche Nachricht-
Von: Mike Lee [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 18. Mai 2007 15:46
An: support@pfsense.com mailto:support@pfsense.com
Betreff: Re: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Martin,
Actually this is exactly what I want. I want to shape the entire
OpenVPN tunnel entirely. This is because I will only be passing VoIP
traffic within this tunnel. Therefore, if I want to run my VoIP
OpenVPN
tunnel over the standard port 1194 then I would like to shape all
traffic on port 1194. I have tried this by using the wizard,
specifying
I want to shape VoIP, and then going and modifying the VoIP shaping
rules to shape only port 1194. Unfortunately, I never see the traffic
in the VoIP queue when I place calls to our remote offices over the
OpenVPN tunnel.
Thanks.
Mike
Fuchs, Martin wrote:
The general problem is not solved until now - encrypted tunnels
cannot be shaped...
There's the possibility to shape a whole OpenVPN tunnel
(clientside)
for outgoing traffic, but I believe this is not what wou really want...
What you are planning is some sort of traffic shaping on port
based
rules.
It might be possible to do so, but perhaps you better ask scott
for
this when he's back from bsdcan...
Regards,
Martin
-Ursprüngliche Nachricht-
Von: Mike Lee [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 17. Mai 2007 16:40
An: support@pfsense.com mailto:support@pfsense.com
Betreff: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Hello Everyone,
I did some searching and found this previous discussion on
shaping
OpenVPN tunnels:
http://forum.pfsense.org/index.php?PHPSESSID=836df07da7c9becd9259e22e1847c7aetopic=3013.0
Basically the discussion ended with, that you cannot shape the
OpenVPN tunnels because openvpn uses the TUN interface and the
shaper
looks for traffic on the LAN interface heading towards the WAN to
shape. My question is, since this discussion is somewhat old, has
there
been any more progress/talk on getting the OpenVPN tunnels to
shape
properly?
I would like to be able to shape them because I have some
remote
offices and plan on using OpenVPN tunnels for VoIP. I know you
Re: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Sorry guys, but when I looked at the OpenVPN server options on one of our OpenVPN boxes running the 5/14 snapshot, I don't see any options for shaping the tunnel. Below are the options I have: Disable this tunnel Protocol Dynamic IP Local port Address pool Use static IPs Local network Remote network Client-to-client VPN Cryptography Authentication method Shared key etc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Shaping only works from client side at the moment... I'm looking how to shape from server side but at the monemt it's not possible... -Ursprüngliche Nachricht- Von: Mike Lee [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 18. Mai 2007 22:48 An: support@pfsense.com Betreff: Re: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two) Sorry guys, but when I looked at the OpenVPN server options on one of our OpenVPN boxes running the 5/14 snapshot, I don't see any options for shaping the tunnel. Below are the options I have: Disable this tunnel Protocol Dynamic IP Local port Address pool Use static IPs Local network Remote network Client-to-client VPN Cryptography Authentication method Shared key etc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two)
Ok. I'll just hold tight for now. Do you know if this functionality will make it into the final 1.2 release or will it be in future point (1.3, etc.) releases? Thanks. Mike Fuchs, Martin wrote: Shaping only works from client side at the moment... I'm looking how to shape from server side but at the monemt it's not possible... -Ursprüngliche Nachricht- Von: Mike Lee [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 18. Mai 2007 22:48 An: support@pfsense.com Betreff: Re: AW: AW: AW: [pfSense Support] Shaping OpenVPN Tunnels (Take two) Sorry guys, but when I looked at the OpenVPN server options on one of our OpenVPN boxes running the 5/14 snapshot, I don't see any options for shaping the tunnel. Below are the options I have: Disable this tunnel Protocol Dynamic IP Local port Address pool Use static IPs Local network Remote network Client-to-client VPN Cryptography Authentication method Shared key etc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mike Lee IT Manager - Biosource America Biosource America, Inc. The contents of this e-mail correspondence are considered confidential and privileged and otherwise protected from disclosure by BIOSOURCE AMERICA, INC., a wholly owned subsidiary of Nova Biosource Fuels, Inc. This correspondence and its contents are for distribution to and for use by the named parties only. If you have received this correspondence in error, please contact us without delay. -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.4.1 (Darwin) mQGiBEZN5H8RBADDzHaIUMPXer3aBqLUGF8h+sRdSTvUAIueqzd9Lbxwn0S09sYf J6X4gnmxjoZDyN+aCAQQxK1biAd95nPn0vbyIoEIaPo0UYgG9KjsKK4DHNv0C/Os ttYVzJX3rsezB87GTFHznYzJxIXFJZoKyXcW2SQp9wUhpaEw7ddA3DJyDwCghoXq IS4wyPK0M9qAXNKGjmWt7bkD/RJAqY7GdMFTTmu1MZ+hbmfHT0pdsS3KoBGTlngP mvbL2cIS0KeB7haYLGcjddrg2E0FiC1I9NBuwVrfvA8mItemHshYo+YkQHblAUhc JQC7dGTQU+YimJyp3HnGRKvONfb6uvSfQDcYARINqcS75+ufJgmdH2ZZXogjDS7N WnKFBAC7/+VM1FkVZRS4TIk2JiIEz1h9zBlRADJzzTTf+WeJvWCrXeEQ5TaPEH7X Xvc8g30uP9xSK/1fQ8G1eb+jvXBHnZOfyjXqHFK/dPzp1z+XHTkGq6ByvcWg5jnf BPL2zOF3c003mVPqUinnLdUbGc5K7SDScN5/+6CQWNFg4NNLZLQ5TWljaGFlbCBM ZWUgKEJpb3NvdXJjZSBBbWVyaWNhKSA8bWxlZUBiaW9zb3VyY2VmdWVscy5jb20+ iGQEExECACQFAkZN5H8CGwMFCQHhM4AGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQ QSbcfXk9NL9z1ACeN6SIM02US339IcsCIOAHZHuJ0/QAn1mgTuKU6yfbtdEvg0by cd+nb4E+uQINBEZN5NAQCADg7GcN/KjGb7pa6qQvOFz4YGDj0vigYGh5s6PKeUoM TW65h5zOcWmJYsYNv7Rg90RFOdRS/sqaOrmBD1bGuC3jN+JXM71vnHK+P/nNlT2y DoP3xJgGDqbqr74cjNSxaaVQnr7k2Ns2hHpG/b5oYB0Dn6UTkOvPIfRYFnENq1X0 /YmAEVSCUF5pjmcykXbuZ8AfX4zoBVH/js6ufY14yqhIiGzxYralrS69ATTL65VH wOWmU54bMX9iOWBySBnj46lEjn4KLsrouL04m6cKKO2w1aeR8vu12UxxLcAdMQ3b vE83p6CW1bC0h/ifyziThNznm3Pk3dBQlVxSVanVjnb3AAMFB/4oV7FIjunmDsvP Fczv/4femQsSMYEt6VdsU16R6u4ZpTNmupSVdJy+Gr+AzDzvvdkk/FFenywaU/WG aWamv456oRKe26jJQxAbKXIdlL3pGsSu+E8eirgZB//rNfUvc5zBAVjE3kfDSr6X MlzBlMiQIRWtakxGB2I/R9YrHQ0AwPzMM4ENE915tc6hRHJhQu/bcHjhhszxmB+I T+rHnsbOj6h0K8m1CW8FNhwTHBmHAJERoD8zwNOHMgXXQ0Ll8eXtrM9FlcGKzglq f+sWoKTBS+esKp/wAXHJgZVlkxL855ln+YdRhUvLZnuNTYf6Xme4Lf3G60pBxUbh h6CSIarAiE8EGBECAA8FAkZN5NACGwwFCQHhM4AACgkQQSbcfXk9NL8nVwCdGYBD K2HaCtPrv5B1JZHNiAQl4H4AnR5QcJV7O3+NoMsC3nzjJ2NB6QGy =hkcV -END PGP PUBLIC KEY BLOCK- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
