Re: [pfSense Support] Upgrade from m0n0 to pfSense?
Hi Holger, I could not have multiwan work here. Tryed with OPT1 and OPT2 for wan, can you have some example of configuration? Thanks Moacyr - Original Message - From: Holger Bauer [EMAIL PROTECTED] To: support@pfsense.com; [EMAIL PROTECTED] Sent: Tuesday, August 23, 2005 9:15 AM Subject: AW: [pfSense Support] Upgrade from m0n0 to pfSense? Hi, first: pfSense isn't able to do 2 pppoe at the moment. A workaround is to use a router in front of the second wan of the pfsense and set the pfsense's second wan ip as dmz in this router. second: if you want to use loadbalancing I have to disappoint you too. It needs some work still but should be implemented soon. multiwan however works (sending out traffic type a via wan1 and type b via wan2). third: I think nobody has tested uploading a pfsense-image to the m0n0 webgui. It might be possible if you raise the php-upload-size of the m0n0 first to accept the larger image and if you have enough room to upload it. there will be a much smaller cf-image with one of the next versions, so you might just want to wait for that. Holger -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 23. August 2005 11:52 An: support@pfsense.com Betreff: [pfSense Support] Upgrade from m0n0 to pfSense? Hi, is it possible to upgrade from a CF-Card Version of m0n0wall to pfSense? pfSense seems to be more reasonable to me, due to need of two PPPoE Connections... Regards, Tim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Upgrade from m0n0 to pfSense?
I did this with 0.74 and 0.76 but no sucess. I have one LAN and three WAN. put gateway in the OPT1 and OPT2 interfaces created nat outbound for lan via WAN OPT1 and OPT2 created rules for http for each interface by now reading again the post of multi-wan in the blogspot I have doubt about the rules. I can have outgoing http for X machines via WAN and other rule for Y machines via OPT1? I will test this again. Thanks Moacyr - Original Message - From: Holger Bauer [EMAIL PROTECTED] To: Moacyr Leite da Silva [EMAIL PROTECTED]; support@pfsense.com Sent: Tuesday, August 23, 2005 10:11 AM Subject: AW: [pfSense Support] Upgrade from m0n0 to pfSense? http://pfsense.blogspot.com/2005/06/multi-wan.html -Ursprüngliche Nachricht- Von: Moacyr Leite da Silva [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 23. August 2005 14:30 An: support@pfsense.com Betreff: Re: [pfSense Support] Upgrade from m0n0 to pfSense? Hi Holger, I could not have multiwan work here. Tryed with OPT1 and OPT2 for wan, can you have some example of configuration? Thanks Moacyr - Original Message - From: Holger Bauer [EMAIL PROTECTED] To: support@pfsense.com; [EMAIL PROTECTED] Sent: Tuesday, August 23, 2005 9:15 AM Subject: AW: [pfSense Support] Upgrade from m0n0 to pfSense? Hi, first: pfSense isn't able to do 2 pppoe at the moment. A workaround is to use a router in front of the second wan of the pfsense and set the pfsense's second wan ip as dmz in this router. second: if you want to use loadbalancing I have to disappoint you too. It needs some work still but should be implemented soon. multiwan however works (sending out traffic type a via wan1 and type b via wan2). third: I think nobody has tested uploading a pfsense-image to the m0n0 webgui. It might be possible if you raise the php-upload-size of the m0n0 first to accept the larger image and if you have enough room to upload it. there will be a much smaller cf-image with one of the next versions, so you might just want to wait for that. Holger -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 23. August 2005 11:52 An: support@pfsense.com Betreff: [pfSense Support] Upgrade from m0n0 to pfSense? Hi, is it possible to upgrade from a CF-Card Version of m0n0wall to pfSense? pfSense seems to be more reasonable to me, due to need of two PPPoE Connections... Regards, Tim - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Upgrade from m0n0 to pfSense?
On 8/23/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
As a test, I tried to create a rule to send all VNC traffic over the
OPT1 WAN interface, but it always used the default WAN interface.
I must be missing something. How can this be done when the second WAN
interface has a static IP?
Possibly, possibly not.Check /tmp/rules.debug for the rule that
your adding and please post it here to see if the gateway portion is
being added correctly for the rule in question.
# NAT Inbound Redircts
...
rdr on xl2 proto tcp from any to port 5900 - 192.168.1.230 port 5900
rdr on xl1 proto tcp from any to port 5900 - 192.168.1.230 port 5900
# User-defined rules follow
...
pass in quick on $WANII proto tcp from any to { 192.168.1.230 } port =
5900 keep state label USER_RULE: NAT Allow VNC to buzz via WAN2
...
That's inbound. The multi-wan code we're talking about is outbound.
By default inbound traffic to an IP will return out the
interface/gateway it came in on (as long as you have a gateway setup
in the interface config). It's up to the user to get the inbound
traffic on the right link, via DNS, or IP, or whatever other trick.
--Bill
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Upgrade from m0n0 to pfSense?
Crud, that explains a lot...
I at least think that I have the outbound NAT entries setup for WAN and OPT1:
nat on xl2 from 192.168.1.0/24 to any - (xl2)
nat on xl1 from 192.168.1.0/24 to any - (xl1)
I seem to be stuck trying to create an outbound rule. Everything I
try says pass in in the User-defined rules section of rules.debug.
:(
On 8/23/05, Bill Marquette [EMAIL PROTECTED] wrote:
On 8/23/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
As a test, I tried to create a rule to send all VNC traffic over the
OPT1 WAN interface, but it always used the default WAN interface.
I must be missing something. How can this be done when the second WAN
interface has a static IP?
Possibly, possibly not.Check /tmp/rules.debug for the rule that
your adding and please post it here to see if the gateway portion is
being added correctly for the rule in question.
# NAT Inbound Redircts
...
rdr on xl2 proto tcp from any to port 5900 - 192.168.1.230 port 5900
rdr on xl1 proto tcp from any to port 5900 - 192.168.1.230 port 5900
# User-defined rules follow
...
pass in quick on $WANII proto tcp from any to { 192.168.1.230 } port =
5900 keep state label USER_RULE: NAT Allow VNC to buzz via WAN2
...
That's inbound. The multi-wan code we're talking about is outbound.
By default inbound traffic to an IP will return out the
interface/gateway it came in on (as long as you have a gateway setup
in the interface config). It's up to the user to get the inbound
traffic on the right link, via DNS, or IP, or whatever other trick.
--Bill
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
