Re: [pfSense-discussion] WRAP and WAP

2005-12-02 Thread Nick Buraglio
Some of the centrally managed stuff can push over 30mbps "real world", the Meru and Trapeze stuff supposedly can. This is of course using something like iperf that just moves packets. Adding a B client will of course slow it down. - Nic

Re: [pfSense-discussion] WRAP and WAP

2005-12-02 Thread Nick Buraglio
Agreed, I was speaking generally and strictly from testing I've seen or done. I should have clarified that I was comparing with Cisco AP12xx and not pfsense. - Nick Buraglio [EMAIL PROTECTED] GnuPG Key: 0x2E5B44F4 On Dec 2, 2005, at 11:48 AM

Re: [pfSense-discussion] Clients... ugh

2006-02-01 Thread Nick Buraglio
The netscreens are not too bad, I have experience with the ns5400's and the little ns5gt. They have a decent gui but the cli is a little unintuitive until you get used to it. They start getting pretty pricey when you start adding interfaces too. As a different approach you could always

[pfSense-discussion] captive portal user base

2006-02-13 Thread Nick Buraglio
Of those of you that have been using the captive portal, how large and diverse are your user bases? I'm going to test this under simulated load and on a limited test base but I'm curious if given some higher end hardware if the portal can handle a few hundred heavy users daily. I see no r

Re: [pfSense-discussion] Routing

2006-02-18 Thread Nick Buraglio
What are the issues you have with your ISP? Are you sure they are related to routing? I was the senior network engineer for a decent sized ISP for years and in my experience last mile problems are almost always relate to the telco and not [dynamic] routing. Why do you feel you need dyn

Re: [pfSense-discussion] Routing

2006-02-18 Thread Nick Buraglio
Just to clarify, I'm not trying to discourage but more to see if what you want to do will actually solve your problem and not just be a lot of work for little or no gain. nb On Feb 18, 2006, at 9:32 PM, Nick Buraglio wrote: What are the issues you have with your ISP? Are you sure

Re: [pfSense-discussion] Routing

2006-02-19 Thread Nick Buraglio
em and not just be a lot of work for little or no gain. nb On Feb 18, 2006, at 9:32 PM, Nick Buraglio wrote: What are the issues you have with your ISP? Are you sure they are related to routing? I was the senior network engineer for a decent sized ISP for years and in my experience last mile

Re: [pfSense-discussion] Routing

2006-02-20 Thread Nick Buraglio
This is somewhat related... I just ran the shaping wizard (which I had not done in quite some time) has it changed much? It seemed to be a little different to me. Didn't there used to be an option to not use the wizard and create your own rules (I'm trying to remember how I did it)? Is there

Re: [pfSense-discussion] Routing

2006-02-20 Thread Nick Buraglio
On Feb 20, 2006, at 10:29 AM, Bill Marquette wrote: On 2/20/06, Nick Buraglio <[EMAIL PROTECTED]> wrote: This is somewhat related... I just ran the shaping wizard (which I had not done in quite some time) has it changed much? It seemed to be a little different to me. Not visibly - b

Re: [pfSense-discussion] [OT] Networking help

2006-02-21 Thread Nick Buraglio
Take it out and test without it. If the results are the same then you can point at them. Why is the Cisco in there? If I'm understand correctly, you have: [some internet connecton] <=> [Cisco 2500] <=> [pfSense box] <=> [LAN] Is the cisco doing some kind of routing? What is the model of

Re: [pfSense-discussion] [OT] Networking help

2006-02-21 Thread Nick Buraglio
ng in stages; Last mile, provider, some facility that has decent connectivity, etc.. How are you testing? On Feb 21, 2006, at 12:52 PM, Nick Buraglio wrote: Take it out and test without it. If the results are the same then you can point at them. Why is the Cisco in there? If I'm

Re: [pfSense-discussion] licience of php interface ?

2006-02-28 Thread Nick Buraglio
Isn't a lot of this substantially lower layer feature? A lot (not the static udp stuff) of what you're wanting is pf level development work. That said, last time I had looked at the pf list (which was a whiile ago) they were not interested in adding a lot of "goo" into pf, but instead kee

Re: [pfSense-discussion] licience of php interface ?

2006-03-01 Thread Nick Buraglio
On Mar 1, 2006, at 9:31 AM, Adam Gibson wrote: Nick Buraglio wrote: Isn't a lot of this substantially lower layer feature? A lot (not the static udp stuff) of what you're wanting is pf level development work. That said, last time I had looked at the pf list (which was a

Re: [pfSense-discussion] pfSense merge with freebsd?

2006-03-09 Thread Nick Buraglio
Could you just grab the /tmp/rules.debug file? On Mar 9, 2006, at 2:08 PM, DarkFoon wrote: I am curious if it is possible to "merge"-for want of a better word- pfSense with a FreeBSD install. Why? Well, I have a client who wants to integrate everything into 1 box if possible. I told him its

Re: [pfSense-discussion] PFSense and Tables

2006-06-26 Thread Nick Buraglio
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I've been thinking about adding pftabled to pfsense but have not had the time to really do it yet since I'm slow at writing the gui parts. It's certainly possible to use pftabled to remotely manipulate a pf table, even via scripts. If I get so

Re: [pfSense-discussion] PFSense and Tables

2006-06-26 Thread Nick Buraglio
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 That was what I was thinking, and it does present a hurdle to jump if implementing pftabled. nb On Jun 26, 2006, at 6:07 PM, Bill Marquette wrote: On 6/26/06, Nick Buraglio <[EMAIL PROTECTED]> wrote: -BEGIN PGP SIGNED MESSAGE

Re: [pfSense-discussion] Captive portal per user bandwitdh limiting

2006-07-05 Thread Nick Buraglio
Does m0n0 still use dummynet for it's packet scheduling? I have not used it in years. nb On Jul 5, 2006, at 10:14 AM, Scott Ullrich wrote: On 7/5/06, Jan-Patrick Perisse <[EMAIL PROTECTED]> wrote: I see that captive portal with per user bandwitdh limiting has been implemented in monowall

[pfSense-discussion] ipv6 stuff

2006-08-03 Thread Nick Buraglio
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Is there an easy way to get the pfsense gui to see a gif interface that I create manually? I'm working on some v6 stuff via a public v6 delegation (and a tunnel) and want to be able to use the gui of the rule generation if possible. If not I can prob

Re: [pfSense-discussion] ipv6 stuff

2006-08-07 Thread Nick Buraglio
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You're the man, thanks. nb Scott Ullrich wrote: > On 8/3/06, Nick Buraglio <[EMAIL PROTECTED]> wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> Is there an easy way to get the pfsense gui t

Re: [pfSense-discussion] tftp server

2006-09-27 Thread Nick Buraglio
On a side note, I was always taught to use boot tftp:// as a last effort to get the boxes booted, if it can't load anything else.   For example:boot system flash disk0:s72033-pk9sv-mz.122-18.SXD7.binboot system flash sup-bootflash: s72033-pk9sv-mz.122-18.SXD5.binboot system tftp tftpserver:/cisco/6

Re: [pfSense-discussion] PPPoE and multiple IP addresses

2006-10-30 Thread Nick Buraglio
FYI, this is pretty standard (assigning a framed-route via radius or whatever) for business class DSL provisioning.  I did this all the time when I worked for an ISP and rolled my own DSL.    As far as I've seen most DSL providers that use PPPoE (ATT is the big one) do it this way.  nbOn 10/30/06

Re: [pfSense-discussion] Re: Logging on to a syslog server

2006-11-12 Thread Nick Buraglio
On 11/10/06, Marcus Bajohr <[EMAIL PROTECTED]> wrote: Sanjay Arora wrote:> I wish to enable logging of events onto a syslog server on the LAN> segment. Can somebody tell me about the security & operational issues> involved?>> e.g.> > - Do I introduce any security vulnerability in selecting logging

[pfSense-discussion] Any active quagga development?

2006-11-30 Thread Nick Buraglio
Is there any active development being done on the quagga package? I noticed it's still on my local mirror but not in the packages list. I started messing around with making it work since I have need for "simple" ospf. Since I'm lazy by nature I don't want to replicate work being done by someon

Re: [pfSense-discussion] Any active quagga development?

2006-11-30 Thread Nick Buraglio
Cool, thanks for the quick response. nb On 11/30/06, Bill Marquette <[EMAIL PROTECTED]> wrote: As far as I know, nobody with commit access is working on this and I haven't seen anything regarding someone else working on it. --Bill On 11/30/06, Nick Buraglio <[EMAIL PROTECTED

Re: [pfSense-discussion] Intel 82559ER switch

2007-06-17 Thread Nick Buraglio
What was the OS that had the support that you suggested? nb On 6/17/07, RB <[EMAIL PROTECTED]> wrote: > > As things stand, devices on separate ports are capable of communicating with each other, but the traffic is unseen on fxp0. > Well, this is the normal behaviour of a switch... Agreed - I

Re: [pfSense-discussion] Intel 82559ER switch

2007-06-17 Thread Nick Buraglio
/suggested/expected/ On 6/17/07, Nick Buraglio <[EMAIL PROTECTED]> wrote: What was the OS that had the support that you suggested? nb On 6/17/07, RB <[EMAIL PROTECTED]> wrote: > > > As things stand, devices on separate ports are capable of communicating with each othe

Re: [pfSense-discussion] pfsense, pri goal, stop p2p traffic

2007-06-22 Thread Nick Buraglio
There is a fine line between useful access and too little access in a campus environment. I've had pretty good luck in the MDUs I've put pfsense boxes in. Doing direct comparison to other products like L7-filter based linux boxes and some commercial solutions the pfsense box does what it does an

Re: [pfSense-discussion] drawing network diagrams

2007-07-11 Thread Nick Buraglio
Although not freeware, omnigraffle is a nice alternative if you have a Mac. nb -Original Message- From: Chris Buechler <[EMAIL PROTECTED]> Date: Wed, 11 Jul 2007 22:16:57 To:discussion@pfsense.com Subject: Re: [pfSense-discussion] drawing network diagrams On Wed, 2007-07-11 at 13:18

Re: [pfSense-discussion] jumbo frames

2007-08-07 Thread Nick Buraglio
Is there a reason you're running jumbo frames? If you're going to enable it you should run it on all interfaces that touch the segment. It will likely work on lower mtu devices but it is certainly not beat practice to mix and match. If you are running it internally to gain performance then yo

Re: [pfSense-discussion] jumbo frames

2007-08-07 Thread Nick Buraglio
On 8/7/07, Eugen Leitl <[EMAIL PROTECTED]> wrote: > > On Tue, Aug 07, 2007 at 01:00:55PM +, Nick Buraglio wrote: > > Is there a reason you're running jumbo frames? If you're going to > > I need more performance on NFS and RDP (assuming, RDP can make > use

Re: [pfSense-discussion] Captive portal could not deterimine clients MAC address

2007-09-05 Thread Nick Buraglio
What wireless AP are you using? nb On 9/5/07, Tunge2 <[EMAIL PROTECTED]> wrote: > > Hello, > Are we the only one with this problem, with PFsense? Iám running the > newste version *1.2-RC2* > built on Mon Aug 20 12:41:04 EDT 2007 > > The only router is our PFsense router... > >

Re: [pfSense-discussion] traffic limit ssh transfers?

2007-10-03 Thread Nick Buraglio
You can QoS based on the ToS bit for SCP transfers if that is something you're worried about. nb On 10/3/07, Andrew C Burnette <[EMAIL PROTECTED]> wrote: > Hey guys, > > any dirty tricks in pfsense to limit the amount of bandwidth on ssh > transfers outbound? I've got 5Mbps upload bandwidth, bu

Re: [pfSense-discussion] traffic shapper & squid

2008-02-27 Thread Nick Buraglio
I guess I should be more clear, I've been using transparent squid + altq traffic shaping for a lng time without issues. I have *not*, however, tried using the penalize feature with squid. nb On 2/27/08, Nick Buraglo <[EMAIL PROTECTED]> wrote: > I've been using this on several high traffic s

Re: [pfSense-discussion] Pfsense without NAT

2008-03-14 Thread Nick Buraglio
You can also choose to disable nat for a routing only platform, which may work a little better for what you are wanting to do. If memory serves, it is a check box in system / advanced. nb On Mar 14, 2008, at 9:11 AM, Mark Crane <[EMAIL PROTECTED]> wrote: This should help: Setup a transpar