[pfSense] Virtual IP alias on LAN interface as gateway for subnet

Greetings, I have set a virtual ip alias on my lan interface and have to use it as the gateway for that subnet. This alias is on a different subnet, like this: bge0 -> 192.168.0.1/24 bge0 alias -> 10.0.0.1/24 I need it to be the default gateway for both subnets. Is there something else neede

[pfSense] Openvpn site to site problem

Hi list, i have a problem with a vpn site to site psk with 2 pfsense 2.0.1. My problem is that from the firewall everything looks correct, i can ping or ssh the remote client ( i use linux client with no personal firewall). But from the clients i can't reach the remote lan. I don't know where is

Re: [pfSense] Openvpn site to site problem

Hi, do you have special rules in VPN tunnel ? make sure to open OpenVPN ruleset as necessary this is "new" in 2.x; 1.2.x. had no rules in OpenVPN tunnels but per default normally tunnel is open any<>any br stephan ___ List mai

Re: [pfSense] Openvpn site to site problem

Hi, thanks for your help. My firewall rules are in both pfsense: Action: Pass Interface : Openvpn Protocol: Any Source: Any Destionation: Any This are my routing from firewall ( without public ip ): pfsense 1 - client: 10.0.8.1 link#10UH 0 15 ovpnc2 10.0.8

Re: [pfSense] Not connect ipsec vpn remote with local network different to LAN

Thanks thanks thanks Jim, it works Very thanks. I love pfsense...is the best software firewall. Bye. 2012/12/10 Jim Pingle > On 12/10/2012 11:31 AM, may...@maykel.sytes.net wrote: > > ok, well, then only connect with cisco vpn update to pfsense 2.1? > > It has nothing to do with Cisco - it

Re: [pfSense] Openvpn site to site problem

may there are any fw rules there in LAN interface with similar IP's/networks ? some used this under 1.2.x and after upgrading to 2.x this caused issues. onto routing: looks good here a similar setup of mine / 1 side: 192.168.253.13 link#13 UH 0 0 1500 ovpnc1 192.168.253.

Re: [pfSense] Openvpn site to site problem

Hi! Try this: pfsense2 - server: Tunnel network: 10.0.8.0/30 (no need for /24 on site2site) pfsense1 - client: Tunnel network: 10.0.8.0/30 (You can even keep it empty) Keeping or removing the remote network on the client side shouldn't be important, the difference being that if you keep it, you

Re: [pfSense] Openvpn site to site problem

Hi, Thanks for your help. Even in LAN i have : My firewall rules are in both pfsense: Action: Pass Interface : LAN Protocol: Any Source: Any Destionation: Any If i ping the tunnel from a client seem ok: ping 10.0.8.1 --> Ok ping 10.8.8.2 --> OK ping 192.168.8.X --> 100% packet loss Thanks.

Re: [pfSense] Openvpn site to site problem

Hello, You might need a firewall rule for the remote network in your lan rules to force traffic to follow normal routing. In my case (2 WANs), I have a rule defining the defaut gateway for lan traffic. To permit the traffic to remote vpn site, I have to add a rule earlier for the remote network w

Re: [pfSense] Openvpn site to site problem

Hi, even with 10.0.8.0/30 i have the same problem. Any other suggest? 2012/12/19 Vassilis V. : > Hi! > > Try this: > > pfsense2 - server: > Tunnel network: 10.0.8.0/30 (no need for /24 on site2site) > > pfsense1 - client: > Tunnel network: 10.0.8.0/30 (You can even keep it empty) > > Keeping or

Re: [pfSense] Openvpn site to site problem

Sorry i don't understand, in my case i have only a WAN so wich type of rule i need? I need to force the packets to my tunnel network over the vpn even if my routing tables seem ok? My routing tables: 10.0.8.1 link#10UH 08 ovpnc2 10.0.8.2 link#10

Re: [pfSense] Openvpn site to site problem

to make sure: - is tunnel up ? - can you ping from one pfsense the lan ip of the other one ? brgds stephan 2012/12/19 Cristian Del Carlo > Sorry i don't understand, > > in my case i have only a WAN so wich type of rule i need? > > I need to force the packets to my tunnel network over the vpn e

Re: [pfSense] Openvpn site to site problem

My tunnel is up. >From a client i can ping the tunnel interfaces of my vpn but i can't' reach the other network. # ping 10.0.8.1 -> ok # ping 10.0.8.2 -> ok # ping 192.168.8.10 -> 100% packet lost >From both firewall i can ping all the networks: # ping 192.168.8.10 -> Ok # ping 10.0.8.1 -> ok #

Re: [pfSense] Openvpn site to site problem

and the clients on each side can reach internet trough their local pfsense ? so GW info etc is ok ? sometimes it's simply a typo etc in mask/gw etc generally your setup seems to be fine rgds stephan ___ List mailing list List@

Re: [pfSense] Openvpn site to site problem

Ok, then no firewall rules forcing gateway, so let's try something else. Did you configure iroute ? http://openvpn.net/index.php/open-source/documentation/howto.html#scope Read : Including multiple machines on the client side when using a routed VPN It might work :-p Le Wed, 19 Dec 2012 15:19:2

Re: [pfSense] update from 2.0.1 to 2.1 HEAD

On 12/12/12 10:09 pm, David Burgess wrote: Good news: http://forum.pfsense.org/index.php/topic,48256.msg302923.html#msg302923 I haven't tried it myself yet. A quick follow up on this. Having updated my home pfSense to the latest 2.1-beta1 snapshot this evening, I can confirm the long delay whe

[pfSense] excellent article about Anycast

Hi @list, i stumbled over a excellent article about Anycast. What it is, how to apply it. http://ignore-your.tv/?p=54559 hope some others find the article helpful and interesting. cheers M. -- = = = http://michael-schuh.net/ = = = Projektmanagement - IT-Consulting - Professional Services I