Re: [pfSense] Connect pfSense as client to a Hotel WLAN?

On Wed, Jul 29, 2015 at 7:59 PM, Ray wrote: > Hi, > > I run pfSense on a few ALIX boxes, usually as tunnel end and as access > point. When I can plug one of these machines into any (wired) network, I > have easy access to my home network through the private WLAN the ALIX > provides. > > This works

Re: [pfSense] DHCP Relay attaching to wrong interface

On Sat, Jul 25, 2015 at 8:06 AM, Juan Bernhard wrote: > Hi list, first I want to congratulates all pfsense developoers for this > magnificent piece of software. > > I think I found a simple bug: > I configuring a pfsense in a single server to replace a cisco 2821 and an > asa 5520, and at the mome

[pfSense] Connect pfSense as client to a Hotel WLAN?

Hi, I run pfSense on a few ALIX boxes, usually as tunnel end and as access point. When I can plug one of these machines into any (wired) network, I have easy access to my home network through the private WLAN the ALIX provides. This works beautifully. I travel a lot and today hotels only pr

[pfSense] OpenVPN -> nat -> IPSec tunnel

Hi. I've a working IPSec tunnel to another endpoint. I'd like to be able to access this tunnel from OpenVPN. Right now I have: LAN: 10.1.1.0/24 IPSEC remote: 10.99.99.0/24 OpenVPN: 172.16.12.0/24 Since I cannot change the IPSec network I'd like to NAT the OpenVPN net to the tunnel. I added a se

Re: [pfSense] Problem with load vpn status

Hi!. Yes, it was quick: - For setkey -D its took: 0.253u 0.276s 0:31.37 1.6% 93+178k 0+0io 0pf+0w - And for setkey -DP: 0.017u 0.008s 0:00.02 50.0% 204+408k 0+0io 0pf+0w And.. we are talking about 157 vpn, So what can we do with this delay?, do you need another parse code or additional info

Re: [pfSense] DHCP Relay attaching to wrong interface

El 27/07/2015 a las 08:07 p.m., Juan Pablo escribió: hola Juan! dont know if you solved this, what you trying to achieve here? what's your wan interface IP doing there? =) can you provide more info, maybe an idea of the topology? bye, me hola juan pablo! Sorry for the delay, I had a bad week.

Re: [pfSense] Problem with load vpn status

On Wed, Jul 29, 2015 at 10:24 AM, Edward Josette Ortega Salas < edward.jose...@gmail.com> wrote: > Status -> Ipsec, i have between 15 and 20min delay for show the > information. > How long do these commands take to run on the command line: setkey -D setkey -DP If these are quick, I'd suspect t

Re: [pfSense] How do I harden my pfsense install WRT TLS and ssh?

On 29.07.2015 18:02, Vick Khera wrote: > On Tue, Jul 28, 2015 at 4:12 PM, Moshe Katz wrote: > >> Again, I agree with you that this shouldn't affect your score. I am >> simply explaining why they do it. > based on this explanation, i agree. there's no reason for them to demand > your certifica

Re: [pfSense] How do I harden my pfsense install WRT TLS and ssh?

On Tue, Jul 28, 2015 at 4:12 PM, Moshe Katz wrote: > Again, I agree with you that this shouldn't affect your score. I am > simply explaining why they do it. > based on this explanation, i agree. there's no reason for them to demand your certificate also signs any other domain name as long as i

Re: [pfSense] Suricata alert suppression

For posterity, I found references in the web forum that the "stream" rules basically don't work the way IDS is set up on pfSense so should be disabled. I believe the issue is that it looks at the traffic in parallel so packets might be processed out of order. Still not sure why

[pfSense] Problem with load vpn status

Greetings! I have a problem with my pfsense ( *2.2.2-RELEASE *(amd64) built on Mon Apr 13 20:10:22 CDT 2015 FreeBSD 10.1-RELEASE-p9 ), i have 157 ipsecc tunnel and everything working fine, but when i get into Status -> Ipsec, i have between 15 and 20min delay for show