Re: [pfSense] client VPN on IOS

Setup of the server was a bit tricky, but after that no any issues for three years. Search for tutorial on YouTube - plenty hits. On iOS you need install App "OpenVPN" others might work too. Use Client Export Utility to generate setting, than transfer by iTunes or just mail it {security conce

Re: [pfSense] Squid3 with https filtering

On 06/17/2014 05:32 PM A Mohan Rao wrote: > actually i need to block https sites like https facebook or https youtube > etc with transparent proxy. > > now pls give any idea...! You may want to try using the CONNECT method in order to filter HTTPS requests. Those happen before a secure connection

Re: [pfSense] Recommendations for Analyzing Firewall logs

This is bugging me too. Jan 14. 5. 2014 v 21:45, Robert Guerra : > > I’m curious what, if any, packages or tools folks on this list might be using > to analyze Pfsense firewall logs. > > > My interest is to , if possible, have the firewall logs sent to a Remote > Sys

Re: [pfSense] Version 2.1.2 - Thanks for the UNPRECEDENTED Level of Support

It's much appreciated, thanks guys. Well done! :) On 04/11/2014 09:18 AM Mehma Sarja wrote: Thanks go out to Chris, Jim and the whole pfSense team for what must be back breaking work coming on the heels of the 2.1.1 release! This kind of commitment speaks volumes for the quality of products comi

Re: [pfSense] 2.1.2-RELEASE up for testing

Chris, any idea on the schedule? Cheers On 04/09/2014 05:03 PM Chris Buechler wrote: Scratch that - that just missed a commit for another security fix, it's rebuilding now. On Wed, Apr 9, 2014 at 3:48 AM, Chris Buechler wrote: Normally we wouldn't put these out to the general public at this

Re: [pfSense] Limiter via Floating Rules?

Hi Ermal, On 01/08/2014 12:04 AM Ermal Luçi wrote: > Well short answer. > Try with only the second rule stating !from your alias. > > That should give you a working config. but how about multiple departments then? Each of them with a separate set of limiters as well. I'm just trying to understa

Re: [pfSense] Limiter via Floating Rules?

Hi Ermal, On 01/07/2014 07:16 PM Ermal Luçi wrote: > You should use pass action for the first rule and the second which > specified the limiters should stay as is. > This is because match rules do not apply action only remember the decision > to be applied on a later action matching rule like pass

[pfSense] Limiter via Floating Rules?

Hi *, I'm trying to segregate a symmetrical uplink with 20M coming in via a single WAN interface using limiters. My goal is to have a set of "catch-all" limiters - "allUp" and "allDown" for upstream and downstream respectively. Furthermore I'd like to assign specific traffic based on the source a

Re: [pfSense] SIP / Asterisk / PFSense - need to reset states of port 5060 connections

On 01/15/2013 10:18 AM Jan wrote: > ich arbeite ungerne an der Liste vorbei aber vielleicht kann ich euch > telefonisch weiterhelfen. Ich bin nahezu jederzeit unter ... zu > erreichen. Clearly that wasn't meant for the list. I'm lacking sleep. I was just offering him to drop

Re: [pfSense] SIP / Asterisk / PFSense - need to reset states of port 5060 connections

is really annoying problem? ich arbeite ungerne an der Liste vorbei aber vielleicht kann ich euch telefonisch weiterhelfen. Ich bin nahezu jederzeit unter 02302 983 95 85 zu erreichen. Viele Gruesse -- | Jan Dennis Bungart () ascii ribbon campaign | Open

Re: [pfSense] Spanning tree from Provider, Dual pfSense boxes, Redundancy for multiple internal networks

On 08/15/2012 01:54 AM j...@millican.us wrote: > What I am thinking for a revised layout is: > Same two feeds from ISP, one to the WAN NIC on primary, other to WAN NIC on > secondary pfSense. > DMZ and LAN NICs on primary to appropriate VLANs primary switch, same on > Seconday to Secondary switch.

Re: [pfSense] FYI: MS-CHAPv2 (used in PPTP) considered totally insecure

port a bundle that contains a client's configuration as well as the openvpn installer. Having the profile rolled out on the client shouldn't take more than a few minutes. Cheers, Jan signature.asc Description: OpenPGP digital signature ___ L

Re: [pfSense] pfsense/shell ipsec behavior

and add a description if you want, then Save/Apply. [...] -->8-- For further details see: http://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_i

Re: [pfSense] OpenVPN: offsite configuration

#x27;s no option then he might manually set the public ip address by either using the web configurator or the serial console. HTH Cheers Jan signature.asc Description: OpenPGP digital signature ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] [WON'T FIX] pfflowd: Won't export TCP flags on pfSense 2.0.1 ?

On 04/11/2012 09:11 AM Chris Buechler wrote: >> Here you got some sample output from a todays capture ... please note that >> all flag bits are blank: >> > > It's just as I described, that's how it works. It doesn't set flags > because there aren't specific flags on an entire TCP session. The > fl

Re: [pfSense] pfflowd: Won't export TCP flags on pfSense 2.0.1 ?

On 04/10/2012 04:55 PM Jan wrote: > Here you got some sample output from a todays capture ... please note that > all flag bits are blank: Another one in raw format: --8<-- # nfdump -o raw -r nfcapd.201204100925 -c 1 &

Re: [pfSense] pfflowd: Won't export TCP flags on pfSense 2.0.1 ?

Hi Chris, On 04/04/2012 02:21 PM Chris Buechler wrote: > On Wed, Apr 4, 2012 at 1:18 AM, Jan wrote: >> Hi, >> >> on my local pfSense installation running 2.0.1 I'm using pfflowd to send >> netflow datagrams to a centralized collector, which works like a charm. >

[pfSense] pfflowd: Won't export TCP flags on pfSense 2.0.1 ?

k. Bug or feature? Cheers Jan signature.asc Description: OpenPGP digital signature ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] two issues with openVPN

ve a look in your routing table and check if this address isn't routed elsewhere in case your running outbound vpn connections as well (overlapping subnets?). It would be great to have a look at your configuration. Try grabbing for the address in your xml configu

Re: [pfSense] Firewall Rules

Hi, please keep in mind that the ordering is important as well. So just in case you got an "allow all" rule on top of your chain you should place your block rules on top. - Jan On 03/26/2012 08:09 PM Pankaj Kumar wrote: > 192.168.10.14 > > On Mon, Mar 26, 2012 at 5:

Re: [pfSense] how to make tftp proxy work in 2.0

pective interfaces on which the TFTP Proxy Helper shall be active. Further more you might need to create additional rules to allow tftp traffic (port 69) from your LAN to the destinated tftp server address located on the WAN. HTH - Jan signature.asc Description: OpenPGP

Re: [pfSense] [pfSense Support] simultaneous client connection

On 11/13/2011 04:30 PM Jan wrote: > I'd just like to get back at this. I'm running pfSense 2.0-RELEASE and at > the end of the rule set of the WAN interface I've placed the following rule > which is supposed to limit incoming connections to a maximum of 5 > per sec

Re: [pfSense] [pfSense Support] simultaneous client connection

22 So opening a single connection to port 22 works just fine. But opening additional ones are being dropped. Is this a desired behaviour on limiting simultaneous connections or is it either a limitation? Thx - Jan signature.asc Descript

Re: [pfSense] Solution

Indeed ;) On 09/08/2011 03:55 PM Adam Armstrong wrote: > Solution > > HTH > > > > > ___ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list signature.asc Description: OpenPGP digital signature ___