-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Kyle Marek
Sent: Thursday, February 15, 2018 10:38 AM
To: pfSense Support and Discussion Mailing List ; Eero
Volotinen
Subject: Re: [pfSense] Configs or
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Marco
Sent: Sunday, February 11, 2018 2:30 PM
To: list@lists.pfsense.org
Subject: Re: [pfSense] Port forwards don't work on one machine
> I ran a wireshark on the destination and it received packets when
>
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Marco
Sent: Sunday, February 11, 2018 2:30 PM
To: list@lists.pfsense.org
Subject: Re: [pfSense] Port forwards don't work on one machine
> I ran a wireshark on the destination and it received packets when
>
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Chris L
Sent: Sunday, February 11, 2018 1:43 PM
To: pfSense Support and Discussion Mailing List
Subject: Re: [pfSense] Port forwards don't work on one machine
> What interface is
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
Volotinen
Sent: Sunday, December 17, 2017 11:02 AM
To: pfSense Support and Discussion Mailing List
Subject: Re: [pfSense] pfsense crashing
> Need to test that tomorrow. Just
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
Volotinen
Sent: Sunday, December 17, 2017 5:28 AM
To: pfSense Support and Discussion Mailing List
Subject: [pfSense] pfsense crashing
> After updating and restoring config to
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
Volotinen
Sent: Saturday, November 25, 2017 5:35 AM
To: pfSense Support and Discussion Mailing List
Subject: [pfSense] pfsense openvpn speed?
> We are running pfsense 2.3 on
While working on another issue I noticed that on the lan interface which
does not have dhcp relay enabled, the pfsense box is receiving and
retransmitting
dhcp requests.
In this case, the dhcp server itself lies on the same vlan and interface that
the client exists on hence the relay is not
> The two are unlikely to be related.
>
> The "pf wedged" message can happen in some race conditions if multiple
> actions are happening, attempting to hit pf in the same way at the same
> moment. In most cases it's noteworthy but otherwise harmless.
I had made several rule additions, removals
> Check your states table size.
Low, right now it is only at %0.002 full and while I don't have that info
from the time of the failure I think it is safe to say it wasn't much different.
Thanks,
jlc
___
pfSense mailing list
I have a site that has grown significantly over time and the role pfsense plays
went from only providing internet and vpn connectivity to routing between 2
dozen vlans at gig speeds. We are considering replacing the hardware and aren't
sure if the site is at the point where dedicated equipment is
I recently received an error that the pf table was wedged and had been reset
while making changes. A few days later, a vlan stopped passing dhcp traffic
and filter reload did not resolve it, I actually had to reboot the unit.
Has anyone seen this, are there configurations known to produce this
Does a facility exist to bypass the UI and invoke a static config for an
openvpn server?
I do not see a means through the web ui to create a configuration which permits
static
addressing in subnet mode?
Thanks,
jlc
___
pfSense mailing list
I have a 2.2.6 appliance with a server running topology subnet with a pool
defined (172.31.1.0/24) which has "Address Pool" unchecked and a ccd for
a client with a 'push "ifconfig 172.31.1.42 255.255.255.0"' directive.
When a 2.3 client connects, it simply takes the next ip after server. In the
hi joseph,
i use for this scenario two pfsense appliance.
the devices are two apu.1d4 with 4 gb ram,
16 gb msata harddisk and 3 nics.
internal network ( about
30 vlan ) vlan s are on the core router with default gateway pfsense
appliance.
for internet access i have two provider.
I have a server that includes the rrddata element when choosing not backup this
data
and duplicates it when you do backup rrd data. I had a look through the issue
tracker and
did not see anything open or recent that is related.
Anyone seen this before?
Thanks,
jlc
I have a server that includes the rrddata element when choosing not backup
this data
and duplicates it when you do backup rrd data. I had a look through the issue
tracker and
did not see anything open or recent that is related.
Anyone seen this before?
Had a chance to look at this again,
I had to restore a config from a 2.1.4 system to new hardware. The original
system had
vlans and as expected the restore prompted to re-assign the opt interfaces as
the nic
types were different but I had to reset the vlans first. After rebooting, it
kept asking for
the wan/lan assignment and
The new hardware has new MAC Addresses - they are assigned based on the MAC
and not LAN1, LAN2 and LAN3.
Not from the two systems I just checked...
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
I assume this is why snapshots.pfsense.org is offline (or at least not
answering) right now?
In the release announcement are links to upgrade binaries, not all the mirrors
are populated
yet, find one. In the same rel announcement is an upgrade guide link that
explains how to
perform the
Hello,
Thanks, but I believe what you are referring to is only an option for an
OpenVPN connection. I am referring to Mobile IPSEC, as described at:
http://doc.pfsense.org/index.php/Mobile_IPsec_on_2.0
Oops, my bad. Check 'Provide a list of accessible networks to clients' in
the Mobile
Is there any way to change this so only traffic destined for the pfSense
LAN is routed through the mobile IPSEC connection?
Certainly, uncheck 'Redirect Gateway', define 'Local Network' as required and
push only the applicable additional routes to the client if any...
jlc
lan1 192.168.9.0 --- pfsense1 (client openvpn) -- pfsense2
(server openvpn) -- lan 2 192.168.8.0
/var/etc/openvpn/server1.conf
route 192.168.9.0 255.255.255.0
push route 192.168.8.0 255.255.255.0
This looks right.
/var/etc/openvpn-csc/fw-target
iroute 192.168.9.0 255.255.255.0
We switched providers and are utilizing a 3 way bonded dsl setup aggregated
behind a Mikrotik unit.
I am seeing some less than expected throughput and certain types of connections
like rdp/rsync are hanging and need to be restarted.
The provider suggested to enable an MTU on the wan link to 1460
You don't want MTU, you want MSS clamping.
Appreciate the confirmation, some reading and trial and error had me try this
and I am
running at a value of 1360 which has more than tripled my outbound throughput.
How does this affect the similar settings available in an Openvpn instance
passing
I'm currently trying to configure pfSense firewall in a VMWare machine.
There is apparently a limit of 10 vNICs on Vsphere 5, but I would need
this firewall to access 11 networks. Since all the networks in VMWare
are already tagged vlans, I don't really how to overcome this limit.
Don't see
For each tunnel with different ip ranges it's neccessarry to use a unique
OpenVPN server.
I don't, I have several remote sites that connect to one instance, each has its
its own /30 assigned via client configs. There are rules defined with
source/dest
that control which sites see what on which
I have a situation where I need a multiple wan ip addresses, the site has
several
reserved ip’s handed out by a dhcp server, but they all share the same gateway.
I'm not aware of any way this with multiple opt interfaces, a virtual ip won't
work
as far as I know since its needs it ip
28 matches
Mail list logo