2.4
Am 2017-05-16 13:30, schrieb Sean Cavanaugh:
> The only sane way to do this on a single box would be by installing a
> hypervisor on the server ( such as VMware ESXi) and running pfsense as
> a virtual machine within it as well as a second virtual machine to
> host any other
The only sane way to do this on a single box would be by installing a
hypervisor on the server ( such as VMware ESXi) and running pfsense as a
virtual machine within it as well as a second virtual machine to host any other
non-firewall related applications (MySQL, FreeRADIUS).
There is obviousl
As a general note, I have had trouble with them if I run the adapter through a
USB3 hub and then connect to an Ethernet cable. The system would periodically
kernel panic and once I plugged it directly into the USB3 slot on the box, then
the problems went away.
On Mon, May 02, 2016 at 09:56:49AM +
thanks.
On Wed, Feb 24, 2016 at 07:15:21PM +, Espen Johansen wrote:
> Remove the wlan card. Then remove config. It sounds like you might have a
> irq or other resource allocation problem. But without any more details its
> hard to say.
>
> On Wed, Feb 24, 2016, 19:51 Sean Pohl w
wlan to talk
> add rules for the subnets to talk to each other.
>
> On Wed, Feb 24, 2016, 19:12 Sean Pohl
> wrote:
>
> > The problem is an endless boot-loop on my pfSense installation after I
> > made one
> > change to the WLAN interface.
> >
> > I hav
The problem is an endless boot-loop on my pfSense installation after I made one
change to the WLAN interface.
I have an older x86 32 bit machine with three NICs:
1. On-board Ethernet
2. Ethernet card
3. WLAN 801.11g
I was able to configure the WAN & LAN interfaces just fine. When I enable
Torrent traffic: maybe with a good L7 filter (not tried this myself).
But HTTPS proxies and SSL VPN's forget about it.
It's a game of whack-a-mole. As soon as you squash one, three more will
pop-up.
You can't block SSL. You'd need to get a real web filtering solution and
by that I mean a serv
LOL. That simple eh?
Thanks.
On Mar 4, 2015 8:27 PM, "Randy Bush" wrote:
> > Pardon the hijack but if I was using dnsmasq and upgraded to 2.2 and
> wanted
> > to use unbound instead whats the best way to switch? (Note: already did
> > the upgrade to 2.2).
>
> services / dns forwarder / disable
>
Pardon the hijack but if I was using dnsmasq and upgraded to 2.2 and wanted
to use unbound instead whats the best way to switch? (Note: already did
the upgrade to 2.2).
On Sat, Feb 28, 2015 at 11:37 AM, Brian Candler wrote:
> On 28/02/2015 15:16, Randy Bush wrote:
>
>> if i upgraded, can i cau
2015 at 4:18 PM, Sean wrote:
> LOL. This guy gets it.
> When I get in trouble there's an almost retired telephony tech in my
> office who speaks this arcane serial language.
> I send him mfg pinouts and they'll make me a custom cable in a pinch. To
> me it's all ju
Thompson wrote:
> Let me know when you want to hear the story of a paper tape reader, a pick
> and place machine, and “speed select” (pin 23 on a DB-25 wired for EIA
> RS-232-C)
>
> On Feb 27, 2015, at 1:55 PM, Sean wrote:
>
> You also need a real NULL modem cable. Actually there&
You also need a real NULL modem cable. Actually there's probably nothing
wrong with your USB to Serial.
The blue Cisco cables are rollover cables. They are not NULL modem
cables. Welcome to serial cable pinout hell. ;-)
Some of us have been here a long time. I'm no expert but i've got 3
differ
direction through pfSense
> (LAN->WAN).
> - to repeat myself, NFS works fine at ~1gbps between the same client and
> server without pfSense in the middle.
>
> Ergo, I conclude it's something pfSense-related. Haven't had a chance to
> turn off of scrub yet.
> -Adam
smFails* in the file /proc/net/snmp;
> this is the number of fragment reassembly failures. if it goes up too
> quickly during heavy file activity, you may have a problem.
>
Since this is not an NFS support list I suggest you let this die here lest
you incur the spite of the moderators. ;-)
Not a TCP expert but the MTU is nearly always 1500 (or just under) hence
your limit. Sending packets greater than the MTU will lead to
fragmentation. Fragmentation leads to re-transmissions (depends on do not
fragment bit?) and performance problems. Performance problems leads to
frustration and
now. Got a few various brands of them at work too
with no issues yet. ;-)
On Mon, Nov 3, 2014 at 6:58 PM, Jeppe Øland wrote:
> On Mon, Nov 3, 2014 at 4:25 PM, Sean wrote:
> > http://www.newegg.com/Product/Product.aspx?Item=N82E16820161493 <--
> notice
> > the 4,000,000 MTBF
&g
Ok. Admittedly I'm too lazy to read all of that but to throw in my 2 cents
this is what i built my pfSense on back in summer of 2012 and I have no
regrets. Total cost was just under $200 like 2 and a half years ago. It
has no moving parts, low wattage, and I've not had a single issue. Very
litt
CDBurnerXP (just google it) is decent free CD burning software for
Windows. If you're properly burning the ISO as an image and not just
dragging and dropping an ISO file onto a data disc and burning it then I
don't think it matters what software you use. Windows 7 even includes an
extremely simpl
You could also just switch the NICs from the console to make the former
outside interface the inside interface and so on. Then you'd be able to
access the web GUI. Or in VMWare change the Virtual LANs that the NICs are
attached to. Or set a static and manually connect your client PC to the
(form
You don't. If you want the VLAN to be untagged (native VLAN 10) then you
set the switch port to be native VLAN 10. i.e. if it's Cisco you set it as
an "access" port in VLAN10 and the pfSense interface connected to that port
gets no VLAN settings at all. By nature of the switch setting all traffi
Who is the list mom and why is he/she not responding to this?
On Jul 22, 2014, at 6:12 PM, Ryan Coleman wrote:
> Look fuck nut: branded and shipped hardware is 100% on topic. Thank you.
>
>
>> On Jul 22, 2014, at 20:10, Jim Thompson wrote:
>>
>> Very little if this thread is related to pfSe
t the CDP
issue.
-Sean
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
On Behalf Of Wade Blackwell
Sent: Saturday, October 26, 2013 4:00 PM
To: list@lists.pfsense.org; supp...@pfsense.org
Subject: [pfSense] 802.1q dhcp and pf 2.1 and esxi 5.0
Good afternoon all,
Crappy email client and top posting.
also remember the config for pfSense is stored in XML, not the .conf file
directly.
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] On
Behalf Of Adam Thompson
Sent: Tuesday, October 22, 2013 10:38 AM
To: pfSense support and di
-Original Message-
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
On Behalf Of Vieri
Sent: Saturday, September 15, 2012 6:59 PM
To: pfSense support and discussion
Subject: Re: [pfSense] pfSense features
Thanks everyone for your feedback on such a general que
> -Original Message-
> From: list-boun...@lists.pfsense.org
[mailto:list-boun...@lists.pfsense.org]
> On Behalf Of Vieri
> Sent: Friday, September 14, 2012 2:50 PM
> To: list@lists.pfsense.org
> Subject: [pfSense] pfSense features
>
> Hi,
>
> I'm new to pfSense and FreeBSD. I'm coming f
Personal experience is that full TOE impairs speed. Every server we’ve had that
has it enabled gets lowered network throughput. Checksum would be only
offloading that would benefit.
PowerD under VM doesn’t do anything. VMware already does those types of power
management.
From: list-b
gt; On 8/13/2012 7:43 PM, Sean Cavanaugh wrote:
> > The following input errors were detected:
> > . The IP address must not be within the DHCP range for this interface.
> >
> > This seems counter intuitive as every other DHCP server that I dealt
> > with it HAS to be wi
input errors were detected:
. The IP address must not be within the DHCP range for this interface.
This seems counter intuitive as every other DHCP server that I dealt with it
HAS to be within the range, just puts a reservation on it.
Am I missing something or is this a bug?
This is why I just hit the reset button on the modem to reset the MAC
address lock.
-Original Message-
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
On Behalf Of Gavin Will
Sent: Wednesday, July 04, 2012 12:26 PM
To: pfSense support and discussion
Subject: Re
ying 5 dollars for a soda? It's your call. Sometimes you're THAT
thirsty.
-Sean
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
hat having WAN on RFC1918 space fucks up
site to site IPsec tunnel?
On Fri, Jun 01, 2012 at 02:36:21PM -0400, Sean Cavanaugh wrote:
> If provider is providing you NATed internet access...my best guess is
> you
It's not NATed. They're rewriting the packet headers. The only NAT there
]
> On Behalf Of Eugen Leitl
> Sent: Friday, June 01, 2012 12:58 PM
> To: pfSense support and discussion
> Subject: Re: [pfSense] can it be that having WAN on RFC1918 space fucks up
> site to site IPsec tunnel?
>
> On Fri, Jun 01, 2012 at 12:53:08PM -0400, Sean Cavanaugh wrote:
How are you connecting to your 10.x.x.x address if that address space is
non-routable over the internet? Are you NATing from the true internet edge
device you have?
> -Original Message-
> From: list-boun...@lists.pfsense.org
[mailto:list-boun...@lists.pfsense.org]
> On Behalf Of Eugen Leit
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
On Behalf Of Lazy Sod
Sent: Tuesday, May 01, 2012 1:44 PM
To: list@lists.pfsense.org
Subject: [pfSense] pfsense gaming
Looking to switch from Monowall to Pfsense for gaming reasons; I have one
Xbox 360 and have had no l
> -Original Message-
> From: list-boun...@lists.pfsense.org
[mailto:list-boun...@lists.pfsense.org]
> On Behalf Of Sean Cavanaugh
> Sent: Tuesday, May 01, 2012 12:25 PM
> To: 'pfSense support and discussion'
> Subject: Re: [pfSense] pf vrs mono?
>
> -Original Message-
> From: list-boun...@lists.pfsense.org
[mailto:list-boun...@lists.pfsense.org]
> On Behalf Of Andrew @ ATMlogic.ca
> Sent: Tuesday, May 01, 2012 12:02 PM
> To: 'pfSense support and discussion'
> Subject: Re: [pfSense] pf vrs mono?
>
> >You have the same subnet on WAN
I honestly see TOE cause more issues than its supposed to fix. Basic
hardware offload seems to work fine for me.
Besides switching in a server will never match speed of an ASIC
-Original Message-
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
On Behalf Of Kar
> To: list@lists.pfsense.org
> From: u...@lubik.ca
> Date: Thu, 22 Mar 2012 10:02:58 -0400
> Subject: [pfSense] sflow/netflow software
>
> Hi,
>
> Any recommendations for free software for sflow/netflow data analysis?
>
> Thanks,
>
> Ugo
>
the cisco tool is free
http://www.cisco.com/en/US/pr
I could lie and show a screen cap of mine that claims it has and uses 10g
interfaces :-p
Realistically, there are sizing guides on the forum/wiki to handle different
bandwidths. People are running them gig+ in production datacenters. Golden
rule of routers/firewalls: "The more rules/actions/ad
39 matches
Mail list logo
