Hi All,
I'm dealing again with the task of publishing my servers' services over
two different internet connections (in conjuncion with load balancing
outgoing traffic over the same internet connections).
Now I'll give you more detailed informations.
My firewall is a pc with pfsense
172.16.0.2:80 - 192.168.0.200:80 - 192.168.0.36:4196
SYN_SENT:ESTABLISHED.
This is a connection from your LAN not from OPT.
sai
On 5/8/07, Quirino Santilli [EMAIL PROTECTED] wrote:
Hi All,
I'm dealing again with the task of publishing my servers' services over two
different internet
beta 1 of pfSense 1.2
Services: DHCP server
We enable DHCP Server in LAN.
We have saved some MAC address of different computers.
Some of the MAC are going to receive a fixed IP, but others don't have an IP
assigned, so they take one from the dynamic range.
When we activate Enable Static ARP
On Mon, 07 May 2007 19:23:54 -0500, Sonny Mounicou wrote
It seems to be sporadic. I've only noticed it with 802.11B enabled
(instead of G only) on my wrap. Its happened twice, and each time
cycling the atheros card using the interface fixes the problem. My
wrap stays running and I can
Hmm, as far as I see in the forum, people is asking the same behaviour that we
expect.
Is there any way to:
1. Restrict dynamic IPs to registered mac addresses, and
2. Restrict traffic for all static IP addresses that are not listed in the
static mappings
Is it any thinking in adding this
I've disabled NATT support in the client and no change... Does anyone
else use the Shrewsoft IPSEC client but do not have these problems? Is
it a possibility I'm having problems since my pfSense box is on a
dynamic PPPoE connection?
If I am able to somehow resolve this, I would be more than
On 5/8/07, Pablo Montoro Escaño [EMAIL PROTECTED] wrote:
Hmm, as far as I see in the forum, people is asking the same behaviour that we
expect.
Is there any way to:
1. Restrict dynamic IPs to registered mac addresses, and
2. Restrict traffic for all static IP addresses that are not listed in
The way I understand it this is the behavior that we exhibit now?
well, not really...
1.- if I select Enable Static ARP entries, then clients asking a dynamic IP
can not have it (even if the MAC is saved).
2.- if I DON'T select Enable Static ARP entries, then clients in LAN with
static IP
On 5/8/07, Pablo Montoro Escaño [EMAIL PROTECTED] wrote:
The way I understand it this is the behavior that we exhibit now?
well, not really...
1.- if I select Enable Static ARP entries, then clients asking a dynamic IP
can not have it (even if the MAC is saved).
2.- if I DON'T select Enable
I am not sure I understand the issue. I enabled static arp and
created a manual mapping and it is appearing in the arp table as it
should:
? (192.168.1.22) at 00:00:5e:00:01:31 on ed0 permanent [ethernet]
Scott
On 5/8/07, Scott Ullrich [EMAIL PROTECTED] wrote:
On 5/8/07, Pablo Montoro
On May 7, 2007, at 5:50 PM, Tim Nelson wrote:
That tutorial is aimed at a site to site link although I used it as
a basis to configure my pfSense box...
The configuration on the pfsense server is identical for site-to-
site with non-fixed endpoint of remote, and for site-to-pc with a non-
I think the issue is that Pablo has no IP for the MAC in question. He
wants it to get a dynamic allocation from DHCP. The problem I believe
is that you have to static assign an IP to the MAC hence, his setup
cannot work. We shouldn't allow for MACs w/out static IPs to be
configured, I'd
On 5/8/07, Bill Marquette [EMAIL PROTECTED] wrote:
I think the issue is that Pablo has no IP for the MAC in question. He
wants it to get a dynamic allocation from DHCP. The problem I believe
is that you have to static assign an IP to the MAC hence, his setup
cannot work. We shouldn't allow
On 5/8/2007, Tim Nelson [EMAIL PROTECTED] wrote:
I've disabled NATT support in the client and no change... Does anyone
else use the Shrewsoft IPSEC client but do not have these problems? Is
it a possibility I'm having problems since my pfSense box is on a
dynamic PPPoE connection?
If I am able
Matthew Grooms wrote:
I assure you, the client works fine. I use FreeBSD 6.2, NetBSD 3.1 and
several versions of Linux to test with on a regular basis. The 2.0
version also works with Cisco, Juniper, Zywal and a bunch of other
devices.
What version of pfsense do you have installed? I will
Hi !
Can it be there's something wrong with the system logs in the 7-5
snapshot ?
The logiles are created in var/logs but there's nothing displayed in the
gui...
Regards,
Martin
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
Hi !
Since I upgraded to 1.2beta1 i realize some traffic freezes sometimes.
The WAN interface is up (using PPPoE) and seems to have an IP. When
disconnectine and reconnecting (if down / if up) it does not solve the
matter.
pfSense itself is reachable...
Only a reboot fixes this problem.
I
Fuchs, Martin möchte die Nachricht Traffic-System-Freezes in 1.2beta1
zurückrufen.
Hi !
I know it was fixed some time ago but now it seems tob e back :-(
The snort package sometimes blocks the WAN default gateway assignes by
the isp, so that no traffic can pass thru :-(
Can anyone approve this ?
MArtin
-
To
http://cvstrac.pfsense.com/tktview?tn=1310
On 5/8/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
Can it be there's something wrong with the system logs in the 7-5
snapshot ?
The logiles are created in var/logs but there's nothing displayed in the
gui...
Regards,
Martin
Ok, checked this out, seems tob e the snort thing... sorry...
-Ursprüngliche Nachricht-
Von: Fuchs, Martin [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 9. Mai 2007 01:05
An: support@pfsense.com
Betreff: [pfSense Support] Traffic-System-Freezes in 1.2beta1
Hi !
Since I upgraded to
Reinstall snort about 10 minutes from now and let me know if it solves
the issue.
Scott
On 5/8/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
I know it was fixed some time ago but now it seems tob e back :-(
The snort package sometimes blocks the WAN default gateway assignes by
the isp, so
I'll do... it blocks icmp BSDtype tot he gateway... perhaps this helps...
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 9. Mai 2007 01:24
An: support@pfsense.com
Betreff: Re: [pfSense Support] SNORT issue
Reinstall snort about 10 minutes from
And it seems to block the local IP also... more often the local ip than the
gateway as it seems...
For example when pfsense wants to check for packages it kicks the local
wan-ip... and it's on snort-blocked list...
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Looks better now :-)
I'll have a longer look at it...
But if you added the local WAN ip to the permanent whitelist or else the
error should be gone...
Thanks a lot once more for your fast solutions, Scott !
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Is the WAN IP address not present in /var/db/whitelists ?
Scott
On 5/8/07, Fuchs, Martin [EMAIL PROTECTED] wrote:
Looks better now :-)
I'll have a longer look at it...
But if you added the local WAN ip to the permanent whitelist or else the
error should be gone...
Thanks a lot once more
It is present !
Thanks a lot...
-Ursprüngliche Nachricht-
Von: Scott Ullrich [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 9. Mai 2007 02:29
An: support@pfsense.com
Betreff: Re: [pfSense Support] SNORT issue
Is the WAN IP address not present in /var/db/whitelists ?
Scott
On 5/8/07,
27 matches
Mail list logo