On Dec 26, 2007 3:11 PM, James Kusler <[EMAIL PROTECTED]> wrote:
> So do you suggest I use PPPoE at the pfSense firewall and just bridge the
> modem? Right now I have the modem dialed to the account(DSL) for PPPoA and
> the modem is carrying a static gateway IP on its outside port and the inside
If possible the modem should be nothing more than a delivery mechanism for
network transport. No IP address, no routing, no configuration really.
Curtis
So do you suggest I use PPPoE at the pfSense firewall and just bridge
the modem? Right now I have the modem dialed to the account(DSL) for
PPPoA and the modem is carrying a static gateway IP on its outside port
and the inside port is a static IP from the block of IPs I am allowed.
Then on the WAN
Hello Bill-
I use the pfSense dynamic dns currently on a few boxes and have never had any
problems with it. I know it's quite unbelievable... but you just configure, go,
and forget about it! It's nice that one item can be like that in the myriad of
network/system stuff that always needs attent
On Dec 26, 2007 1:30 PM, James Kusler <[EMAIL PROTECTED]> wrote:
> Or I can bridge the modem and connect using the firewall on PPPoE.
With PPPoE and pfSense terminating the connection, 'other' is the
option you want for virtual IPs.
--Bill
Just going through the set up for No-IP Dyn DNS services and wanted to
know if the service will work with the pfsense DDNS service? Is there
anything special I need to do to get this to work? It looks pretty
straightforward, but you never know.
Thanks, Bill
Squid is running. The filter service is stopped. When I start the filter
service all http traffic is blocked. Any ideas on how to configure it to
allow traffic? The GUI looks pretty straight forward but I can't seem to
get it to work. I was even able to upload a filter set from the web through
Same as before. I cannot access through my firewall/NAT rules. This
time I used Proxy ARP when setting up virtual IP's.
James Kusler, Information Technology Manager
PHONE| 509.624.1613 or 800.822.4456 FAX| 509.624.1604
[EMAIL PROTECTED] | www.sound-tele.com | www.solaxis.com
-Ori
I have just installed to hard drive the latest version (1.2-RC3).
So I am starting with a fresh system. We'll see what happens.
Again, thanks to everyone for the continuing comments, information,
advice and assistance.
I will keep you posted on what happens.
James Kusler, Information Technolog
Also, so everyone knows, there are two ways to set up this connection
using a separate firewall.
I can either put the modem on PPPoA and then put the firewall inside of
the modem with static IPs (WAN on external IP addr. And LAN on my
internal net)\
Or I can bridge the modem and connect using the
Okay, it does Proxy ARP. My error. I have multiple addresses I need to
NAT through this.
It is a block of 8 IPs from Qwest and I can use 5 for me and one is the
gateway. The others are the network and the b-cast as usual.
I have tried CARP and before that 'Other'.
I only have the one pfSense
On Dec 26, 2007 12:13 PM, James Kusler <[EMAIL PROTECTED]> wrote:
> It gave the choices 'CARP', 'Web Proxy', and 'Other'. So if that has
> changed in the newer version that may help.
If it truly says "Web Proxy", you didn't get an official release from
us! It should read, CARP, Proxy ARP, and Ot
And in your firewall logs do you have show blocked by default rule?
If so check the logs and see if you can find anything stopping it.
Also check out your states you can watch active connections by throwing
192.168.1.10 in your filter.
If you see connections coming through on those states it
Sorry. I forgot to let you know. I do have the correct IP address assigned
by my isp. To answer your other question, the
wan rule is pass protocol:any port:any source:any destination:192.168.1.10
gateway:default
this rule is at the top of the list. (first processed)
i figured id go for simple
Hi guys, I have a problem with pptp vpn.
The VPN log display the next error:
Last 50 firewall log entries
Act Time If Source Destination Proto
Dec 25 08:48:20 NG1 192.168.100.192:1036 193.0.0.236:53 UDP
Dec 25 08:48:20 NG1 192.168.100.192:1036 192.0.34.126:53 UDP
Dec 25 08:48:20 NG1 192.
What are the rules you are using on the WAN for traffic.
Keep in mind when you are defining the destination address it should be the
PRIVATE IP not the PUBLIC one
If you are getting the correct address on whatismyip then the NAT mapping is
fine. it is firewall rules that are messing you up.
-Tim
I have it setup as Proxy ARP
I went to 1:1 NAT and firewall rules and specified the 73 and 72 as two
seperate entries using the /32 subnet mask
on the WAN interface it is setup as x.x.x.74 /29
I setup a wan rule to allow anything with the destination 192.168.1.10 and
same for 192.168.1.100
I c
I will be upgrading, that's fur sure. I have everything else set.
Also, in the virtual IP section, I did not have the choice of selecting
'IP'.
It gave the choices 'CARP', 'Web Proxy', and 'Other'. So if that has
changed in the newer version that may help.
Thanks for all the help and info, an
I am using CARP. Originally I used 'other'. Also, when I define the
public IP should I use the /29 subnet mask for that address from Qwest,
or should I just use /32 since it is a single IP address?
The dialogues in the web GUI suggest that if you use a single IP you use
the /32 snm.
James Ku
Under Virtual IP's are you using Carp, Proxy Arp, or IP? If you want to use
1:1 NAT, go ahead and do so for that specific IP address, then under the
firewall rules add in a rule to match the traffic you would like to permit.
It should be that simple. Additionally, the IP's 73 and 72 are within yo
A question on hardware; you do have this installed to HD or flash correct?
What version of pfSense are you running. On my 1.2RC2 at home, under Status
--> Services I have Squid Listed. Try uninstalling and reinstalling the
package.
Curtis
sorry. i mistyped. I am at 1.2RC3
-Original Message-
From: Sean Cavanaugh [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 26, 2007 11:41 AM
To: support@pfsense.com
Subject: RE: [pfSense Support] Virtual Ips
First step, upgrade to latest release, 1.2-RC3 as there have been MANY fixe
OK. Im stranded, but at least im not alone. I am using pfsense 1.3RC3. I
upgraded before i posted the question in hopes that would work. It didn't.
I feel like I have to be missing something.
-Original Message-
From: James Kusler [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 26,
First step, upgrade to latest release, 1.2-RC3 as there have been MANY fixes
put in since 1.0.1
-Sean
> Date: Wed, 26 Dec 2007 09:17:45 -0800> From: [EMAIL PROTECTED]> To:
> support@pfsense.com> Subject: RE: [pfSense Support] Virtual Ips> > I am
> having the same problem. I have an external
I am having the same problem. I have an external IP from Qwest which is
part of an 8-IP address block. That IP is the "gateway" and the others
are for my use. SO I am trying to assign them to devices on my local
net.
I set up mine in virtual IP, and created a NAT rule with the option
selected t
I have a stupid question.. I am trying to set up 2 servers with a seperate
external IP adresses. My wan IP is x.x.x.74 I want to use x.x.x.73 for
server 1 and x.x.x.72 for server 2. Server 1 is 192.168.1.10 and server 2
is 192.168.1.11. I think i have to set this up in 1:1 nat, Firewall rules,
My IP address comes back as the WAN port of my pfSense firewall. SO I
guess that's good.
I do not have any Services listed. Squid is not in there.
James Kusler, Information Technology Manager - Sound Telecom
PHONE| 509.624.1613 or 800.822.4456 FAX| 509.624.1604
[EMAIL PROTECTED]
I got yourother email as well. I will check both of these out. I had no idea
Squid was there by default.
Thanks! I will let you know how it turns out.
James Kusler, I.T. Manager
Sound Telecom
(509) 624-1613
From: Curtis LaMasters [mailto:[EMAIL PROTECTED]
Do you have anything in your firewall logs? Try to make an additional IP
address through Virtual IP's menu (use carp) and then assign that to your
NAT rule for the outside IP address to be used and see if that works.
Additionally, from a computer behind pfSense, go to
http://www.whatismyip.com and
First check under the Services page under the status drop down menu. Squid
should be in there.
Curtis
30 matches
Mail list logo