On Fri, Jan 8, 2010 at 5:27 PM, Karl Fife wrote:
>
> That's preciesely right.
> Inside: LAN, Outside: WAN.
>
> Is that the right setting for the shaper in this bridged configuration?
>
> (And again OPT2 is bridged to WAN, OPT1 is currently idle, Soekris 5501)
>
Because of the limitations of the s
>
> That's exactly what I thought on first seeing this - there's
> absolutely no difference. It makes no sense at all to use a different
> port on the server for security reasons.
>
I would agree. And whether you like Microsoft or not, there are
thousands of IIS instances running on the net
> Date: Fri, 8 Jan 2010 20:33:43 -0500
> From: cbuech...@gmail.com
> To: support@pfsense.com
> Subject: Re: [pfSense Support] port 80 -> 443
>
> On Fri, Jan 8, 2010 at 8:17 PM, RB wrote:
> > On Fri, Jan 8, 2010 at 17:07, Michel Servaes wrote:
> >> I don't really like port 80 at all on an IIS se
I'd read that embedded pfsense 1.2.3 was going to have some package support
but I was pleasantly surprised to see snort!
I've always understood Snort on embedded to be a bad idea -- certainly for
the obvious reasons (limited embedded CPU power), but also due to the write
limitations of flash
On Fri, Jan 8, 2010 at 8:17 PM, RB wrote:
> On Fri, Jan 8, 2010 at 17:07, Michel Servaes wrote:
>> I don't really like port 80 at all on an IIS server...
>
> Please forgive my IIS ignorance (and this has gone far afield from
> pfSense), but what's the difference?
That's exactly what I thought on
On Fri, Jan 8, 2010 at 17:07, Michel Servaes wrote:
> I don't really like port 80 at all on an IIS server...
Please forgive my IIS ignorance (and this has gone far afield from
pfSense), but what's the difference? Unless you're doing client
certificates, random clients are still free to connect,
Also, the machine is acting as a Secure Gateway for Citrix - so I don't want
to tamper a lot on a (for the rest) working config...
I just want to avoid the obligation to let my users type 'https' :-)
The problem is that 'https' doesn't just specify the port, it also
tells the browser whet
On Fri, Jan 8, 2010 at 15:03, Michel Servaes wrote:
> Also, the machine is acting as a Secure Gateway for Citrix - so I don't want
> to tamper a lot on a (for the rest) working config...
> I just want to avoid the obligation to let my users type 'https' :-)
The problem is that 'https' doesn't jus
> Date: Fri, 8 Jan 2010 23:03:20 +0100
> From: mic...@mcmc.be
> To: support@pfsense.com
> Subject: [pfSense Support] port 80 -> 443
>
> Is there a way to redirect a port 80 (wanside) to 443 (lanside).
> I can do port translation, but the IIS doesn't seem to accept this way
> of redirection...
>
On Wed, Jan 6, 2010 at 1:26 PM, Karl Fife wrote:
Thanks for the ideas! It's working with the exception of a traffic shaping
problem.
What I did to set this up is
1. Bridged the OPT interface with WAN, leaving all other fields blank
2. Created a rule on the tab of the OPT interface to 'pass' 'any
Michel Servaes wrote:
Is there a way to redirect a port 80 (wanside) to 443 (lanside).
Firewall->NAT->Port Forward. And make sure you have correct rule on WAN
interface.
I can do port translation, but the IIS doesn't seem to accept this way
of redirection...
IIS should not be aware of this tra
Is there a way to redirect a port 80 (wanside) to 443 (lanside).
I can do port translation, but the IIS doesn't seem to accept this way
of redirection...
I know I can alter IIS, to accept port 80 - but I just don't like any
IIS to be open on port 80 to the worldwide web.
I could install an apa
Op 8-1-2010 18:21, Paul Mansfield schreef:
On 08/01/10 16:21, Tim Nelson wrote:
- "Paul Mansfield" wrote:
if you put multiple lines of configuration in an openvpn server
config,
all the end of lines are lost and the whole lot is run together on
one
line when you look at the generated /var/
Hi,
new comer to pfsense, hearing interesting to pfsense, i plan to deploy it on
my network replacing my old centos router BOX..i got several question:
1.If i install pfsense does it automatically setup NAT.. for internet
sharing..? does pfsense do routing..?
2. ill be having 3 NICS for my pfsens
I tweak /etc/inc/system.inc so that syslogd is bound ONLY to localhost,
and then I can set pfsense to also log to another local IP, then install
syslog-ng on that IP so that I can do interesting things to the logs and
also push them remotely.
Please can you change the default configuration by twe
On 08/01/10 16:21, Tim Nelson wrote:
> - "Paul Mansfield" wrote:
>> if you put multiple lines of configuration in an openvpn server
>> config,
>> all the end of lines are lost and the whole lot is run together on
>> one
>> line when you look at the generated /var/run/openvpn_serverXX.conf
>> f
- "Paul Mansfield" wrote:
> if you put multiple lines of configuration in an openvpn server
> config,
> all the end of lines are lost and the whole lot is run together on
> one
> line when you look at the generated /var/run/openvpn_serverXX.conf
> file
>
> am running the full pfsense1.2.3-rel
if you put multiple lines of configuration in an openvpn server config,
all the end of lines are lost and the whole lot is run together on one
line when you look at the generated /var/run/openvpn_serverXX.conf file
am running the full pfsense1.2.3-release, upgraded from previous versions
is this
Hello,
Can someone let me know if there is a way to reset the default timeout for PPTP
timeout on pfSense.
It looks like the default timeout is set to something like 5min and I'd like to
a much longer period.
Which file / config parameter should I modify ?
Thanks.
¯¯
On Fri, Jan 8, 2010 at 5:37 AM, Robert Mortimer
wrote:
>> can't see why not, connect its WAN to your LAN, and in wan port rules
>> permit access to squid from the "WAN", you'll have to configure
>> clients
>> to point to it, or adjust existing firewall rules
>>
> I seem to remember the initial set
> can't see why not, connect its WAN to your LAN, and in wan port rules
> permit access to squid from the "WAN", you'll have to configure
> clients
> to point to it, or adjust existing firewall rules
>
I seem to remember the initial set-up asks you to choose a LAN and a WAN before
you start. If i
On Fri, 2010-01-08 at 05:07 -0500, Chris Buechler wrote:
> On Thu, Jan 7, 2010 at 4:27 AM, Jonathan Dieter wrote:
> > What is the best way to rebuild squid for 2.0-Beta1? The current
> > package is build with libcrypt.so.4, while libcrypt.so.5 is in 2.0-Beta1
> > and it's also asking for libssl,
On Thu, Jan 7, 2010 at 4:27 AM, Jonathan Dieter wrote:
> What is the best way to rebuild squid for 2.0-Beta1? The current
> package is build with libcrypt.so.4, while libcrypt.so.5 is in 2.0-Beta1
> and it's also asking for libssl, which doesn't seem to be installed at
> all in 2.0-Beta1.
>
Most
23 matches
Mail list logo