hi all,
i have a pfsense box with two interfaces (not sharing the same media or
gateway).
i need for openvpn to use a specific interface/gateway to bind to.
as packets are internally generated, standard policy routing won't work
here -- i tried the openvpn --bind option to no avail.
any
so far it's not working with tls,I've been concentrating on other
areas but expect to return to this shortly
On 17 April 2010 19:27, i...@unseregedanken.de i...@unseregedanken.de wrote:
Nick,
can you please give some feedback?
jan
i...@unseregedanken.de wrote:
Hi Nick,
Nick Upson wrote:
okay, just let us know when your focus changes.
Nick Upson wrote:
so far it's not working with tls,I've been concentrating on other
areas but expect to return to this shortly
On 17 April 2010 19:27, i...@unseregedanken.de i...@unseregedanken.de wrote:
Nick,
can you please give some
Hi,
I have Lan and Wan in my organization i want to create gateway for internet
please guide me.
Thanks,
Mir
RTFM
On Mon, Apr 19, 2010 at 3:20 PM, Barkat ali mir7_...@yahoo.com wrote:
Hi,
I have Lan and Wan in my organization i want to create gateway for internet
please guide me.
Thanks,
Mir
--
Regards
Abdulrehman
Hi
Before look this tutorials:
http://doc.pfsense.org/index.php/Tutorials
Regards,
Sergey.
- Original Message -
From: Barkat ali
To: support@pfsense.com
Sent: Monday, April 19, 2010 2:20 PM
Subject: [pfSense Support] how do i install firewall setting for the Lan Wan
Hi,
right, I took a working openvpn tunnel, added tls-auth
/var/etc/openvpn_server0.tls to the server (pfsense) and enabled
tls-auth in the client. then made the client reconnect, the file is
the same one copied to both machines. I just get
TLS error: TLS key negociation failed to occur within 60
On 4/19/2010 5:40 AM, mayak-cq wrote:
i have a pfsense box with two interfaces (not sharing the same media or
gateway).
i need for openvpn to use a specific interface/gateway to bind to.
as packets are internally generated, standard policy routing won't work
here -- i tried the openvpn
On Mon, 2010-04-19 at 07:27 -0400, Jim Pingle wrote:
On 4/19/2010 5:40 AM, mayak-cq wrote:
i have a pfsense box with two interfaces (not sharing the same media or
gateway).
i need for openvpn to use a specific interface/gateway to bind to.
as packets are internally generated,
you will have to add the side identication integer to the string of the
tls-auth directive.
for the server sided configuration use ..
tls-auth /var/etc/openvpn_server0.tls 0
^
and for the client ..
tls-auth
On 19 April 2010 13:20, i...@unseregedanken.de i...@unseregedanken.de wrote:
you will have to add the side identication integer to the string of the
tls-auth directive.
for the server sided configuration use ..
tls-auth /var/etc/openvpn_server0.tls 0
can you try to regenerate the tls key file on your pfsense box and then
copy it to your clients? afaik your current key has not been generated on
your pfsense box, right? maybe thats why it says that there is not enough
key material to proceed ..
pfbox # openvpn --genkey --secret
I can try that out but the permanent solution needs to use the
existing tls key, as it's also used, without problems, elsewhere and
we don't want the headache of more key files than necessary
On 19 April 2010 14:36, i...@unseregedanken.de i...@unseregedanken.de wrote:
can you try to regenerate
Nick Upson wrote:
I can try that out but the permanent solution needs to use the
existing tls key, as it's also used, without problems, elsewhere and
we don't want the headache of more key files than necessary
So you're already using the respective key with other openvpn instances?
can you
yes, the ta key works fine against an openvpn server on fedora over wlan
which part of the configs do you need?
On 19 April 2010 14:46, i...@unseregedanken.de i...@unseregedanken.de wrote:
Nick Upson wrote:
I can try that out but the permanent solution needs to use the
existing tls key, as
On 04/19/2010 03:54 PM Nick Upson wrote:
yes, the ta key works fine against an openvpn server on fedora over wlan
which part of the configs do you need?
would be great to have a look on both; the client and the server config.
On Mon, 2010-04-19 at 14:07 +0200, mayak-cq wrote:
On Mon, 2010-04-19 at 07:27 -0400, Jim Pingle wrote:
On 4/19/2010 5:40 AM, mayak-cq wrote:
i have a pfsense box with two interfaces (not sharing the same media or
gateway).
i need for openvpn to use a specific interface/gateway to
The Available Packages page for 2.0 beta x86_64 full snapshot from
Friday shows no packages, with the warning Unable to communicate with
www.pfsense.com. Please verify DNS and interface configuration, and
that pfSense has functional Internet connectivity. My DNS works. I
don't see anything related
Same here
-Ursprüngliche Nachricht-
Von: David Burgess [mailto:apt@gmail.com]
Gesendet: Montag, 19. April 2010 19:58
An: support
Betreff: [pfSense Support] no packages for 2.0
The Available Packages page for 2.0 beta x86_64 full snapshot from
Friday shows no packages, with the
I have a site in Jacksonville, FL. We have two Watchguard Firebox
X700s, with upgraded RAM and a pfSense embedded deployment.
Since installation we have had WEIRD problems with the VPN. We
THOUGHT it was the vpn. However, weeks and work revealed an apparent
switch problem. Basically, what
Joshua Schmidlkofer wrote:
I have a site in Jacksonville, FL. We have two Watchguard Firebox
X700s, with upgraded RAM and a pfSense embedded deployment.
Since installation we have had WEIRD problems with the VPN. We
THOUGHT it was the vpn. However, weeks and work revealed an apparent
On 4/19/2010 1:57 PM, David Burgess wrote:
The Available Packages page for 2.0 beta x86_64 full snapshot from
Friday shows no packages, with the warning Unable to communicate with
www.pfsense.com. Please verify DNS and interface configuration, and
that pfSense has functional Internet
On Mon, Apr 19, 2010 at 1:29 PM, Jim Pingle li...@pingle.org wrote:
It's probably looking for a package file that doesn't exist. Did this
ever work before?
It's the first time I've tried PFS on 64-bit.
I'm not sure if there are any 64-bit packages setup in the repo yet.
That's possible, and
Does pfSense' log say CARP is moved from Active to Passive?
Evgeny.
Evgeny,
It appears we are getting some of that: (JAX2)
Apr 19 14:48:13 kernel: carp1: link state changed to DOWN
Apr 19 14:48:13 kernel: carp1: MASTER - BACKUP (more frequent
advertisement received)
Apr 19 14:48:10 kernel:
Joshua Schmidlkofer wrote:
Does pfSense' log say CARP is moved from Active to Passive?
Evgeny.
Evgeny,
It appears we are getting some of that: (JAX2)
Apr 19 14:48:13 kernel: carp1: link state changed to DOWN
Apr 19 14:48:13 kernel: carp1: MASTER - BACKUP (more frequent
advertisement
David Burgess wrote:
On Mon, Apr 19, 2010 at 1:29 PM, Jim Pingle li...@pingle.org wrote:
It's probably looking for a package file that doesn't exist. Did this
ever work before?
It's the first time I've tried PFS on 64-bit.
I'm not sure if there are any 64-bit packages setup in
David Burgess wrote:
On Mon, Apr 19, 2010 at 2:03 PM, Evgeny Yurchenko evg.yu...@rogers.com wrote:
Can you trace what request is generated by your pfSense when you try to
access list of available packages?
Where would I find that?
db
tcpdump -ni your_wan_interface -s0
On Mon, Apr 19, 2010 at 3:31 PM, David Burgess apt@gmail.com wrote:
On Mon, Apr 19, 2010 at 1:29 PM, Jim Pingle li...@pingle.org wrote:
It's probably looking for a package file that doesn't exist. Did this
ever work before?
It's the first time I've tried PFS on 64-bit.
I'm not sure
Yes, do not blame your switch, something is wrong with your pfSense cluster.
Most probably your re1 becomes overloaded with traffic.
Evgeny.
Ok new problem: re:1 watchdog timeout. I think we have properly
disabled ACPI. Anyone have any other advice?
On Mon, Apr 19, 2010 at 4:38 PM, Joshua Schmidlkofer joshl...@gmail.com wrote:
Ok new problem: re:1 watchdog timeout. I think we have properly
disabled ACPI. Anyone have any other advice?
Change hardware. Those cheap NICs in the Watchguards have all kinds of problems.
Ok new problem: re:1 watchdog timeout. I think we have properly
disabled ACPI. Anyone have any other advice?
Change hardware. Those cheap NICs in the Watchguards have all kinds of
problems.
Chris,
Thanks, I appreciate your input. I think we'll take your advice. =(
Weak-sauce
Joshua Schmidlkofer wrote:
Ok new problem: re:1 watchdog timeout. I think we have properly
disabled ACPI. Anyone have any other advice?
Change hardware. Those cheap NICs in the Watchguards have all kinds of problems.
Chris,
Thanks, I appreciate your input. I think we'll
On Mon, Apr 19, 2010 at 6:56 PM, Hans Maes h...@bitnet.be wrote:
Although it is definately related to the type of NIC's in the watchguard
boards, I'm still not completely convinced this is 100% a hardware problem
since the Watchguard Linux OS seems to work just fine on it. Sounds more
like a
On Thu, Apr 15, 2010 at 3:17 PM, Bao Ha b...@hacom.net wrote:
Padlock does not have an issue that we know of! We have sold hundreds
of VIA C7 systems with Padlock running pfSense. If it was a problem,
we would have asked Chris B. to fix it.
I haven't seen it on any hardware that you guys
34 matches
Mail list logo
