Re: [pfSense Support] Re: multi-wan, multi-lan security

2010-08-06 Thread Tortise
- Original Message - From: "Dave Warren" To: Sent: Saturday, August 07, 2010 5:58 PM Subject: [pfSense Support] Re: multi-wan, multi-lan security In message Tortise was claimed to have wrote: - Original Message - From: "Dave Warren" To: Sent: Saturday, August 07, 201

[pfSense Support] Re: multi-wan, multi-lan security

2010-08-06 Thread Dave Warren
In message Tortise was claimed to have wrote: > >- Original Message - >From: "Dave Warren" >To: >Sent: Saturday, August 07, 2010 4:51 PM >Subject: [pfSense Support] Re: multi-wan, multi-lan security > > >> In message <24b7224eff7c4e19b1a43fd4df416...@dp2000xp> Tortise >> was claimed

Re: [pfSense Support] Re: multi-wan, multi-lan security

2010-08-06 Thread Scott Lambert
On Fri, Aug 06, 2010 at 09:51:35PM -0700, Dave Warren wrote: > In message <24b7224eff7c4e19b1a43fd4df416...@dp2000xp> Tortise > was claimed to have wrote: > > >My ISP advised us not use common private LAN addresses for this > >(common problem) reason. (I now use randomly generated addresses) >

Re: [pfSense Support] Re: multi-wan, multi-lan security

2010-08-06 Thread Tortise
- Original Message - From: "Dave Warren" To: Sent: Saturday, August 07, 2010 4:51 PM Subject: [pfSense Support] Re: multi-wan, multi-lan security In message <24b7224eff7c4e19b1a43fd4df416...@dp2000xp> Tortise was claimed to have wrote: My ISP advised us not use common private LA

[pfSense Support] Re: multi-wan, multi-lan security

2010-08-06 Thread Dave Warren
In message <8c8f0f7add704cf491998cbe298fb...@dp2000xp> Tortise was claimed to have wrote: >Yes I was referring to ARP poisoning and my cable connection experience >which is the reason for the random (obscure) LAN subnet >range selection... It's worth noting that even if you use an uncomm

[pfSense Support] Re: multi-wan, multi-lan security

2010-08-06 Thread Dave Warren
In message <24b7224eff7c4e19b1a43fd4df416...@dp2000xp> Tortise was claimed to have wrote: >My ISP advised us not use common private LAN addresses for this >(common problem) reason. (I now use randomly generated addresses) I do hope you never need to contact the legitimate owner of whatever IP

Re: [pfSense Support] multi-wan, multi-lan security

2010-08-06 Thread Tortise
- Original Message - From: "Chris Buechler" To: Sent: Saturday, August 07, 2010 2:09 PM Subject: Re: [pfSense Support] multi-wan, multi-lan security On Fri, Aug 6, 2010 at 9:37 PM, Tortise wrote: - Original Message - From: "Nathan Eisenberg" To: Sent: Saturday, August 0

Re: [pfSense Support] multi-wan, multi-lan security

2010-08-06 Thread Chris Buechler
On Fri, Aug 6, 2010 at 9:37 PM, Tortise wrote: > > - Original Message - From: "Nathan Eisenberg" > > To: > Sent: Saturday, August 07, 2010 12:50 PM > Subject: RE: [pfSense Support] multi-wan, multi-lan security > > >>> Say I'm not being routed a /24.  Say I'm on Comcast and I have a >>>

Re: [pfSense Support] multi-wan, multi-lan security

2010-08-06 Thread Tortise
- Original Message - From: "Nathan Eisenberg" To: Sent: Saturday, August 07, 2010 12:50 PM Subject: RE: [pfSense Support] multi-wan, multi-lan security Say I'm not being routed a /24. Say I'm on Comcast and I have a 192.168.0.0/24 LAN. The problem is now even bigger: your carrier

Re: [pfSense Support] multi-wan, multi-lan security

2010-08-06 Thread Chris Buechler
On Fri, Aug 6, 2010 at 8:50 PM, Nathan Eisenberg wrote: >> You're missing the entire point. If you have one switch, VLAN 2 is >> your LAN, and VLAN 3 is your unfiltered Internet, and you put both 2 >> and 3 untagged on the same port... there ya go. From there the amount >> of damage possible and e

RE: [pfSense Support] multi-wan, multi-lan security

2010-08-06 Thread Nathan Eisenberg
> You're missing the entire point. If you have one switch, VLAN 2 is > your LAN, and VLAN 3 is your unfiltered Internet, and you put both 2 > and 3 untagged on the same port... there ya go. From there the amount > of damage possible and ease of it happening depends on what kind of > Internet connec

Re: [pfSense Support] multi-wan, multi-lan security

2010-08-06 Thread Chris Buechler
On Fri, Aug 6, 2010 at 7:40 PM, Nathan Eisenberg wrote: >>That's poetry. > > It might be, if it were true.  I'm not sure that it is, though. > > From a distribution layer (/30 for routing to a firewall from a router), I > can't think of what you'd need to intentionally do to allow bypass of the

RE: [pfSense Support] multi-wan, multi-lan security

2010-08-06 Thread Nathan Eisenberg
>That's poetry. It might be, if it were true. I'm not sure that it is, though. From a distribution layer (/30 for routing to a firewall from a router), I can't think of what you'd need to intentionally do to allow bypass of the firewall that has anything to do with VLANs. If I somehow moved t

RE: [pfSense Support] haproxy

2010-08-06 Thread Hiren Joshi
The "stable" one would not let me add a backend, it kept telling me that "weight" was mandatory even tho I was entering a number for it. The other one seems fine. Thanks, Josh. > -Original Message- > From: Chris Buechler [mailto:cbuech...@gmail.com] > Sent: 06 August 2010 06:42 > To: su

RES: [pfSense Support] new problem for me

2010-08-06 Thread Tiago
Hi I tried to do it but didn't work I solved this using the blacklist on the proxy server adding the word iloveim.com Kind regards Tiago Picon DESENVOLVIMENTO Scenario - Automação Residencial (16) 3368-3399 - São Carlos tpi...@scenario.ind.br www.scenario.ind.br -Mensagem original-

[pfSense Support] pfSense + Squid ftp problem

2010-08-06 Thread Danny
Hi, We have setup the squid proxy package for LAN over a pfsense 1.2.3.-RELEASE* * where NO direct Internet access is allowed for users It works fine for the LAN users to access Internet / FTP through IE / Firefox with proxy enabled. The problem is that the LAN user cannot access any FTP server