On Wed, Mar 2, 2011 at 12:38 AM, Seth Mos wrote:
> I'm routing it from one interface to another although it's destination is
> also a VLAN on that other interface. Maybe that's where the issue lies.
It would be unfortunate if vlan-vlan traffic on a given interface has
its maximum throughput redu
Op 2-3-2011 3:44, David Burgess schreef:
2.0-RC1 (amd64)
built on Tue Mar 1 15:52:28 EST 2011
Core i3 550 3.2 GHz
4GB RAM
Intel GBE
I'm seeing atleast 600mbit of iscsi throughput through a Dell R310 with
this processor, 4 port igb card and 2 bce onboard.
I'm routing it from one interface to
I am not sure how/where you would check this but maybe the card is
operating in simplex mode in which case I believe it makes sense you
are getting approximately half of gigabit. Someone please correct me
if I am wrong.
Moshe
On Tuesday, March 1, 2011, David Burgess wrote:
> 2.0-RC1 (amd64)
>
2.0-RC1 (amd64)
built on Tue Mar 1 15:52:28 EST 2011
Core i3 550 3.2 GHz
4GB RAM
Intel GBE
I've just set this system up doing some crude throughput testing with
iperf. The most I can push through this box from LAN to WAN is a
steady 503-520 mbps, using the default mtu (higher mtu values produce
n
Andy,
802.1x with MAC authentication bypass is probably what you are looking for.
Nearly all managed switches these days have support for 802.1x. This way the
device is authenticated at the switch-port, if it is not an allowed device the
switch will deny the device access (or you could set the
On Tue, Mar 1, 2011 at 7:26 AM, Andy Graybeal
wrote:
> Greetings,
> I'm wondering if there is a DNS forwarding log? I don't have a DNS server
> installed here at the site, I use OpenDNS for my name servers.
>
> I have a machine that is requesting a website that supposedly is related to
> malware
Hi, you can only restrict the access/traffic to services provided and managed
by pfSense. But there might be another possibility like using snort package,
activating it on the LAN side and permit only the traffic from the IP’s that
you allow. I think this can be done, but certainly needs further
I think Andy means, "how do I stop people who set a static IP on the same
subnet as my network from getting on the network?"
The short answer is that you can't do that easily. Internal network traffic
does not pass through the pfSense and cannot be stopped by it.
You may be able to prevent inter
If a computer doesn't pick up a DHCP address I believe it gets an APIPA
address, a 169.192 address if I recall right. With an apipa address the
computer wouldn't be able to do much of anything anyways as the subnet is
different and there isnt a gateway to my knowledge, so a standard setup of a
Hi,
I would like every machine on my network to get it's address from
PFSense's DHCP server.
If it doesn't receive an address from the DHCP server (if they pick some
arbitrary address on the same subnet) how do I dis-allow them access to
network services?
Does this make any sense to do this
I apologize, this actually had nothing to do with pFsense. It ended up
being an internal issue with acl's on our core.
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfse
On Tue, Mar 1, 2011 at 12:02 PM, JASON JAMES wrote:
> We currently use PFSense as a perimeter firewall it does all of our NAT as
> well. We recently ran out of public ip's and had another subnet issued to
> us. The problem is whether I add a new interface or set it up as a static
> route we can't
> I thought so, but that does not seem to work either.
Make sure you power cycle the router that is passing that subnet to your
firewall.
I had this same issue when I set this up, and racked my head for hours before
doing that.
I opted for the separate interface approach when I did the instal
I thought so, but that does not seem to work either.
Jason James
Technology Department
School District of Milton
608-868-9570 ext 1082
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: su
routeable.
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional
commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
__ Information from ESET NOD32 Antivirus, version of virus signature
database 5917
We currently use PFSense as a perimeter firewall it does all of our NAT as
well. We recently ran out of public ip's and had another subnet issued to
us. The problem is whether I add a new interface or set it up as a static
route we can't get it to be reachable from outside. I know I am missing
some
Op 1-3-2011 12:42, Jorge Fábregas schreef:
On 02/28/2011 11:02 PM, Chris Buechler wrote:
http://blog.pfsense.org/?p=585
Thanks Chris. I've been using the beta for a while (updating it thru
the WebGUI). By updating this beta...will it be the same as this RC1? or
is RC1 from another tree now?
You can use tcpdump on your LAN interface to see which IP is
requesting the website:
tcpdump -i -n host name_of_malware_website
replace with your real name of lan interface (eg. em0).
The tcpdump will show you the IP that is requesting the page of
name_of_malware_website
Something like the
On Tue, Mar 1, 2011 at 2:26 PM, Andy Graybeal
wrote:
> Greetings,
> I'm wondering if there is a DNS forwarding log? I don't have a DNS server
> installed here at the site, I use OpenDNS for my name servers.
>
> I have a machine that is requesting a website that supposedly is related to
> malware
Greetings,
I'm wondering if there is a DNS forwarding log? I don't have a DNS
server installed here at the site, I use OpenDNS for my name servers.
I have a machine that is requesting a website that supposedly is related
to malware according to OpenDNS.
How would I figure out which machine
On 02/28/2011 11:02 PM, Chris Buechler wrote:
> http://blog.pfsense.org/?p=585
Thanks Chris. I've been using the beta for a while (updating it thru
the WebGUI). By updating this beta...will it be the same as this RC1? or
is RC1 from another tree now?
Thanks,
Jorge
-
Dear all,
I have stared using pfSense before 2 months ,am using squid ,squidguard
,lightsquid etc...today i restarted the machine but it taking 20 mins for
booting squidguard sync takes 10 mins is there any way to optimize this??/
--
Thanks & Regards
Shali K R
Server Administrator
Vidya Academy
22 matches
Mail list logo
