Is reflection enabled?
--Bill
On 2/4/07, kevin hawkins [EMAIL PROTECTED] wrote:
I still can not make it work. I am sitting behind it though that might be
the problem.
On 2/4/07, Holger Bauer [EMAIL PROTECTED] wrote:
It uses 5500 for reverse connection, 5800 for the http serverapplet and
On 2/5/07, Darren Cockburn [EMAIL PROTECTED] wrote:
Silly me,
Using /usr/sbin/clog shows log entries after the crash for ALL logs
(nothing before)
Is there anything I can turn on (newsyslog as an example) that would
keep a better history of events?
You probably want to syslog to a remote
On 2/4/07, kevin hawkins [EMAIL PROTECTED] wrote:
I see where it replys back from 00:0f:35:46:d0:54 for both nics. I don't see
how that can be I have cable mod 1 pluged into nic one and modem 2 pluged
into nic 2
and switch plugged into nic 3 I have balencing between dc1 and x10
Same provider?
On 2/4/07, Chris Buechler [EMAIL PROTECTED] wrote:
Bill Marquette wrote:
Same provider? I'd be willing to bet that both those modems are on
the same layer 2 ethernet segment and using the same physical router
with multiple IPs assigned to it's interface. Not good.
Not good, but a reality
On 1/29/07, Ronald L. Rosson Jr. [EMAIL PROTECTED] wrote:
Has anyone thought of adding pfflowd to the embedded image. With some
hackery I have shoe horned it in. So far after running about a week I see
no increaed writes to the CF and thhe data appears to be coming across with
Makes sense, it
On 1/29/07, Ronald L. Rosson Jr. [EMAIL PROTECTED] wrote:
On Jan 29, 2007, at 8:40 AM, Bill Marquette wrote:
On 1/29/07, Ronald L. Rosson Jr. [EMAIL PROTECTED] wrote:
Has anyone thought of adding pfflowd to the embedded image. With some
hackery I have shoe horned it in. So far after
On 1/26/07, Wade Blackwell [EMAIL PROTECTED] wrote:
Good afternoon all,
Can PF can support blackholing by routing to /dev/null? It doesn't
look like the web configurator will let me do that magic, how would one go
about adding and deleting routes for that purpose?
Add a static route
). So I am sure that i could add an 8,000 line
route add to the rc.local script I was just wondering if there is a more
elegant way to do that. Thanks.
Wade B
On 1/27/07, Bill Marquette [EMAIL PROTECTED] wrote:
On 1/26/07, Wade Blackwell [EMAIL PROTECTED] wrote:
Good afternoon all
Looks like FreeBSD updated the package on 12/24. I'll commit a fix to
our package repository tonight. Thanks
--Bill
On 1/18/07, Jeremy Rempel [EMAIL PROTECTED] wrote:
It installed fine for me in the past, just in the last couple days the
installs failed. I removed the install files, tried
On 1/12/07, Joseph Favia Jr. [EMAIL PROTECTED] wrote:
Is there any update on this issue? have you done any testing to see if
the packages get installed? All my attempts were unsuccessful.
Thanks
Joe
Nope. I know what the problem is though...when calling pkg_add -r we
need to set the
Looks like he's trying RELENG_6 not 6_1. That patch looks reasonable
(I think) Angelo.
--Bill
On 1/11/07, Scott Ullrich [EMAIL PROTECTED] wrote:
I believe you have a stale file somewhere. We are not patching
ip_input.c on RELENG_6_1.
Scott
On 1/11/07, Angelo Turetta [EMAIL PROTECTED]
On 1/5/07, Tim Dickson [EMAIL PROTECTED] wrote:
I'm not certain about the BSD users... (although it seems logical that
it would work)
I do know that a multiuser environment is being developed and tested and
eventually this will be a feature in PFSense. What release depends on
what bugs arise
On 1/4/07, Holger Bauer [EMAIL PROTECTED] wrote:
Do you mean the pfSense itself has to go to the internet through a
proxy? This is not supported and there are no settings for it. The
package manager tries to access the package repository at pfsense.com
and is not able to utilize a proxy for
On 1/4/07, Bill Marquette [EMAIL PROTECTED] wrote:
Actually, not entirely true :) If you feel like editing code, this is
a simple change.
/etc/inc/xmlrpc_client.inc around line 645 you should see:
/**
* The name of the proxy server to use, if any
* @var string
*/
var
On 1/4/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Hi,
The list of available packages gets displayed just fine, but the installation
procedure produces a regular error on all of the packages I've tried to
installed.
This is what kind of appear on screen :
Downloading package configuration
for successful package installation... failed!
Installation aborted.
Did you successfully install any of the packages?
Cheers
Joe
Scrive Bill Marquette [EMAIL PROTECTED]:
On 1/4/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Thanks alot Bill! I've tried the changes but I still get an error
On 12/22/06, Josep Pujadas i Jubany [EMAIL PROTECTED] wrote:
Why defragment pfSense ? This is not needed and FreeBSD ffs2 has
near zero fragmentation... (this doesn't runs on M$ filesystems).
/Xavier
If you are running embedded version in a Compact Flash the system file is
FAT.
Nope.
. of course why anyone
would want to setup networks like that is beyond me but i've always been
curious how in the heck that worked at all...
Bill Marquette wrote:
Probably those machines had 192.168.125.65's mac address still cached.
Knowing what the MAC was, they didn't need to do an arp lookup
Probably those machines had 192.168.125.65's mac address still cached.
Knowing what the MAC was, they didn't need to do an arp lookup for
their default gateway to send the traffic on. Expect those machines
to stop working before too long ;-P
--Bill
On 12/9/06, Jonathan Horne [EMAIL PROTECTED]
On 12/4/06, Fuchs, Martin [EMAIL PROTECTED] wrote:
No outbound nat :-(
Any other hints ?
Can you ping from WLAN to LAN? If that works, then it could be a NAT
issue, if it doesn't work then I'm at a bit of a loss.
--Bill
-
Technically speaking you can IP alias on a single interface, but we
don't currently support that. I believe we (pfSense) only support 255
VHIDs (actually, I wouldn't be the least bit surprised if we blow up
long before that) total for the box (our own checks enforce that)
while carp could in
On 11/30/06, Mark Kane [EMAIL PROTECTED] wrote:
On Thu, Nov 30, 2006, at 14:16:57 -0500, Scott Ullrich wrote:
Not sure what to tell you then. It works correctly in my case. Maybe
you have entered the wrong ips?
I appreciate you trying to help. The IPs are definitely correct. The
VoIP
On 11/30/06, Mark Kane [EMAIL PROTECTED] wrote:
On Thu, Nov 30, 2006, at 15:49:46 -0600, Bill Marquette wrote:
Code logic that takes advantage of the way pf uses ALTQ. I'm
surprised your VOIP is making it into this queue at all as it's only
ever used for empty ACKs or packets
I'm sure it's the same issue.
--Bill
On 11/27/06, Chris Allen [EMAIL PROTECTED] wrote:
Hi guys,
It seems that setting the modulate state option rather than keep
state for TCP connections doesn't work across bridged interfaces in
pfSense (rel 1.0.1, filtering bridge). The packets never seem
When the IP cameras stop working, what's the state table size? It's
displayed on the initial status screen when you login to pfSense. If
it's closing on 10,000, you might want to raise the limit in
System-Advanced.
--Bill
On 11/27/06, Daniel Orcutt [EMAIL PROTECTED] wrote:
Hello,
I
Neither, it's hardcoded.
--Bill
On 11/17/06, Kelvin Chiang [EMAIL PROTECTED] wrote:
Hi,
If I create the web GUI SSL certificate before I activate the HTTPS,
connecting to the web GUI using https uses the SSL certificate I created.
However, if I activate web GUI HTTPS access without creating
On 11/14/06, Peter Allgeyer [EMAIL PROTECTED] wrote:
Am Montag, den 13.11.2006, 18:14 -0600 schrieb Bill Marquette:
This:
net.inet.icmp.drop_redirect
is NOT the same as:
net.inet.ip.redirect
Ah, my fault, sure you're right. I meant I've played with
net.inet.ip.redirect. I do know what
On 11/14/06, Kelvin Chiang [EMAIL PROTECTED] wrote:
Hi, I have come to learn that system_advanced.php version 1.183 onward
supports zero configuration if avahi is installed. But I could not find any
information on how to do that. To be specific:
1. How can I patch system_advanced.php to
On 11/14/06, Kelvin Chiang [EMAIL PROTECTED] wrote:
Hi Bill,
1. I am confused. The pfsense_local.sh I am using is Revision 1.39. I can't
find any revision newer than this. Besides, even if I find it, you mentioned
that it will screw up the firewall, which I don't think I want to do so.
The
You could try setting the following sysctl to 1:
net.inet.ip.redirect
This at the command line:
sysctl net.inet.ip.redirect=1
I think it's whats stopping pfsense from sending the redirects.
--Bill
On 11/13/06, Mitch Martin [EMAIL PROTECTED] wrote:
-Original Message-
From: Peter
On 11/13/06, Scott Ullrich [EMAIL PROTECTED] wrote:
On 11/13/06, Peter Allgeyer [EMAIL PROTECTED] wrote:
BTW: Although ICMP redirects are considered bad,
it's a standard of TCP/IP we should honour.
You are not talking about:
# sysctl -a | grep icmp | grep redir
net.inet.icmp.drop_redirect: 0
I haven't yet chimed in too much on this thread. When I do, I'll
probably close the thread and start a new one that I can update the
first message in with what I'm planning on doing and what's impossible
and who has made pledges against the bounty.
For the record, the bounty was started for
On 11/8/06, Nathan Osborne [EMAIL PROTECTED] wrote:
Hi everyone,
I have a pretty basic VLAN question that I haven't been able to find the
answer to: Can pfSense do VLAN trunking? More specifically: I'm
installing a Metro Ethernet connection with pfSense boxes on each end. I
need to tag all
On 11/8/06, Scott Ullrich [EMAIL PROTECTED] wrote:
On 11/8/06, Craig FALCONER [EMAIL PROTECTED] wrote:
From: Scott Ullrich [mailto:[EMAIL PROTECTED]
On 11/8/06, Craig FALCONER [EMAIL PROTECTED] wrote:
Should work - I've been playing with vlans and got it all working.
The only weirdness I
On 11/7/06, Tommaso Di Donato [EMAIL PROTECTED] wrote:
On 11/6/06, Bill Marquette [EMAIL PROTECTED] wrote:
On 11/5/06, Rob Terhaar [EMAIL PROTECTED] wrote:
I store my swapfile on a ram drive!
I certainly hope that's a joke, cause it's the daftest thing I've ever
heard otherwise
On 11/7/06, Rob Terhaar [EMAIL PROTECTED] wrote:
I know not everyone in the world understands jerky american sarcasm, so just
to clear things up... i was joking. :D
I don't think freebsd will even let you use a ramfs drive to store swap.
See now you've made a challenge ;-P I believe it will
On 11/5/06, Rob Terhaar [EMAIL PROTECTED] wrote:
I store my swapfile on a ram drive!
I certainly hope that's a joke, cause it's the daftest thing I've ever
heard otherwise!!! :)
--Bill
-
To unsubscribe, e-mail: [EMAIL
On 11/4/06, Holger Bauer [EMAIL PROTECTED] wrote:
We know that it can run with less than 128 MB *IF* you don't push it too hard
and don't use too many features. However our official mininum specs will remain
128 MB RAM.
Holger
Unlike Microsoft, we publish minimum requirements that actually
Yep. Enable advanced outbound nat (instead of IPSec passthru), hit
save, delete the auto created rules, and apply.
--Bill
On 11/2/06, Jaye Mathisen [EMAIL PROTECTED] wrote:
Is there anyway to just disable the NAT portion, and keep all the cool
firewall management interface, and filtering,
You might find this useful if you want to build in a jail instead of a chroot:
http://www.pfsense.com/~billm/builder_jail.txt
It will make jail security somewhat less restrictive, so a dedicated
builder box is recommended (or not running any other jail on the box).
The original intent of the
On 10/30/06, Dimitri Rodis [EMAIL PROTECTED] wrote:
Hey guys--
Grats on release.
I noticed in the changelog the following:
PF does not know about congestion flags, remove from shaper
What does that mean?
It means we allowed an option on the front side that PF didn't
support. I caught it
On 10/30/06, Pierre Frisch [EMAIL PROTECTED] wrote:
Hi Bill,
Now that 1.0 is out what is the idea for moving to kernel 6.2? Any
idea of the time frame?
Could we find a solution to keep the interface numbering stable i.e.
when adding a NIC not have all interfaces renumbered? This is really
On 10/30/06, Peter Curran [EMAIL PROTECTED] wrote:
Be my guest, I don't plan on going through FreeBSD or Darwin driver
code to figure out what Apple does or does not do behind the scenes.
Frankly _all_ open source BSD's behave this way and it's of no
interest to me to fix it.
Bill
I think
On 10/30/06, Scott Ullrich [EMAIL PROTECTED] wrote:
D-link does this more than I change socks... Really do not recommend
their nics at all. I know they are nice and cheap and look attractive
but fight the urge and use a vendor that does not pull these dirty
tricks.
And they like changing
On 10/30/06, Peter Curran [EMAIL PROTECTED] wrote:
Scott
Neither!! I have deep admiration for you, bill, chris and colin. Not only
for what you have achieved but also for your ability to field some pretty
dumb questions on this list.
I think you SHOULD be less subtle and more upfront with
Actually, if it doesn't exist, reinstall the package, this has been
fixed. squid.conf is dynamically generated on change or boot -
changing it by hand is a recipe for frustration.
--Bill
On 10/29/06, Emanuel Gonzalez [EMAIL PROTECTED] wrote:
Hi Tim,
I don't know if you solved your Access
Do you have a rule on the LAN interface allowing the 192.168.152.0/24
network to talk to pfSense (let alone through it)?
--Bill
On 10/27/06, Justin Wilson [EMAIL PROTECTED] wrote:
Hi all.
We have the following network situation:
http://www.mtin.net/network.jpg
The laptop behind the router
On 10/27/06, Justin Wilson [EMAIL PROTECTED] wrote:
I have tried a rule that says
Source 192.168.152.0/24
Destination: 192.168.128.0/22
Not sure, the only other real suggestion I have is double check the
rule and make sure it's passing ICMP (and whatever other protocols you
want). I think
Port forward the ICMP and make sure you create a rule allowing it.
--Bill
On 10/26/06, Rudi Potgieter [EMAIL PROTECTED] wrote:
Hi
How do I allow ICMP protocol on a virtual IP setup on WAN interface? Port
forward works on the IP, but I cannot ping it, although I can ping the WAN
On 10/26/06, Rudi Potgieter [EMAIL PROTECTED] wrote:
Port forward to which IP? There is a rule created on WAN that allow
ICMP traffic.
To whatever machine you want to ping that accurately reflects the
meaning of the virtual IP. It's your network, you decide.
--Bill
On 10/25/06, Sanjay Arora [EMAIL PROTECTED] wrote:
Doubtful, it'll make the interface much noiser for little benefit. If
you are a network manager, you really need to understand the
difference between how netmasks are displayed.
Actually, I feel that deployment should be tailored to average
Just a point of clarification...there may be a way to make it work in
the future, but at this time load balanced FTP doesn't work, it will
only use the primary WAN.
--Bill
On 10/25/06, Holger Bauer [EMAIL PROTECTED] wrote:
loadbalancing ftp will not be supported. If you use the ftp helper with
You might try reinstalling the squid package. There was an ACL bug
that I just commited a fix for.
--Bill
On 10/23/06, Tim Roberts [EMAIL PROTECTED] wrote:
I see the acl allowed_subnets src 172.16.0.0/12 . no on the http_access
localnet. there is of course http_access allow localhost
Thanks!
On 10/24/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
I run three intel dual cards in mine, total of six ports. I like Holger's
advice, too - I've always made it practice to match all the NICs in a system
whenever possible. Be careful that adding the fourth NIC isn't causing the
system to
On 10/24/06, Robert Goley [EMAIL PROTECTED] wrote:
Bus order is what changes the order here. It's certainly possible to
have em0 be em1 after inserting another em card in the machine. Be
thankful that BSD actually identifies the chipset here...I find it
impossible to figure out wth
On 10/24/06, Curtis Maurand [EMAIL PROTECTED] wrote:
On linux ifconfig will give you the MAC address. That should be unique
enough for you to figure out what is what.
True...assuming you know the mac of the nic. Straight up dmesg
showing that Intel nic 1 is eth0 and realcrap nic 1 is eth1
On 10/24/06, Sanjay Arora [EMAIL PROTECTED] wrote:
Hello all
I am a non-technical user and require load-sharing firewall gateway.
Presently I am using IPcop. I have just installed pfsense 1.0 RC2 on a
machine with 6 ethernet cards, to be installed as LAN, WAN, WAN2, DMZ
WiFi Zone. Last card is
On 10/20/06, PlanAlpha [EMAIL PROTECTED] wrote:
I was checking out the rrd graphs after a reboot and was wondering if
this feature is going to kill my cf card since it's writting to it.
Can I turn this off? Should I not be running PFSense on a CF?
RRD writes to a ramdisk. We sync from ramdisk
http://wiki.pfsense.com/wikka.php?wakka=BootOptions
On 10/20/06, Bastian Schern [EMAIL PROTECTED] wrote:
Hello everybody,
I have little trouble to install pfSense properly. My System will only
produce no IDE errors when I set the DMA mode to UDMA66.
#: atacontrol mode ad0 udma4
In which file
On 10/16/06, J. Ryan Earl [EMAIL PROTECTED] wrote:
Let me explain something here since I'm not making the problem clear.
The problem has -nothing- at all to do with the Cisco firewall. The
setsockopt errors occur -well before- any communication with the other
end-point of the VPN tunnel. Case
On 10/15/06, PlanAlpha [EMAIL PROTECTED] wrote:
1. I have pfsense installed on a cf card. I have installed the squid
package. Does the diskcaching from squid write to my cf card? (worried
about it killing my cf card)
Full install to CF card, not an embedded image I take it. Yes, squids
There was a bug report on this in cvstrac that I replied to. But for
the benefit of the list do the following from the shell:
/etc/rc.conf_mount_rw
pw group add -n _ntp -g 123
pw user add -n _ntp -u 123 -g 123 -c 'NTP daemon' -d /var/empty -s /sbin/nologin
/etc/rc.conf_mount_ro
On 10/14/06,
On 10/14/06, J. Ryan Earl [EMAIL PROTECTED] wrote:
Well, I'm trying to route between a 10.2.3.0/24 and 192.168.2.0/24
network... Is that not some part of this functionality? I mean, is
there any reason to not have the kernel support this?
Not the point of my question.
Here's my Cisco
On 10/14/06, Peter Allgeyer [EMAIL PROTECTED] wrote:
You can configure nat-traversal on the PIX with:
isakmp nat-traversal 20 (PIX OS 6.x)
crypto isakmp nat-traversal 20 (PIX OS 7.x)
Look for these lines and disable them. If the error still occurs, it
might help, recompiling
On 10/9/06, Donald Pulsipher [EMAIL PROTECTED] wrote:
Can anyone recommend a decent cheap mini pci wireless G card that I can drop
into my soekris hardware that would be supported by pfSense ?
Wistron CM-9's work like a champ:
On 10/8/06, Kristofer Kiik [EMAIL PROTECTED] wrote:
Hi,
There does not seem to be a GUI option to limit traffic coming in
through IPSEC. Once you have IPSEC negotiated, all traffic that comes
through that connection has a green light to all of your
lan/dmz/whatever.
I have an IPSEC traffic
On 10/8/06, Kristofer Kiik [EMAIL PROTECTED] wrote:
On 10/8/06, SDamron [EMAIL PROTECTED] wrote:
All traffic coming in through a tunnel is encrypted. The only way to
limit this traffic is to terminate it and pass it through some kinda
of other firewall, or IDS.
It is encrypted when it
On 10/8/06, Kristofer Kiik [EMAIL PROTECTED] wrote:
Filtering outbound from pfSense may protect your
network, but leaves your firewall (and it's management interface) open
to attack.
So to remedy leaving the management interface open to attack, you
decided to leave management interface AND
On 10/6/06, Holger Bauer [EMAIL PROTECTED] wrote:
It's under firewallnat, portforward. Should be pretty obvious what to do there.
Additionally turn on nat reflection at the very bottom of systemadvanced. This
will make the internal server reachable from the wan by it's public IP.
Holger
On 10/5/06, Brian Quinn [EMAIL PROTECTED] wrote:
Hi,
I just migrated from monowall where I has happy enough until it started to
lockup and had to be manually rebooted every few days.
I restored the monowall config.xml in to pfsense and all seemed to be
working.
Or so I thought. Users can no
On 10/5/06, Alan Walters [EMAIL PROTECTED] wrote:
Been looking at the ath hal version on pfsense and considering testing
latest version from sam but can not seem to find how to add this into
our
Build routine.
We are running 0.9.16.16 in pfsense and 0.9.18.0 is the latest. How
could we add this
-
From: Bill Marquette [mailto:[EMAIL PROTECTED]
Sent: 05 October 2006 19:10
To: support@pfsense.com
Subject: Re: [pfSense Support] re: ath-hal
On 10/5/06, Alan Walters [EMAIL PROTECTED] wrote:
Been looking at the ath hal version on pfsense and considering testing
latest version from sam
On 10/4/06, Benoît Beaujault [EMAIL PROTECTED] wrote:
Hello,
More and more applications, due to firewall filtering, move to HTTP, is
it in the roadmap of pfsense to propose a fonctionnality to filter some
applications over HTTP (peer-to-peer, MSN, ICQ and so on) ?
Start by forcing all your
On 10/4/06, Captain Bablam [EMAIL PROTECTED] wrote:
I have pushed Openvpn through a bluecoat successfully,
Do you know if it is a configuration option or does it kill the
connection irrespective of configuration?
Wade B
Not sure why it doesn't work. I can get the initial
lol. Oh well, too late, it's been beheaded.
--Bill
On 10/3/06, Roberto Greiner [EMAIL PROTECTED] wrote:
I don't know exactly how or why, but after about 14 hours reporting
errors, suddenly msntp decided to work and updated the timeinfo properly.
Oct 3 14:52:53 msntp[82526]: msntp: 2006 Oct
On 10/3/06, Fuchs, Martin [EMAIL PROTECTED] wrote:
Hi !
Does anyone have the same problem:
Traffic to IPSEc remote LAN works via from LAN subnet, but nor from WLAN
subnet (with atheros chipset) ?
Any try to get it running fails...
Even with LAN: all to all rule and WLAN all to all rule !?
On 9/28/06, Matthew Grooms [EMAIL PROTECTED] wrote:
All,
I had recently been contacted by a user that was attempting to use my
free 2K/XP IPSEC client with pfsense. The racoon key daemon was tripping
up over a modecfg exchange that wasn't supported by the version of
ipsec-tools
On 9/28/06, Captain Bablam [EMAIL PROTECTED] wrote:
OK good to know thank you,
Are there plans to support quagga? I thought I saw that on the
list a while back?
Time. 'nuf said.
--Bill
-
To unsubscribe, e-mail:
Maybe gmail is the virus ;-P
--Bill
On 9/26/06, Scott Ullrich [EMAIL PROTECTED] wrote:
On 9/26/06, SDamron [EMAIL PROTECTED] wrote:
I really don't care...I do not use that OS that they are written
for...and I use GMail :o)
Ditto here on gmail. Not only that I deinstalled that VML exploit
Yep. The good news is that we already bind rules to interfaces so
skip steps should work pretty darn good :) We may consider doing the
-oo optimization when FreeBSD imports a newer version of PF.
--Bill
On 9/27/06, Peter Curran [EMAIL PROTECTED] wrote:
Guys
Interesting article (1st of 3) by
On 9/26/06, Jonathan Horne [EMAIL PROTECTED] wrote:
On 9/26/06, Rob Terhaar [EMAIL PROTECTED] wrote:
On 9/26/06, Jonathan Horne [EMAIL PROTECTED] wrote:
i know there has been a million threads about openvpn lately, so its
time
to throw mine into the mix too.
i have 2 sites, with an
Does your DMZ interface actually have an address? The destination
field is curiously empty in your screenshot.
--Bill
On 9/26/06, Michael Schuh [EMAIL PROTECTED] wrote:
Hi,
i again, now i have an complete other error, if it is an.
i configure the rules for DMZ interface (opt1) so that
the
On 9/26/06, Rob Evers [EMAIL PROTECTED] wrote:
Hi All,
I have a problem with routing and IPSEC VPN tunnels, attached is a
picture of the setup. There is a firewall cluster in the main office,
the firewalls in the branch offices all connect through IPSEC with the
main office.
So A - B is a
On 9/26/06, Rob Terhaar [EMAIL PROTECTED] wrote:
On 9/26/06, Jonathan Horne [EMAIL PROTECTED] wrote:
i know there has been a million threads about openvpn lately, so its time
to throw mine into the mix too.
i have 2 sites, with an ipsec tunnel between them. site 1 is
192.168.125.0/26 and
On 9/26/06, Jonathan Horne [EMAIL PROTECTED] wrote:
On 9/26/06, Jonathan Horne [EMAIL PROTECTED] wrote:
On 9/26/06, Rob Terhaar [EMAIL PROTECTED] wrote:
On 9/26/06, Jonathan Horne [EMAIL PROTECTED] wrote:
i know there has been a million threads about openvpn lately, so
its
time
to
On 9/26/06, Jonathan Horne [EMAIL PROTECTED] wrote:
thank you bill. rather than creating a new vpn tunnel, i just changed the
vpn subnet to 192.168.125.112/28 (techically within the 192.168.125.64/26
footprint). this has caused vpn clients to be able to traverse to my
192.168.125.0/26 site1
On 9/25/06, Marc Boisis-Delavaud [EMAIL PROTECTED] wrote:
Günter Müller a écrit :
Enable SSH (System-Advanced) on pfSense and you will have scp and sftp
access ...
I'm sorry but scp and sftp does'nt work.
Did you turn it on?
--Bill
http://www.freesbie.org/cvs.html might be of help.
--Bill
On 9/25/06, Fuchs, Martin [EMAIL PROTECTED] wrote:
After pressing enter it shows:
cvs [login aborted]: connect to cvs.freesbie.org(83.149.156.188):2401
failed: Operation timed out
any idea ?
Martin
On 9/25/06, Rob Terhaar [EMAIL PROTECTED] wrote:
not sure if this is going to be helpful-
but after an update to 9-22-snapshot and a reboot this morning on our
pfsense, users were complaining that they were able to do anything on
the vpn connection after they were authenticated via openvpn.
I
by the fact that my pfsense had been
upgraded repeatedly since beta 3.
Since then, i've done a fresh install to the 9-4 snapshot, and am now
running the 9-22 snapshot.
so ether i'm retarded- or there's an issue somewhere ;)
On 9/25/06, Bill Marquette [EMAIL PROTECTED] wrote:
Just a guess...probably
On 9/25/06, Roberto Greiner [EMAIL PROTECTED] wrote:
Hi,
I'm trying to install pfSense (1.0rc2) on a machine, but one of the
boards, despite being identified during installation, does not seem to
work. The leds show no signal of traffic, and a ping to the gateway gets
no answer, neither from
I think you misread.
--Bill
On 9/24/06, Rob Terhaar [EMAIL PROTECTED] wrote:
so just to make sure i understand what's going on...
there was vpn firewall controls in pfsense for a bit, but now after
9-21 snapshots this ability is out?
On 9/24/06, Scott Ullrich [EMAIL PROTECTED] wrote:
Same
no. The OpenBSD pf list (don't recall if it's on misc@ or the pf
list) has some comments on how to implement this.
--Bill
On 9/24/06, SDamron [EMAIL PROTECTED] wrote:
Just out of curiousity, would this be the place to start to implement
something like this?
DIOCXCOMMIT struct pfioc_trans *io
On 9/22/06, Volker Kuhlmann [EMAIL PROTECTED] wrote:
I didn't yet test, but does the shaper wizzard now check the correct
interfaces for SQF(?) capability? There was no code change there.
SQF?
Yep, spelt A L T Q :)
In beta4 I had to comment this out in traffic_shaper_wizard.xml
On 9/21/06, Rob Terhaar [EMAIL PROTECTED] wrote:
Yes, pfsense can do dual WAN. No, you can not add the bandwidth from
two ISPs to increase your total bandwidth.
Correct, not for a single transfer. Use a multi-threaded download
manager and you might actually get load balanced across both
On 9/19/06, Heath Henderson [EMAIL PROTECTED] wrote:
This is probably a question which doesn't require an answer, but I am a
little leary about updating to the
http://www.pfsense.com/~sullrich/1.0-SNAPSHOT-09-18-06/
I was curious of how to go about the udpate. I see two files which look
like
On 9/18/06, Volker Kuhlmann [EMAIL PROTECTED] wrote:
I didn't yet test, but does the shaper wizzard now check the correct
interfaces for SQF(?) capability? There was no code change there.
SQF?
--Bill
-
To unsubscribe,
On 9/18/06, Heath Henderson [EMAIL PROTECTED] wrote:
I have a user who sits outside of our Office network. I need to open up a
port for them to access Filemaker Through. I want to eventually get a VPN
setup, but he has a Mac and I am not certain of how well the VPN will work
with X.4 right
On 9/18/06, Heath Henderson [EMAIL PROTECTED] wrote:
Thanks, I am going to go the SSH route first. I will have access to setup
VPN in about 2 months. I just don't have the time currently, and this
person's system is in California and I am not. I haven't setup the ssh
tunnel before, so if
On 9/16/06, BW [EMAIL PROTECTED] wrote:
Hi all,
I have a WRAP 2C with 1 ethernet port and 1 wireless card. I have it set
with WAN on ethernet port and LAN on wireless and configured it with
transparent firewall. I have one computer connected to the WAN port then
wireless serial servers
301 - 400 of 769 matches
Mail list logo