Re: [pfSense Support] Unable to install pfSense 1.2 LiveCD

Rainer Duffner wrote: Am 08.05.2008 um 00:09 schrieb Atkins, Dwane P: I will try that as well. Can't you unplug the internal CD drive and use an USB one to install? Or does it complain nevertheless? Rainer BSDInstaller doesn't currently support USB CD-Roms, this is supposed to change n

Re: [pfSense Support] Unable to install pfSense 1.2 LiveCD

Try using a different CD-ROM drive, FreeBSD has been shown to be extremely picky with certain CD-ROM drives. Atkins, Dwane P wrote: I am attempting to install pfSense on a Dell PowerEdge RS200 server. This has a 64 bit ES4500 2.2 Ghz Processor with 1 GB memory and 80 gig SATA hard drive.

Re: [pfSense Support] boot usb wothout bios support

Ernesto Eduardo Medina Núñez wrote: Hi I'm new to BSD and pfsense. I want to boot pfsense from my usb pen drive but my BIOS it's old and can't boot from a USB drive. Sombody can help me? Note: I don't have Hard Drive nor Floppy Disk, I just have: -Cd-rom drive -1GB USB pen drive with pfsense

Re: [pfSense Support] help with pftpx

Brent wrote: Im using 1.2 pfsense as a home router & I keep seeing this in my system logs pftpx[428]: #5933 server refused connection What process is using pftpx & why . Do i need it ? How do i shut this off if its not needed? thank you -- Brent ---

Re: [pfSense Support] 1.2 package add-on missing

What does "platform" does your pfSense install display. You should see this in the splash screen. Paul Peziol wrote: 1: Its installed to the hd. Under System I have Advanced, Firmware, Gen Setup, Setup Wizard, and static routes, Last time I installed it, it had a packages section that appea

Re: [pfSense Support] spamd package

Vaughn, You should re-visit the spamhaus terms of service for their Zen service. It is not free for commercial use as you are apparently doing. Otherwise, thank you for the feedback on the package. -Gary Vaughn L. Reid III wrote: I have been successfully using the spamd package for about

Re: [pfSense Support] Re: PPTP & Ipsec

Please don't do that. If someone has a response, they'll respond when they're able. Keep in mind that this is a free resource, and that help is on a voluntary basis. If this doesn't fit within the threshold you have for a solution, then please consider other options. Spamming the mailing li

[pfSense Support] SpamD Package Needs Testers

For those of you not on the support forums, a bounty project to resurrect the SpamD package for pfSense 1.2-Release has started and Scott has kindly taken up the project. For the most part, it seems to be working, but it would be helpful for many more eyes to be looking at it. I know there ha

Re: [pfSense Support] Failover problem

Bill Marquette wrote: On Wed, Apr 23, 2008 at 9:27 AM, Gary Buckmaster <[EMAIL PROTECTED]> wrote: For public-facing services like email or web service, create a policy route to ensure that all traffic for those services from those services egresses your network on the Interface lis

Re: [pfSense Support] Failover problem

Martin Kruse Jensen wrote: Hi. I have a Soekris Net-5501 running pfSense 1.2, and two ISP's: ISP A: "Djursnet" ISB B: "Stofanet" (Intended as a backup provider) And I would like to use failover. However there is a slight problem when I have configured pfSense for using failover and the follow

Re: [pfSense Support] Pfsense problem..

Daniel, This issue has been discussed many times in the mailing lists and forums. In short, CARP and CARP-type VIPs do not work in a bridge configuration. -Gary Daniel Rapp wrote: Hi, we have two firewalls running pfsense, theay are running version 1.2-rc2 embedded, they have ben running

Re: [pfSense Support] Who has some good numbers to share for load balancing?

I am messing around with this at the moment and am having some trouble. Thanks. Wade B Wade Blackwell "Integrity is often more painful and always more profitable than perception management" -Original Message----- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Wedn

Re: [pfSense Support] Who has some good numbers to share for load balancing?

Wade, We use pfSense to load balance connections to our content filtering database. Daily we get approximately 40 million connections with a peak rate of close to 3Mb/s to a pool of 20 servers and our application requires latency to be very minimal. Up until recently we ran that using 1.2Gh

Re: [pfSense Support] ipsec saying: racoon: INFO: unsupported PF_KEY message REGISTER

Sounds like you have the two different ends of your tunnel configured differently. Double check both configurations and make sure they match exactly. Fabio C Flores wrote: Hi there, Im trying to setup a site-to-site ipsec VPN, when I start the serveice I get "unsupported PF_KEY message REGI

Re: [pfSense Support] check_reload_status.log

Florian, The larger question is why you haven't upgraded to 1.2-RELEASE since its been out for several months now? -Gary Florian Klemenz wrote: Hi, There is a file called check_reload_status.log which seems to haven been created at last reboot and only contains always the same log message o

Re: [pfSense Support] LogMe In Block!!

You've already asked this question once. Please be patient, the answer may take a bit. Sebastián Veloso Varas wrote: Hello, I am new in this list so from already my greetings to all. I have the following doubt: how can I leak LogMeIn in pfsense? Should I leak only everything what it avenge

Re: [pfSense Support] CARP

examples are for WAN side traffic and for keeping internet alive. I will keep trying to find something that shows how servers can be balanced. Its amazing because it even keeps the state. Best Regards Anil Garg */Gary Buckmaster <[EMAIL PROTECTED]>/* wrote: Anil Garg wrote: &g

Re: [pfSense Support] CARP

Anil Garg wrote: I have seen some documentation that shows how two pfsense can act as back up to the other (hot standby).. Is it possible for servers behind pfsense to exploit the same capability? Say we have one www.server on lan or dmz. If this server to die, we want the system to point t

Re: [pfSense Support] ICMP not Replying on Virtual IPs

searching into Google and my head spins!! */Gary Buckmaster <[EMAIL PROTECTED]>/* wrote: Ron Lemon wrote: > > I have setup a rule to allow all ICMP types from any source any port > to any destination on any port via any gateway. > > If I ping

Re: [pfSense Support] ICMP not Replying on Virtual IPs

Ron Lemon wrote: I have setup a rule to allow all ICMP types from any source any port to any destination on any port via any gateway. If I ping my WAN IP it responds correctly. My WAN link also has 6 Virtual Ips of type other configured. I can access the resources via NAT that are on thes

Re: [pfSense Support] problem report with default routes

I ran into this same issue just the other day for the first time installing a new box. I thought I was going insane. Randy, out of curiosity, what kind of NICs do you have in this box? -Gary Randy Schultz wrote: Hey there, This is just a report of a minor problem I've noticed. It's easy t

Re: [pfSense Support] cvs checkout: [17:59:49] waiting for root's lock in /home/pfsense/cvsroot/pfSense/usr/local/www/javascript/extjs/build/widgets/form

[EMAIL PROTECTED] wrote: does cvs have a problem? - Thorsten - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No, you do, as Scott said in his reply. Clean up the lock file. -

Re: [pfSense Support] Squid using RAM disk

Radio Tech wrote: Is there a way to make squid use RAM instead of hard drive for logs and cache? I can put 8 gigs of ram in a machine. I could put a hard drive if i really had to, but I would really like to not have to. If it is possible, can i get some basic instructions on what to do. Thank

Re: [pfSense Support] Load kernel error

Can I assume that this is an embedded device you're trying to upgrade? If so, this is a reported issue and has been discussed several times on this mailing list. Use the shell upgrade method provided or re-flash your CF card. Mike Lever wrote: While trying to upgrade to 1.2 using the webgui

Re: [pfSense Support] Doubt about link state changed in System Logs

It's annoying, but it doesn't affect anything. A ticket was opened by one of the devs who noticed this a few weeks ago, it'll get fixed, but don't panic, nothing's breaking. tester wrote: Hello, I've noticed those lines in syslogs after an ATA adapter rebooted while it was connected to an op

[pfSense Support] 1.2 - Its official

For those of you who haven't been hitting "reload" on the blog page all day, pfSense 1.2 has been officially released. This effort is the culmination of a HUGE effort on behalf of the pfSense development community. Lots of excellent fixes have made it into pfSense 1.2 check out the blog (http

Re: [pfSense Support] Does Captive Portal require Squid?

Radio Tech wrote: Hello all. I have used PFsense for years and love it. Yesterday I was trying to make Captive portal work for the first time. I was simply wanting it to work on the lan interface for anyone using the internet. I couldn't get it to work. I gave up and later that day I installed

Re: [pfSense Support] Load Balancer Question

The documentation site is very helpful in this regard: http://devwiki.pfsense.org/OutgoingLoadBalancing or http://devwiki.pfsense.org/IncomingLoadBalancing choose your poison. Joel Robison wrote: Hi ALL! I have a few questions about the load balancer function: 1. Can I round-robin udp packe

Re: [pfSense Support] Accessing my routers

Mike, You should simply need to point your web browser to the IP address of your LAN interface, or use SSL if you enabled that. On a typical install http://192.168.1.1 will get you there, or https://192.168.1.1 -Gary Mike Lever wrote: Hi , I seem to be getting somewhere. Just one more

Re: [pfSense Support] Basics of connecting 2 or more WAN ports

Mike, Item 1 is a FAQ. The answer is that pfSense only supports PPPoE on the primary WAN interface. All other OPT interfaces treated as WANs must use a device in front of them to negotiate the PPPoE connection and provide a static IP address. Load balancing is configured in the Load Balanc

Re: [pfSense Support] Multiple servers behind NAT'd firewall

This is a limitation of the current NAT reflection implementation. If this doesn't suit your needs, then you should consider a split-horizon DNS configuration instead. Oliver von Bueren wrote: Chris Buechler wrote: Trave Harmon wrote: Now when I telnet the public IP that the 1^st virtual is

Re: [pfSense Support] "Read error" when booting pfsense from cf.

Carl Lischke wrote: Hi. When i'm trying to install Pfsense from a CF-card i get the message "Read error", and i can't go around it, i'm stuck. What can i do to fix it? I'm in great need of a good router, so i really need help. Cry Greetings, Carl Carl, I believe this link ans

Re: [pfSense Support] Spanning tree support

Chris Bagnall wrote: Greetings list, Does anyone know if pfSense includes support for failover between two LAN interfaces? For example, one can provide high availability using CARP to create a virtual router IP failing over between 2 pfSense boxes, but that's not going to solve the problem o

Re: [pfSense Support] possible bug in filter rule replication

Paul M wrote: I've noticed that if I have a pair of firewalls - master/slave - and have a comment in the filter rules which contains a colon or a fullstop, they are replaced by spaces when the rules are replicated. is this a known bug? --

Re: [pfSense Support] Re: IPv6

As always, the best way to forward a project that you want to see done is to do the coding yourself and submit patches. The developers are always ready and willing (not to mention grateful) for submissions from the community. If that's not an option for you, I recommend starting a bounty in t

Re: [pfSense Support] commercial development services

Speaking to the second option, I can't recommend it enough. We have availed ourselves of the development services of a number of pfSense developers over the course of the past year or so (perhaps you've seen the CVS commits) and we can't speak highly enough as to their professionalism and the

Re: [pfSense Support] License

Speaking on behalf of the company doing the commercial support, I can safely say that I don't ever see pfSense becoming a for-pay solution. Scott, Chris and the other developers have always been very committed to the open source software community. The reason there is a commercial support opt

Re: [pfSense Support] Filtering, etc

Content filtering on pfSense is still a work in progress. There has been a lot of work done on a port of SquidGuard, but I haven't used it so I don't know how functional it is yet. There will be a more robust content filtering component coming later this year as part of Centipede Networks' co

Re: [pfSense Support] 1.2-RC2 beta1 -> 1.2-RC4 upgrade

Please stop spreading FUD (this is the second request). The firmware upgrade is working very well for almost everyone. You had a specific issue, we would have been interested to know the details of your issue so it could have been resolved. Simply because you, personally, had an issue doesn'

Re: [pfSense Support] vista_problem

Is the Vista machine able to see other devices on the network (ie: inside your LAN)? Is the networking configuration information for the Vista machine identical to the XP Pro machine? What shows up in the pfSense firewall logs? Have you used tcpdump to capture the packet traffic and ensure i

Re: [pfSense Support] Flash UPNP attack

Being that UPnP is generally a security-stupid protocol, if you're paranoid about such things, it would be a good idea to disable UPnP. I don't know if anyone has specifically tested this issue against pfSense, but I wouldn't be surprised if we're affected. Again, UPnP is a dumb protocol.

Re: [pfSense Support] Evenly share bandwidth

This is being fixed after version 1.2 is released. The work is already well under way. Ngawang Sangye wrote: Yes - I have a similar issue - LAN-WAN gets shaped. I can put some rules for OPT1 to WAN and that gets shaped but then OPT to LAN routes are also shaped which is not defined in an

Re: [pfSense Support] Port 80

Yes, LAN and WAN can be bridged. Hoos, Stephen wrote: Crazy me but, can you see the IIS box on port 80 from the LAN? Do you have the IIS box set up to answer on the public IP you are assigning it? Can you ping the box from the outside? I would give the IIS box a private address and use aliase

Re: [pfSense Support] Squidguard blocks all traffic

Since this is a package (and one that is currently still under development) the best way to file the bug is with the package maintainer. Christopher Iarocci wrote: I entered in a ticket because they are currently in RC status and I thought a bug should be reported in a timely fashion to avoi

Re: [pfSense Support] Static routes again

client, so it's making it as far as the pfSense box yet the static route to the remote network seems to be being ignored. Steve -Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: 14 December 2007 13:56 To: support@pfsense.com Subject: Re: [pfSense Support]

Re: [pfSense Support] Static routes again

Where 213.121.207.nnn is our regular DSL gateway) Any thoughts? With my static route in place I'd have expected traceroute to report trying to get to 192.168.3.253 and no further - as the VPN box isn't here yet - not trying to leave the building in the normal way? Thanks, Steve

Re: [pfSense Support] NTPD - Windows clients error with "Peer is not syncronized"

Steve Harman wrote: Hi! We just updated to 1.2 RC3 from 1.01 and I was delighted to see OpenNTPD is now available. I’ve enabled it on two of our LAN interfaces but when I attempt to have Windows XP sync-up via its date & time control panel I’m told “The time sample was rejected because; Th

Re: [pfSense Support] Static routes for a VPN - it's probably simple but....

Steve, You really should not be running 1.0.1 anymore for production. There have been literally thousands of bugs fixed (including a number of them within the VPN implementations) and pfSense has had RCs out for quite some time. Before you go too far down this road, you should really upgrade.

Re: [pfSense Support] 1:1 at wits end

Russ, It sounds like you're vastly over-thinking this. Setting up a 1:1 NAT is relatively straightforward. 1) Create a VIP (type CARP or type Proxy ARP) this is a VIP attached to your WAN and should reflect a public (see also: routable) IP address that the Internet will use to contact the m

Re: [pfSense Support] Checkin 20231

Ron Rosson wrote: Bye setting the time to check the bogons file at 2am this will prevent the check from happening in the spring time and it will happen twice in the fall. -Ron -- Ron Rosson [EMAIL PROTECTED] http://www.oneinsane.net Beg pardon? How do you figure t

Re: AW: [pfSense Support] IPSEC with no static ip addresses

also, NAT-T is not supported in the current version of pfSense. This will be fixed after 1.2 is released. Fuchs, Martin wrote: Due IPSec is not supported officially to run between 2 dynamic adresses, pfsense does not support it… Have a look in the forum, there are some approaches… *Von:* Q

Re: [pfSense Support] Squid transparent proxy and traffic shaping

Andrew, Traffic shaping and squid don't play nicely together. There are no current plans to fix this. -Gary Android Andrew[:] wrote: Hello all! Thirst of all I want to thank you for excellent product - you've done very necessary and useful job! I've built a router on basis of pfsense w

Re: [pfSense Support] Sluggish network performance

Wade, FYI, you don't have enough memory to handle 1,000,000 states. When last I checked, each state took somewhere between 1k and 3k memory. Having your maxstates set to 1,000,000 doesn't hurt, but if you actually open up more states than your box can handle, you'll be a sad panda. -Gary

Re: [pfSense Support] anyone noticed slowdown in RC1 or RC2?

Jonathan Horne wrote: i have a client, who has been running pfsense since january. i recently updated him to 1.2-RC1, and since then, his internet browsing for his site has been really poor. when a browser is opened, the initial connection to the site takes 10-15 seconds, then the site starts

Re: [pfSense Support] Anti-Spam & Anti-Virus?

Steve Harman wrote: Hi! Could someone update me on where things are (if anywhere!) with AV or AS provision inside pfSense please? Is there a 3^rd -party package or internal facility under development at all? Thanks, Steve Centipede Networks has sponsored the creation

Re: [pfSense Support] Filtered bridge vs 1:1 NAT advice

be a bit outdated on my knowledge of this... but last time I checked... in a bridged situation, LAN clients were unable to access anything on the bridged interface. Has this changed? Tim Nelson Technical Consultant Rockbochs Inc. - Original Message - From: "Gary Buckmaster" &l

Re: [pfSense Support] Filtered bridge vs 1:1 NAT advice

Denny, We currently use a 3-NIC, bridged DMZ setup for our firewall here. This solution works very well for the large number of Internet facing servers. The benefits are exactly what you mentioned and there is no performance issue at all. LAN clients can access the DMZ servers without any

Re: [pfSense Support] performance on a PE860

jamona perez wrote: Hi, I know this topic comes over regularly, but searching through the archives, thread often ends with "I'll post the results", but... So here is my question : I plan on getting a pair of Dell PE 860 for building a high-availability high-performance transparent firewall. I

Re: [pfSense Support] 1.0.1 Log Issues

Scott Williamson wrote: I tried right after upgrading to 1.0.1. Whenever I told it to upgrade, I just got a "page cannot be displayed" error. You'll probably have to go with a fresh install of 1.2-RC1. On the plus side, your config file *should* still work fine so you'll limit the downti

Re: [pfSense Support] 1.0.1 Log Issues

Scott Williamson wrote: I just upgraded to 1.0.1 from a 1.0 beta. I have noticed looking at the Firewall logs that I am showing I am dropping a lot of packets that I have rules built to allow. I have not had any problems with communication through the firewall so I believe it is just false

Re: [pfSense Support] Issue with squidlogs not rotating

Igor Parsadanov wrote: Hello, I have lightsquid and squid installed, and I have lightsquid set to rotate logs, but it doesn't do it. After looking at the cron job this is what I found the crontab entry to say: 0 0 * * */1 root/usr/local/etc/squid /usr/local/sbin

Re: [pfSense Support] bandwidthd

I hear this question come up just about every day and frankly it frustrates me greatly. We've been using pfSense in production since pre-version 1. We've had 1.2-Beta snapshots in production load balancing a database cluster which handles 35 million requests daily, and which is responsible fo

Re: [pfSense Support] Revised 1.2 beta 2 with IPSEC fix

Karl DeLyria wrote: Where can I find it? Karl DeLyria Metaskills Consulting 221 SW Texas St. Portland, OR 97219 503-245-4190 503-816-1127 cell - To

Re: [pfSense Support] Best setup for a colocation

It should also be noted that CARP doesn't work with bridged interfaces, so if you want CARP (which for a data center environment, you probably do) you'll want to use the setup that Chris suggested. Chris Daniel wrote: If you think you will ever need failover using CARP, 1:1 NAT with virtual I

Re: [pfSense Support] 1.2 beta 1 on CF

Don't install the developer edition on a CF-system. Karl DeLyria wrote: How, Do I keep the compact flash from filling up with developer stuff? I reloaded it twice thinking I left a capture on or my logs were overly active. Karl DeLyria 221 SW Texas St. Portland, OR 97219 503-245-4190 503-816

Re: [pfSense Support] Partitioning question

Roberto Greiner wrote: Hi, I;m trying to install 1.2Beta in a test machine that already has other systems installed (a Debian 4.0). The problem I'm having is that in the partitioning step, the installer does not accept the size of the linux partitions, saying that they are not a multiple of 1008

[pfSense Support] Virtual IP Type "other"

I know this has been discussed before, but I can't find the relevant discussion and apparently its becoming an issue in the support IRC channel. Can someone provide an explanation of what the "other" Virtual IP type is, and what its use is? Several times now, people have tried to set up 1:1 N

Re: [pfSense Support] Remote Traffic Monitoring

Many managed switches also allow you to specify a monitor or span port. You may then capture any/all traffic running across your switch backplane on that port. Idea for IDS applications or whatever it is you're wanting to do with all that traffic. Keep in mind that it takes a lot of resource

Re: [pfSense Support] pfSense Hanging...

This is a shot in the dark, but is there a chance that you're on a PPPoE (or similar) connection, even with a statically assigned IP? Is there a chance that your connection becomes dormant enough for your ISP to time out your connection, obligating you to "re-dial"? Tortise wrote: Thanks Ch

Re: [pfSense Support] help to config dmz

Echo what Tim said. Given this new set of information about your network setup, 1:1 NAT would be a much more appropriate choice for this particular network. PS... I opted for 1:1 rather than bridging. This gives the servers public addresses, but also allows me to expand in ways not possible

Re: [pfSense Support] help to config dmz

I believe the tutorial linked in a previous email addresses this. You can do one of two things. Either you bridge OPT1 to WAN and then all the machines in your DMZ will have public-addressable IP addresses, or you'll want to configure 1:1 NAT. Either solution will work, it just depends on yo

Re: [pfSense Support] squid cache to 2nd HDD

Mohd Saidy wrote: Hi, Need to know how to. How can i save all cache (squid) file to second HDD. Sorry for dummy question. TQ -saidy- This question is best answered by reading the squid documentation on the squid website. Look up the cache_dir directive for squid.conf and the answer should

Re: [pfSense Support] Need help

Marco Vinella wrote: I need to have some information about configuring pfSense's proxy. We have a LAN Active Directory (W Server 2003) managed. We have to filtering internet (WAN), from LAN, access with pfSense's proxy. We want to authorize only Users which are in a specific Active Directory's

Re: [pfSense Support] Group and User Management

Holger Bauer wrote: This will be a feature of 1.3 (like the dashboard) as well. However we are using our own implementation, not the one m0n0 has. Holger From: Mohd Saidy [mailto:[EMAIL PROTECTED] Sent: Thursday, May 10, 2007 10:23 AM To: support

Re: [pfSense Support] Inbound Loadbalancing problem - SOLVED

Bill Marquette wrote: On 4/24/07, Gary Buckmaster <[EMAIL PROTECTED]> wrote: This issue turned out to be primarily a configuration problem, although it serves as a good lesson for others to learn from so I'll post the reply for the sake of posterity. We currently have 16 web

Re: [pfSense Support] Inbound Loadbalancing problem - SOLVED

wrote: Both boxes are likely polling the web servers in question, hence the traffic from both machines. You might confirm that you have rules loaded to allow this traffic. --Bill On 4/24/07, Gary Buckmaster <[EMAIL PROTECTED]> wrote: Prior to trying to install this into production, I had

[pfSense Support] Inbound Loadbalancing problem

Prior to trying to install this into production, I had this entire scenario working perfectly in a test environment. Something, it seems, has changed between testing and production. I have a cluster of 15 web servers which I intend to load balance with a CARP'd cluster. I've created a CARP V

Re: [pfSense Support] Log Rotation

Diego Morato wrote: Hi All, I would like to know how pfsense rotate the log files, how days it is stored and how do I configure this. I need to know this because we have auditors that from time to time do audits in this logs. In other systems I rotate the logs monthly and keep in HD for 24

Re: [pfSense Support] Latest SNAPs

David Strout wrote: Getting back into it here and I have been looking to grab the latest SNAP and test it in the lab ... but they seem to have disappeared fron Scott's dir. Can someone point me to them? -- David L. Strout Engineering Systems Plus, LLC As has been discussed myriad times before

Re: [pfSense Support] Need to know

saidy wrote: Hi, 1. How to make/confiigured a multiple LAN (ie. 172.168.x.x and 192.168.x.x) with one WAN connection. 2. How to make network available in time configured (ie. User allow to surf to internet within office hour 8am until 6pm) Thank you ---

Re: [pfSense Support] Logoff Capability

Vaughn L. Reid III wrote: I'm not sure this is the correct forum for this sort of item, but I'll ask anyway. Is there any sort of extension available to provide a logoff capability from the web gui? I need this capability for HIPAA compliance. If not, how would I go about offering a bounty to

Re: [pfSense Support] Does pfsense support a 100Mbps WAN ?

Alexandre Blardone wrote: Hello, I am currently running PFsense on a LinITX FX5620 6 NIC Firewall. I have a 20Mbps WAN and 3 gigabit local subnets connected to it. I am going to upgrade our WAN to 100Mbps and i was wondering if pfsense coud support such a speed for WAN ? is my linitx box going

Re: [pfSense Support] Squid Access Denied

and 172.25.0.0, both get the same thing. Thanks Tim - Original Message ----- From: "Gary Buckmaster" <[EMAIL PROTECTED]> To: Sent: Monday, October 23, 2006 9:43 AM Subject: Re: [pfSense Support] Squid Access Denied Tim, I'm not sure where you're seeing that yo

Re: [pfSense Support] Problem with SQUID after fresh install of 1.0-RELEASE

See the previous thread regarding solving "Access Denied" issues in squid. Ken Bringa wrote: Hello, Thanks to all for the work being done on this terrific application. I had squid working on previous releases and through upgrades to 1.0. After 1.0 was released, I decided to do a fresh instal

Re: [pfSense Support] Squid Access Denied

. Create the acl where? sorry for the newbie questions - I have configured Squid in the past on a linux box and managed to make it work but Im ashamed to say it was from a specific how to. Thanks Tim - Original Message - From: "Gary Buckmaster" <[EMAIL PROTECTED]> To:

Re: [pfSense Support] Squid Access Denied

Tim, By default, squid will block everything. You need to create an ACL for your LAN subnet(s) to allow access. Add the ACL and you should be good. -Gary Tim Roberts wrote: Sorry in advance - I've plundered around and read the post from a ways back that some of the packages were broken, bu

Re: [pfSense Support] System overload

Were you trying to run captive portal on the LAN interface or something along those lines? The issue you described sounds a little like you had captive portal enabled and all your outbound traffic was bouncing up against it. This would account for all the lighty and php processes you were see

[pfSense Support] Information Request - Second attempt

Kevin, Per our last conversation, I am still trying to solicit the necessary information from you regarding your network so that my staff and I can try to diagnose the problem you're experiencing with your ESS. I have not, as yet, seen a response from you or your staff. I remind you that I

Re: [pfSense Support] transparent proxying

Also, upgrade your pfSense box. Beta4 is very out of date. Holger Bauer wrote: Add a portforward at interface OPT2, external adress any (not interface adress), protocol TCP, external port range 80, NAT IP proxy at OPT6, local port 80. Save, apply. Holger -Original Message- From

Re: [pfSense Support] RC2 ?

Actually, that won't work. The proper incantation is: "fetch -q -o - http://www.pfsense.com/~sullrich/update_to_rc2a.sh | sh -" More information is helpfully provided by Scott here: http://forum.pfsense.org/index.php/topic,1820.0.html Holger Bauer wrote: run "fetch -q -o http://www.pfsens

Re: [pfSense Support] HAVP

HAVP and ClamAV have both been marked as Alpha software and should be treated as such. To the best of my knowledge, HAVP is currently broken and will not install, but Raj (the package author) has been busy and unavailable to chase down the problem. -Gary Ryan Rodrigue wrote: Does anyone kn

Re: [pfSense Support] Does pfSense work on SPARC32/SPARC64?

This has been answered repeatedly in the mailing list. Kyle Mott wrote: Hi, I think I already know the answer to this, but figured I'd ask anyways. Does pfSense work on SPARC32/SPARC64 platforms? -Kyle - To unsubscribe, e

Re: [pfSense Support] Can't get basic routing to work.

That's the whole point. Please read the documentation, and research 1:1 NAT to see why it will work for this purpose. A. Jones wrote: I can't set up a 1:1 as the wan interface is on a different subnet than my lan interface From: "Tim Dickson" <[EMAIL PROTECTED]> Reply-To: support@pfsen

Re: [pfSense Support] clamav RC2

If they're broken now, they were broken then. No packages have suffered any regression (at least not yet). ClamAV and HAVP are both known to be broken at this time. There are reports that Scott's recent patches have brought Squid to a working state. SpamD works great! Nick Smith wrote: Ho

Re: [pfSense Support] Bridged Multi-Wan Load Balancing Failover

Scott Ullrich wrote: On 8/3/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: Aren't those Opteron based? If so, then you're out of luck, because pfSense is currently not an x64 platform. Opterons will run just fine on 32 bit as well as 64 bit. One of our builder servers i

Re: [pfSense Support] Bridged Multi-Wan Load Balancing Failover

RE: [pfSense Support] Bridged Multi-Wan Load Balancing Failover 1:1 Nat Accept ALL:ALL? There are 10 types of people in this world, those who can read binary, and those who cannot. -----Original Message- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: Thursday, August 03, 2006 9:44 AM

Re: [pfSense Support] Bridged Multi-Wan Load Balancing Failover

Scott, Bridging and CARP don't play nicely together, so you're going to have to go another route. -Gary Scott Williamson wrote: Ok so here is the question, I have 2 Wan Links Sprint 3MB connection and Verizon 1.5 MB connection. I am wanting to Load Balance across both connections and use a

Re: [pfSense Support] Bridge with sinproxy

It's Synproxy, and it does not work with bridges. -Gary Carlos Silva wrote: Hello all. A want to use Sinproxy Rule State with Bridge. It is possible? How I configure rules SINPROXY in my pfsense with bridge? Thanks, Carlos [EMAIL PROTECTED] casmedia at gmail

Re: [pfSense Support] Can we do Source NAT'ing?

e following 1:1 mapping: 192.168.100.122 -> 10.20.100.122 And added a rule to allow any from WAN -> 10.20.100.122, any protocol. Still can't get to it, :< -Kyle Gary Buckmaster wrote: On pfSense its called 1:1 NAT and it works swimmingly. Kyle Mott wrote: Hi, Quick questi

Re: [pfSense Support] Can we do Source NAT'ing?

On pfSense its called 1:1 NAT and it works swimmingly. Kyle Mott wrote: Hi, Quick question, is it possible to do SNAT somehow that I'm just not thinking of? IE, 192.168.100.122 VIP on the WAN -> 10.20.100.1 (Interface IP of LAN), so when connections are made to other hosts in the LAN networ

<    1   2   3   >