Le 2010-01-13 09:49, Chris Buechler a écrit :
On Wed, Jan 13, 2010 at 12:59 AM, David Newman wrote:
On 1/12/10 9:51 PM, Ugo Bellavance wrote:
On 2010-01-12 23:56, Chris Buechler wrote:
On Tue, Jan 12, 2010 at 11:50 PM, Ugo Bellavancewrote:
Hi,
I'm running pfsense 1.2.2 on a pent
On 2010-01-12 23:56, Chris Buechler wrote:
On Tue, Jan 12, 2010 at 11:50 PM, Ugo Bellavance wrote:
Hi,
I'm running pfsense 1.2.2 on a pentium 4, 3.0 ghz, 1 GB RAM. HDD install.
When I start a download from a nearby centos mirror, directly from the
firewall (using fetch), I get the
Hi,
I'm running pfsense 1.2.2 on a pentium 4, 3.0 ghz, 1 GB RAM. HDD install.
When I start a download from a nearby centos mirror, directly from the
firewall (using fetch), I get the full bandwith available from my ISP
(60 mbps). However, If I try to download the same file from the same
ser
ttp://www.Typo3USA.com> *
Ohio NOC | 317 South North Street | Washington CH OH 43160
*Skype Messenger*: vinehosting
Email: gl...@typo3usa.com
<mailto:gl...@typo3usa.com>
Phone: 740-490-8668
Pplease don't print this e-mail unless you really need to.
On Jan 3, 2010, at 4:51 PM, Ugo Bellavan
On 2010-01-03 16:07, Glenn Kelley wrote:
This should help
http://doc.pfsense.org/index.php/How_can_I_monitor_bandwidth_usage%3F
We measure from the switches themselves vs pfsense.
This helps a great deal -
Makes sense, but since almost all of our clients are wireless, I think
the netflow app
Hi,
I'm looking for a way to do bandwidth monitoring and accounting, and
ideally, control.
Basically, I'd like to be able to monitor how much bandwith my internal
users are using, an be able to bill them if they go over x GB/month.
Ideally, if I could limit everyone to 7mbps/IP address, it w
On 2009-12-28 04:18, Michel Servaes wrote:
I was wondering, and am going to try this, this evening... how would an
embedded-install go onto a normal pc system ?
I downloaded the 2.0 Beta, physdiskwrite'ed it to a CF card of 2GB
Going to place it in the CF to IDE adaptor (where monowall currentl
On 2009-12-23 02:19, Koray AGAYA wrote:
Hi
I use dashboard Have a error WAN Interfaces Statistics. I analysed
system log but I dont view anything What is the problem Where can I
learn "What is Problem" Where can I look ?
I'd only worry about it if ther number of errors was increasing
signific
On 2009-12-14 22:17, Chris Buechler wrote:
On Mon, Dec 14, 2009 at 10:53 AM, Scott Ullrich wrote:
On Sun, Dec 13, 2009 at 7:49 PM, Ugo Bellavance wrote:
Hi,
http://doc.pfsense.org/index.php/NanoBSD_on_WRAP
Has someone done the first step what would be kind enough to put the
resulting image
Hi,
http://doc.pfsense.org/index.php/NanoBSD_on_WRAP
Has someone done the first step what would be kind enough to put the
resulting image available for download? I worked a few hours on this
before discovering that article, and I don't have much time to setup a
separate freebsd/pfsense box t
Hi,
I upgraded the hardware of one of my pfsense, and all I had to do was
documented (install PfSense, copy the config file, change the interface
name because of the different nics in the new server) and it all worked
well. It started working about 5 minutes after I booted the new server.
Bill Marquette a écrit :
On Mon, Nov 2, 2009 at 1:32 PM, Vick Khera wrote:
On Sun, Nov 1, 2009 at 9:12 PM, Ugo Bellavance wrote:
3com 905 (xl)
I'd put this on your WAN and the intel on the LAN. 3Com have been
well support in FreeBSD (and even in the original 4.2BSD before that)
fo
Vick Khera wrote:
On Sun, Nov 1, 2009 at 9:12 PM, Ugo Bellavance wrote:
3com 905 (xl)
I'd put this on your WAN and the intel on the LAN. 3Com have been
well support in FreeBSD (and even in the original 4.2BSD before that)
forever.
For a long while, back in the early early days of
Morgan Reed wrote:
On Mon, Nov 2, 2009 at 13:12, Ugo Bellavance wrote:
To set replace an old pfsense box, I bought a PC with an Intel
Pro/1000 NIC onboard (em). In my inventory, I have a 3com 905 (xl) and a
Dlink 538-tx (rl). Which one of th 3com or Dlink should I use to make sure
I
Chris Buechler wrote:
On Sun, Nov 1, 2009 at 9:06 PM, Ugo Bellavance wrote:
Chris Buechler wrote:
On Sat, Oct 31, 2009 at 10:57 PM, Tim Dressel wrote:
This is the exact issue I had with the PRO100's. I never tried
disabling TSO or applying the patch.
http://security.freebsd.org/advis
Hi,
To set replace an old pfsense box, I bought a PC with an Intel Pro/1000
NIC onboard (em). In my inventory, I have a 3com 905 (xl) and a Dlink
538-tx (rl). Which one of th 3com or Dlink should I use to make sure I
have the best performance? The setup is 1 wan (internet), 1 NIC for
insi
Chris Buechler wrote:
On Sat, Oct 31, 2009 at 10:57 PM, Tim Dressel wrote:
This is the exact issue I had with the PRO100's. I never tried
disabling TSO or applying the patch.
http://security.freebsd.org/advisories/FreeBSD-EN-09:03.fxp.asc
That was a regression in 7.2. It's not applicable to
Evgeny Yurchenko wrote:
Hi!
I have two pfSense boxes connected to the same net segment where we have
4-10Mb/s (up to 5kps) stream of small udp multicast packets.
pfSense1 is connected to this segment via VLAN (em3) - this pfSense is
overloaded.
pfSense2 is connected to this segment via LAN inte
Chris Buechler wrote:
On Sat, Oct 31, 2009 at 10:39 AM, Ugo Bellavance wrote:
Hi list,
We're currently running PfSense 1.2 on a white-box PC, that costed
nothing... P4 1., 1G RAM, HDD install. Nics: vr (WAN), fxe (3 vlan LAN).
Very robust up to now.
Even the lowest end P
Tim Dressel wrote:
I've run on a few x3400 and x3500's if you are all about IBM. They run
well, but you will have more stability by throwing in some GT class
intel giganics even if you are running low traffic.
Hi,
I know HP better... The list was mosty IBMs because by coincidence.
I don't kno
Hi list,
We're currently running PfSense 1.2 on a white-box PC, that costed
nothing... P4 1., 1G RAM, HDD install. Nics: vr (WAN), fxe (3 vlan
LAN). Very robust up to now.
We're only running the traffic shaper and BandwidthD as add-ons and the
cpu seems to be maxxed out. It is only used
Paul Mansfield a écrit :
Ugo Bellavance wrote:
In fact, I tried fixing it on the PfSense (the client asked me to
try...), without changing the switch (on which I have no control). But
if my PfSense is choosing 100basetx half, does that mean that the switch
is auto-sense? Just curious
Curtis Maurand a écrit :
I've found that if you manually configure your (the pfsense) interface
connnected to a cisco switch to full duplex, the cisco will adjust. For
whatever reason, cisco switches tend to default to half duplex during
the negotiation. Go figure.
It wasn't the case here
Paul Mansfield a écrit :
Ugo Bellavance wrote:
running on a P4 1.4, Hard-drive install, 1 GB RAM. WAN is vr0 and Lan
(vlan0, vlan1 and vlan2) is on fxp0. WAN is auto-sense, and ends up
100baseTX (half-duplex, I guess) and fxp0 is 100basetx .
...
1699614 collisions. That doesn't soud
Curtis LaMasters wrote:
I've seen this a few times on Cisco switches; telnet to the switch and
look at the interface that is connected to the pfSense box (show int
fastethernet 0/#) and see if it is running at full or half duplex. If
it's half, then manually set the interface to full duplex wi
Ugo Bellavance wrote:
Hi,
I'm trying to troubleshoot a problem on a PfSense 1.2-RELEASE,
running on a P4 1.4, Hard-drive install, 1 GB RAM. WAN is vr0 and Lan
(vlan0, vlan1 and vlan2) is on fxp0. WAN is auto-sense, and ends up
100baseTX (half-duplex, I guess) and fxp0 is 100b
Hi,
I'm trying to troubleshoot a problem on a PfSense 1.2-RELEASE, running
on a P4 1.4, Hard-drive install, 1 GB RAM. WAN is vr0 and Lan (vlan0,
vlan1 and vlan2) is on fxp0. WAN is auto-sense, and ends up 100baseTX
(half-duplex, I guess) and fxp0 is 100basetx . vr0 is
connected directly in
Chris Bagnall a écrit :
We are currently using vlans because we have VoIP services going through
this and different kind of users. Everything is working OK as of now.
However, the max bandwidth of one WiFi link like that is about 10 mbps.
To increase the total bandwidth, we want to add another
Michel Servaes a écrit :
I can only think of using a switch, being capable of port bonding...
802.3ad capable switches like HP Procurve 1800's can link multiple ports
for better speed.
Don't know how they end up, using wireless bridges though ;-)
Thanks for your input, but the last line is al
Sorry for top-posting, but I realize this is OT. If anyone knows where
I should I ask my question, please let me know.
Ugo
Ugo Bellavance wrote:
Hi everyone
We are using pfsense to protect some kind of WiFi campus.
Here is the current setup:
Building 1 [PfSense -> Netgear switch ->
Cozma Szabi a écrit :
It looks that the solution was a network card change. Now it looks fine.
(i hope that it will work in the future also)
Thank you for everyone for the support!
A NIC that supports vlan tagging or jumbo frames is required to work
with vlans.
Regards,
Ugo
-
Hi everyone
We are using pfsense to protect some kind of WiFi campus.
Here is the current setup:
Building 1 [PfSense -> Netgear switch -> WiFi Antenna (1)] -> RF ->
Building 2 [WiFi Antenna -> Netgear switch -> Client computers]. We
have a few buildings that are all connected to the central
Paul Cockings wrote:
I came across this issue yesterday with Vista Basic Machine SP1, but
using a ZyXEL P-660HW adsl modem/router as the DHCP server. The Vista
machine would get an address from the router if a wired connection was
using, but refused via the wireless card. Setting a static a
Paul Mansfield a écrit :
Ugo Bellavance wrote:
I would recommend trying tcpdump, if nothing else to be sure that the
...
Funny, I only see Requests... But in the logs I see offers, acks, etc.
I'll double-check my tcpdump settings another time.
# tcpdump -e -i sis0 -n -s 1500 port 67 or
Paul Mansfield wrote:
Ugo Bellavance wrote:
Paul Mansfield wrote:
Ugo Bellavance wrote:
The DHCP server on my pfsense seems to be working intermittently,
especialy over WLAN. In the logs, I can see the DHCPDISCOVER, the
DHCPOFFER, but no REQUEST nor ACK. The wireless antenna is working
Paul Mansfield wrote:
Ugo Bellavance wrote:
The DHCP server on my pfsense seems to be working intermittently,
especialy over WLAN. In the logs, I can see the DHCPDISCOVER, the
DHCPOFFER, but no REQUEST nor ACK. The wireless antenna is working with
do you mean that if you run tcpdump on
Hi,
The DHCP server on my pfsense seems to be working intermittently,
especialy over WLAN. In the logs, I can see the DHCPDISCOVER, the
DHCPOFFER, but no REQUEST nor ACK. The wireless antenna is working with
other access points. With a static IP address, the wireless network
works flawless
Tim Dickson wrote:
Yes ;)
Thanks a lot for your very fast reply :).
Ugo
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Tim Dickson wrote:
Yes
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Chris Buechler wrote:
Ugo Bellavance wrote:
Hi,
Is there a way to make it possible to have computers behind a
Natting pfsense to connect to a PPTP server on the net? More than one
concurrent PPTP connection?
http://www.pfsense.org/index.php?option=com_content&task=view&id=40&a
Ugo Bellavance wrote:
Hi,
Is there a way to make it possible to have computers behind a
Natting pfsense to connect to a PPTP server on the net? More than one
concurrent PPTP connection?
I forgot to add that we're using PPTP to connect remotely. We could
probably find another w
Hi,
Is there a way to make it possible to have computers behind a Natting
pfsense to connect to a PPTP server on the net? More than one
concurrent PPTP connection?
Regards,
Ugo
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
Chris Buechler wrote:
On Wed, May 7, 2008 at 7:49 PM, Ugo Bellavance <[EMAIL PROTECTED]> wrote:
Ease of setup is usually the reason. The main reason of the warning is
that it is possible to use PPTP with no or very weak encryption.
Sure, the issue isn't the output itsel
Vivek Khera wrote:
This one is precious:
Description:
The remote host appears to be running a PPTP (VPN) service.
This service allows remote users to connect to the internal network and
gain a trusted user role. This service should be protected with a strong
encryption scheme like IPSEC. By
Michel Servaes wrote:
I was intrested in this application, since it filters out P2P traffic.
I have some collegues which I am sure that they take over their computer
at home, and do a lot of P2P'ing... I want to have an overview of this
situation !
I have pfSense 1.2 installed, which works fi
David Rees wrote:
On Wed, Mar 5, 2008 at 6:05 PM, Curtis LaMasters
<[EMAIL PROTECTED]> wrote:
Hard drives are cheap, RAM isn't. What are you actually trying to achieve?
Parsing the logs on a disk isn't very time consuming. Interesting idea
though.
I suspect that he is trying to eliminate a c
Hi,
I tried installing IPv6 on my XP system, which is using pfsense as DNS
server. While IPv6 is installed on the machine, dns queries are very
long (as I think it asks for an before an A). If I use my ISP's
DNS server, there is no problem. I don't mind not using IPv6 for now,
but so
Jason J. Ellingson wrote:
I see on my RRD graphs for traffic (haven't looked elsewhere yet)...
that the last 6 month graph is showing "Nov" twice and skipping "Feb".
At the bottom of the graph, I see:
Sep Oct Nov Nov Dec Jan Mar
Perhaps just mine doing this? I had this pfSense box offli
Hi,
One of my Pfsense is behaving a little weirdly, the PPTP firewall rules
don't seem to apply correctly. As I was trying to figure out what could
be the problem, I noticed that there was NGx interfaces (NG1 and NG2).
By looking at the output of ifconfig i found out that it looks like the
Ermal Luçi wrote:
Log to pfsense though ssh.
pkg_add -r rate
than: rate -i {interface_to_monitor} -R (or similar) it should have
even an option to do ranking to show your most hungry host.
Anyone found the switch to see that? I tried -A, but then it asks for a
-c class, and when I use it, it
Günter Warfmeier wrote:
Hi,
I'm experiencing issues when using snort:
It produces very high load on CPU (89-99%) and mem (even worse, it
causes swapping) and after a while it terminates. My machine is a
[EMAIL PROTECTED] with 640MB of ram.
I tried disabling most rulesets but that doesn't chang
Günter Warfmeier wrote:
Hi,
I'm experiencing issues when using snort:
It produces very high load on CPU (89-99%) and mem (even worse, it
causes swapping) and after a while it terminates. My machine is a
[EMAIL PROTECTED] with 640MB of ram.
I tried disabling most rulesets but that doesn't chang
Hi,
A question about the captive portal. I'm looking for a way to disallow
concurrent user logins. However, most customers will use MAC address
for authentication, so if I disallw concurrent user logins, they can
still access the 'net from the MAC address and give their
username/password t
Hi,
Would it be possible to make bandwidthd listen on more than one
interface, like darkstats?
Regards,
Ugo
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi,
I've seen that microtik has an option of using cookies to authenticate
users (captive portal). Is there something similar in pfsense? I'm
thinking about using the captive portal for auth of subscribers to a
WiFi service, but I'd rather not have them enter their credentials
everytime th
Jonathan GF wrote:
Hi Ugo,
you question, even easy to answer don't have a perfect answer. It
depends on what you expect of your network.
Well, of course we can't use simple WPA2 since they will be paying.
In my case i use WPA2-Personal at home with PSK and 802.1X at work, both
with pfSens
Tim Dickson wrote:
As a general rule you want to "block all" and then allow the services you
want.
This way you aren't left with any "oops forgot to block that one" mistakes.
Makes sense.
But really, it's your firewall and you can manage it how you see fit!
I know, but even if I'd liked to,
Hi,
We're planning on deploying a few access points to offer a wireless
service (not free). We're thinking about authentication right now and
we're going to be using PfSense as firewall. What are the pros and cons
of the different auth methods? The authentication will only be required
for
Ermal Luçi wrote:
It's just performance usually.
Ok, so I guess that the OS has to work harder with a fxp than with a bge
because it must process the VLAN tagging instead of the NIC.
Ok, thanks for the info :).
Ugo
On Feb 3, 2008 4:38 AM, Ugo Bellavance <[EMAIL PROTECTED]>
e to/from the
other subnets?
Regards,
Ugo Bellavance
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi,
I'm wondering about the difference between using, for example, a fxp
NIC (intel) compared to a bge NIC for VLANs.
fxp supports long frames, while bge supports VLANs natively. What is
the difference? VLAN is managed by the NIC for the bge and by the OS
with an fxp?
I've set up 2 vlan
Ronald L. Rosson Jr. wrote:
Has nyone had any issues with a NET5501 and pfsense? Either with a HD or
CF install?
Anyone has benchmarks about NET55xx or Alix boards? I'm currently using
a regular PC for a firewall for a 30-40 mbps link (burstable to 100mbps)
and I'm looking to change it event
Javier León wrote:
Let me be more specific. The install the image in the flash with
phydiskwrite. Boots perfectly in the FabiaTech model FX5620, assign the IP
address of the lan and I connect via the web to pfsense perfectly. After 5
minutes, the system is blocked. I thought they could be fabiate
Curtis LaMasters wrote:
Now that I think about it, there are lots of ways to interpret that but
my meaning was for businesses, I would basically do an in line
transparent firewall much like this example:
http://pfsense.trendchiller.com/transparent_firewall.pdf
For the normal firewall deployme
Vivek Khera wrote:
On Jan 25, 2008, at 1:46 PM, Anil Garg wrote:
I have a machine with 1GB of Ram on which I wish to install pfsense
1.2rc4.
Does anyone know how to disable paging after installation since we
have much more memory than we need.
Essentially, is there a way to run pfsense en
Curtis LaMasters wrote:
I would personally do a filtering bridge to avoid administrative
overhead when dealing with businesses, but if these were for homes, then
a normal firewall implementation would be just fine.
Ok, can you define the difference between your definition of filtering
bridge
Hi,
I may have to configure a PfSense for use of a small ISP (300 users).
They are providing Wireless service. Their equipment will have private
addressing and the end clients will probably have public IP addresses.
Do I have to set the firewall as filtering bridge to simply block port
25 o
Hi,
Has anyone set up the dhcp server on pfsense so that Polycom phones can
get their config (ftp/tftp).
Regards,
Ugo
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Vidit Gupta wrote:
Hi,
I have two broadband connections (ADSL modem installed). Both the
connections (1 Mbps on Wan 3 port and 256 Kbps on Wan 1port) have been
deployed on the router (Linksys RV016). Sometimes window box appeared
frequently with the following error message on the few mach
Steve Harman wrote:
Hi!
\\ pfSense 1.0.1
Following tips from the support list (thanks!) I downloaded
1.2RC3-Embedded from one of the mirrors listed at
http://pfsense.loquefaltaba.com/downloads/ and went ahead with the
following:
pfSense > Firmware > Enable Firmware Upload > [brow
Kevin Foo wrote:
Ugo,
Perhaps you could try sysutils/cciss_vol_status for volume status and
sysutils/smartmontools with ciss support for drive health status.
Not sure where you can find those packages for Pfsense.
I got it here: http://ftp.jp.openbsd.org/pub/FreeBSD/ports/packages/Latest/
Jaye Mathisen wrote:
Camcontrol is part of the base OS, I would think that it wouldn't
be too hard to add it to the image.
Or just copy it on there from another FreeBSD box.
I only manage linux boxes, except pfsenses. Could anyone integrate it
in RC4 or send me the binary?
Regards,
ugo
Rainer Duffner wrote:
Am 03.12.2007 um 21:41 schrieb Scott Ullrich:
On 12/3/07, Bill Marquette
<[EMAIL PROTECTED]> wrote:
You might ask this on one of the FreeBSD mailing lists, I'm not sure
if it's possible to get this info in FreeBSD or not.
Depends on the card in question, etc. Please a
ense.com
Subject: Re: [pfSense Support] Monitor raid status ciss
You might ask this on one of the FreeBSD mailing lists, I'm not sure
if it's possible to get this info in FreeBSD or not.
--Bill
On Dec 3, 2007 12:03 PM, Ugo Bellavance <[EMAIL PROTECTED]> wrote:
Hi,
How could
Hi,
How could I check if there is failed drive on my server? It's using
the ciss driver.
ciss0: port 0x4000-0x40ff mem
0xfdf8-0xfdff,0xfdf7-0xfdf77fff irq 16 at device 8.0 on pci11
da0 at ciss0 bus 0 target 0 lun 0
da0: Fixed Direct Access SCSI-0 device
da0: 135.168M
Curtis LaMasters wrote:
I have (for now) a single firewall with 2 Ethernet ports. One nic is on
the outside and is plugged into our premise device and the second nic is
connected to the switch directly. The config is very basic, tagged on
vlan's 1,2, and 3, and their are no untagged or "nativ
Curtis LaMasters wrote:
I feel dumb for having to ask but I'm having a problem getting my 3 VLAN
interfaces on the internal side of the firewall to be active. I have
and HP managed switch plugged into it with the 3 VLANs tagged on that
specific interface. All of the VLANs are configured for t
Ronny Forberger wrote:
Hi List,
first of all let me say pfsense is an awesome idea to provide a router
platform.
But I'm getting a strange problem and can't resolve it:
All my VNC and RDP connections via being tunneled both throght an SSL
VPN (openvpn) and OpenSSH tunnels after a while will
Ugo Bellavance wrote:
Hi,
I use asterisk behind PfSense, and I configured the traffic shaper
accordingly. I can see that it prioritizes SIP and RTP traffic. Is
there a reason why IAX traffic (UDP/4569) is not included in there?
Regards,
Ugo
I managed to do it. However, it didn
Ugo Bellavance wrote:
Hi,
I'm currently running 1.0-RELEASE (embedded) on a wrap and I was
wondering what was the best way to upgrade to 1.2-RC2. I tried via the
web interface and it didn't work, so I guess the only way left is to
backup my config, write 1.2-RC2 image on the
Hi,
I'm currently running 1.0-RELEASE (embedded) on a wrap and I was
wondering what was the best way to upgrade to 1.2-RC2. I tried via the
web interface and it didn't work, so I guess the only way left is to
backup my config, write 1.2-RC2 image on the flashcard, then restore my
config. I
Dimitri Rodis wrote:
The *wizard* doesn't include IAX traffic, but pfSense will still do what
you want. All that you have to do is add rules to put the traffic into
the appropriate queues on the shaper rules page.
Yes, you're correct, I should have mentionned the wizard. I think that
IAX traf
Hi,
I use asterisk behind PfSense, and I configured the traffic shaper
accordingly. I can see that it prioritizes SIP and RTP traffic. Is
there a reason why IAX traffic (UDP/4569) is not included in there?
Regards,
Ugo
Dimitri Rodis wrote:
Glad to hear it's resolved. Just FYI, the Dell switches are a little
weird with the VLAN configs-- they aren't as easy to configure for
tagged/untagged VLANs as the Procurves are IMO. There is a setting on
each port on the Dells called PVID (which stands for Primary VLAN ID),
Ugo Bellavance wrote:
Dimitri Rodis wrote:
What device did you connect? If a machine (.120) is able to communicate
with pfSense (.1), then I would say there is a problem with this mystery
device, and not your setup. What IP address did you assign to your LAN
interface on vlan#3? (You only
ilto:[EMAIL PROTECTED] On Behalf Of Ugo Bellavance
Sent: Tuesday, October 23, 2007 8:49 PM
To: support@pfsense.com
Subject: [pfSense Support] Re: pfsense, procurve 2626 3 vlans
Dimitri Rodis wrote:
The only ports that should be tagged are devices that are configured
for
tagging.
Just so you understan
Dimitri Rodis wrote:
The only ports that should be tagged are devices that are configured for
tagging.
Just so you understand what that means exactly, the Ethernet frame is
actually modified by the switch, and a "tag" is added which actually
increases the size of the Ethernet frame. If the "de
Ugo Bellavance wrote:
Dimitri Rodis wrote:
Don't tag the ports unless the NICs that are plugged into those ports
actually support VLAN tagging, AND are configured to use the appropriate
tags. For the regular PCs/devices (or any device which doesn't support
tagging, or isn't
TECTED] On Behalf Of Ugo Bellavance
Sent: Tuesday, October 23, 2007 12:52 PM
To: support@pfsense.com
Subject: [pfSense Support] pfsense, procurve 2626 3 vlans
Hi,
We currently have a setup working, without vlans. In fact, I
tried to
make it work with vlans, w/o success.
We decided
Hi,
We currently have a setup working, without vlans. In fact, I tried to
make it work with vlans, w/o success.
We decided to replace the Dell 2724 switch because it looks unreliable.
I just received 2 HP Procurve 2626. They are managed 10/100 switches
with 1000T ports. Why 2? To have
Paul M wrote:
Ugo Bellavance wrote:
are you setting the switch port to 802.1q encapsulation which is how
multiple vlans are carried over a single ether?
I had a choice of
-not member
-member - untag
-member - tag
for each port
erm, I don't know dell switches; in cisco you set the po
Chris Kratz wrote:
Unfortunately, in this case, neither up nor down ever goes into the VOIP
Queues.
So, it would be really helpful for me to be able to figure out why these
packets aren't getting caught by these 4 rules. Any ideas? Am I missing
something stupid?
It's hard to tell for sure wit
Bill Marquette wrote:
On 10/17/07, Ugo Bellavance <[EMAIL PROTECTED]> wrote:
Hi,
We all know that when a DNS query is made, the reply may come back
using TCP if the response is too large.
The TCP reply won't be initiated by the remote site. If the response
is too large
Paul M wrote:
Ugo Bellavance wrote:
Still not working, the arp tables show nothing on the hosts on vlan103.
I've tried again, and still no luck. The pfsense can ping the opt1
interface (192.168.10.1), but no hosts on this network. I'm beginning
to suspect that the switch there does
Sean Cavanaugh wrote:
if you are running your own internal DNS server to handle the DNS
traffic then set a rule to forward all TCP/UDP port 53 to the server.
I'm not running authoritative DNS servers, I'm running caching DNS
servers that only query authoritative DNS servers.
Regards,
Ugo
Vivek Khera wrote:
On Oct 17, 2007, at 4:16 PM, Ugo Bellavance wrote:
Are TCP packets automatically accepted by pfsense or should I open
TCP/53 at wide? I query DNS servers directly, I don't use my ISP's
DNS servers for many reasons, so I can't just open TCP/53 for the
Hi,
We all know that when a DNS query is made, the reply may come back
using TCP if the response is too large.
Are TCP packets automatically accepted by pfsense or should I open
TCP/53 at wide? I query DNS servers directly, I don't use my ISP's DNS
servers for many reasons, so I can't jus
Hi,
I'd like to have a little explanation about vlans...
What I know:
- You need a switch that supports vlans
- NIC that support vlans
First scenario:
I have one switch to manage 2 zones, I use vlans. I configured the 2
ports that are internet facing in a vlan. Let's say it is port
Ugo Bellavance wrote:
I've tried again, and still no luck. The pfsense can ping the opt1
interface (192.168.10.1), but no hosts on this network. I'm beginning
to suspect that the switch there doesn't really support vlans. dell
powerconnect 2724.
Anyone ever succee
Ugo Bellavance wrote:
Ugo Bellavance wrote:
Paul M wrote:
Ugo Bellavance wrote:
VLAN 101 contains ports that are connected directly to the internet
(PfSense WAN port, internet port (it is in colocation), other servers
that would be connected directly to the internet (not behind PfSense
1 - 100 of 122 matches
Mail list logo