I`m agree with Jim
El 14/07/10 17:21, Jim Pingle escribió:
On 7/14/2010 11:18 AM, Laurentiu STEFAN wrote:
Can some one help me whit this problem too?
2010/7/14 Laurentiu STEFANlaurentiu.ste...@gmail.com
mailto:laurentiu.ste...@gmail.com
I have an IBM Inellystation whith 2 Pentium 2 -
Hi!
I have a Linux box, with a ipv6 tunnel with hurricane tunnel broker.
The tunnel works fine and all the clients of my LAN surf ip6.google.com
(I have configured radvd).
The problem is that the connections from internet, stops at the pfsense.
If I listen in the WAN interface I can look
:(
Ok, I have the tunnel alive, but it is impossible access from outside no?
So... no solution for access from outside?
Thanks
El 11/02/10 22:54, Jan Zorz escribió:
Mikel,
You have two options:
1. configure your cron on linux box to ping6 some IPv6 address out
there to keep tunnel up.
2
Uohh!!
There is an option in System/Advanced/ Nat encapsultaed IpV6 PAckets (
IP protocol 41) and thre put the Linux box ipv4 address.
For example 10.10.0.5
and it works!! I ping from outside, the tunnel endpoint and my LAN clients
El 11/02/10 22:54, Jan Zorz escribió:
Mikel,
You have
Hi!
El vie, 29-05-2009 a las 13:50 -0600, David Burgess escribió:
On Fri, May 29, 2009 at 1:07 PM, Jeppe Øland jol...@gmail.com wrote:
So... if a priorice a host over alll, why if I do a
ping from the priorized hots I have 27 millisenconds,
Hello
Qhere I can define certain queue, (for example VOIP) to dont have more
than X latency?
Is this possible with Pfsense?
Thanks
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail:
VOIP packets with the highest
priority. you can't lower the latency past whatever the nominal
latency of your line is. No QoS allows for more than priority processing.
On Fri, May 29, 2009 at 1:26 PM, Mikel Jimenez mi...@irontec.com
mailto:mi...@irontec.com wrote:
Hello
Qhere I can
Some ideas?
Sorry for my english
Mikel Jimenez wrote:
So... if a priorice a host over alll, why if I do a ping from the
priorized hots I have 27 millisenconds, but when from othre host in
the LAN I upload a file, the latency of the icmp grows to 220-270?
Is this normal?
Thanks
iggd
Hi
Is possible to make a GRE tunel between two Pfsenses without using IPsec?
I look in kldstat that gre module is not loaded
Thanks!
--
Mikel Jimenez Fernandez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
Helloo
Im not able to put HAVP + SQUID in tranasparent mode, using cache_peer
options...
Somebody succesfull in this task?
Thanks
-- Mikel Jimenez Fernandez Irontec, Internet y Sistemas sobre GNU/LinuX
- http://www.irontec.com +34 94.404.81.82
Hello
Im watching that probably is a bug in Pfsense 1.2.3
First of all, sorry if Im not correct.
I have installed pfsense 1.2.3 RC1 with squid package and HAVP.
I put squid in transparent mode, and i look that it adds a pf rule in
nat table. Corect, it works perfect, I see logs in
: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
--
Mikel Jimenez Fernandez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
Hello
I have this issue and i solve it reducing de MTU values.
Thanks
Juan Rivera wrote:
Hi I’m having trouble trying to browse some websites it loads really
slow is there anything that can help us improve that?
-
To
Hello TIm
I have not good experiences good igb driver...
My experience was with
http://www.intel.com/Products/Server/Adapters/Gb-ET-Dual-Port/Gb-ET-Dual-Port-overview.htm
that uses 82576.
IMHO better choose one taht is supported by Freebsd 7.0 and uses em driver
Tim Nelson wrote:
Greetings
I browse the
internet it take a while to show the page and sometime we get PAGE CAN
NOT BE DISPLAY its getting annoying now and getting a lot of complains
form users can you tell me how to reduce the MTU files? Thank you
-Original Message-
From: Mikel Jimenez Fernandez [mailto:mi
Via console and on both interfaces
Juan Rivera wrote:
Ok on wan there was nothing on MTU so I put 1300 but still the same
-Original Message-
From: Mikel Jimenez Fernandez [mailto:mi...@irontec.com]
Sent: Monday, April 13, 2009 12:26 PM
To: support@pfsense.com
Subject: [SPAM] Re
Oh thanks!!
So with vpnc and nating in tun0 will be possible?
Thanks
RB wrote:
On Fri, Apr 10, 2009 at 07:18, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
I only have client mode acces posibility, and my question is if is that
possibloe to configure this on pfsense a nat vpon traffic
There is a port for freebsd...
http://www.freebsdsoftware.org/security/vpnc.html
http://www.unix-ag.uni-kl.de/~massar/vpnc/
pkg_add -r vpnc...
Mikel Jimenez Fernandez wrote:
Oh thanks!!
So with vpnc and nating in tun0 will be possible?
Thanks
RB wrote:
On Fri, Apr 10, 2009 at 07:18, Mikel
Hello
I found that is a port for freebsd of vpnc cisco client.
http://www.freebsdsoftware.org/security/vpnc.html
http://www.unix-ag.uni-kl.de/~massar/vpnc/
This is usefull when you want to connect your firewall in client mode.
I install vpnc in pfsense 1.2.2 with pkg:add -r vpnc. I don't test
I think that the best is to probe it...
What are the incompatibilities?
In freebsd7 it works... I have to test in Pfsense woth real login
credentials
Chris Buechler wrote:
On Sat, Apr 11, 2009 at 6:53 AM, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
Hello
I found that is a port
Hello to everyboody
Can Pfsense act as cisco vpn client software to access cisco vpn
concentrator?
Thanks
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
concentrator.
Curtis LaMasters
http://www.curtis-lamasters.com
http://www.builtnetworks.com
On Fri, Apr 10, 2009 at 5:33 AM, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
Hello to everyboody
Can Pfsense act as cisco vpn client software to access cisco vpn
concentrator?
Thanks
Hello
I'm having issues for put working this card.
http://www.intel.com/products/server/adapters/gb-ET-Dual-Port/gb-ET-Dual-Port-overview.htm
Pfsense 1.2.2 doesn't recognize but Pfsense 1.2.3 yes.
It recognizes ok but it works very bad. It only pass pings but web
traffic and big packest very
If I check, or dont chek, bad cksum in tcpdump always appear.
I have to reboot ?
Bill Marquette wrote:
On Thu, Mar 19, 2009 at 6:27 PM, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
I have checked to disable it...
Why?
--Bill
Hello
I have a firewall with 2 interfaces. WAN and AN and CARP
LAN = 10.10.0.99
CARP=10.10.0.100
Is this normal from lan host?
backup:~# ping -f 10.10.0.99
PING 10.10.0.99 (10.10.0.99) 56(84) bytes of data.
PM, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
Hello
I have a firewall with 2 interfaces. WAN and AN and CARP
LAN = 10.10.0.99
CARP=10.10.0.100
Is this normal from lan host?
backup:~# ping -f 10.10.0.99
PING 10.10.0.99 (10.10.0.99) 56(84) bytes of data
loss, time 1391ms
rtt min/avg/max/mdev = 0.227/0.302/2.523/0.104 ms, ipg/ewma 2.323/0.288 ms
What exactly mean icmp limit value?
Mikel Jimenez Fernandez wrote:
Hi
[r...@gw ~]# sysctl -a | grep icmp | grep lim
net.inet.icmp.icmplim: 500
net.inet.icmp.icmplim_output: 1
net.inet6.icmp6
to...
Is this alarmant? 90 % packets bad cksum...
Bill Marquette wrote:
On Thu, Mar 19, 2009 at 6:09 PM, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
mm OK
I think that I understna sysctl value what mean..
backup:~# ping -f 10.10.0.98 -c 500
PING 10.10.0.98 (10.10.0.98) 56(84) bytes of data
I have checked to disable it...
Chris Buechler wrote:
On Thu, Mar 19, 2009 at 7:17 PM, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
Oh yeah!! thanks
Is this normal?
yes. google checksum offloading
Hello
I look that via web interface is not possible set upscript or down
script in CARP interfaces.
I think that this is a very good feature for advanced HA configurations.
For example
I have openvpn tun in master, and I want that when master downs, slaves
brings up the tun interface.
--
Mikel Jimenez Fernandez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
---BeginMessage---
Hello
Is any inconvenient to use squid+squidguard in multiwan enviroment?
And squid+squidguard+havp in mutiwan enviroment?
Thanks!
--
Mikel Jimenez
Abdulrehman wrote:
My experience is good with squid on multi-wan...i have not tried
squidguard yetsquid works cool for me.
Regrds
Abdulrehman
2009/3/4 Mikel Jimenez mi...@irontec.com mailto:mi...@irontec.com
--
Mikel Jimenez Fernandez
Irontec, Internet y Sistemas sobre GNU
Hello
I think yes.
With policy routing defined in firewall rules.
Source LAN, ports all- Gateway ADSL
Source DMZ, ports all- Gateway T1
After that you have to configure advanced outbound nat
Thanks
Stefanos E. Tsorakis wrote:
Hi all,
I am a new pfsense user. Was using ipcop for years then
Hello
I recommend you to use easy-rsa scripts of openvpn
Steve Spencer wrote:
OK, I've read the previous posts with regard to OpenVPN and I'm ready to
take my excellent PfSense firewall to the next level with a VPN. I'd
like to create the keys for the server on a Linux box and wonder if
I always install bash..
pkg_add -r bash
/usr/local/bin/bash
:)
Chris Buechler wrote:
On Thu, Feb 26, 2009 at 4:57 PM, Curtis LaMasters
curtislamast...@gmail.com wrote:
Try the scripts that Scott has published on the forums.
That's not going to work, unless you want to do it on
Hello
Is pfsync better than contrackd?
In what aspects?
--
Mikel Jimenez Fernandez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
-
To unsubscribe, e-mail: support-unsubscr
More tecnically reason?
Referring to states, tracking, tcp/udp...
Bill Marquette wrote:
Go troll elsewhere.
On Thu, Feb 19, 2009 at 5:51 AM, Mikel Jimenez mi...@irontec.com wrote:
Hello
Is pfsync better than contrackd?
Who cares, pfsense runs on FreeBSD where there be demons
I ask this question, because I am favour ogf *BSD, and one friend discuss
me that what pfsync+carp does, is possible with contrackd.
I have read that contrackd only syncs tcp states, and is a user space
daemon, not kernel level.
My question is, it can do all that pfsync?
If yo dont
Yeah!!
This is a very good reason!!
I think that contrackd doenst does this
On Thu, 19 Feb 2009 13:13:00 -0600, Bill Marquette
bill.marque...@gmail.com wrote:
On Thu, Feb 19, 2009 at 12:26 PM, mikel mi...@irontec.com wrote:
I ask this question, because I am favour ogf *BSD
Hello
I look that via web interface is not possible set upscript or down
script in CARP interfaces.
I think that this is a very good feature for advanced HA configurations.
For example
I have openvpn tun in master, and I want that when master downs, slaves
brings up the tun interface.
Hello everybody
I am working with a 2 node failover of 2 pfsense 1.2.2 and it its great!!
It works perfect, but I ask you that if its possible to define upscript
of carp via web interface, or modifying php code.
I think this is a good feature for pfsense 2.0, and in general the
magic box of
Chris Buechler escribió:
On Tue, Nov 11, 2008 at 1:22 PM, Mikel Jimenez [EMAIL PROTECTED] wrote:
Hello
In a Wan PPTP client connection what I have to put in local address BOX??
I don't know as I don't use PPTP WANs, and apparently no one that does
is willing to answer since I believe
Hello
I have ADSL router in 192.168.1.100 and pfsense has 192.168.1.101 ip.
How i can configure pptp client with ISP login and username in pfsense?
What I have to put in Local Ip Address when I´m going to configure pptp
via web interface?
Hello
where i can add pf rules in pfsense ( manually editing, or creating one
file), and mantaing this rules if I reload configuration throught web
interface?
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional
I have configurate manually tun0 to my ISP(ppp0 interface) and I want to do
NAT in this interface
On Tue, 25 Nov 2008 13:13:31 -0600, Bill Marquette
[EMAIL PROTECTED] wrote:
On Tue, Nov 25, 2008 at 1:10 PM, mikel [EMAIL PROTECTED] wrote:
Hello
where i can add pf rules in pfsense
Please Scott
The origin of this probelms is that i can´t configure pptp client with my
ISP in pfsense. Please help me
On Tue, 25 Nov 2008 14:21:30 -0500, Scott Ullrich [EMAIL PROTECTED]
wrote:
On Tue, Nov 25, 2008 at 2:18 PM, mikel [EMAIL PROTECTED] wrote:
I have configurate
But this is using openvpn, and I need pptp
On Tue, 25 Nov 2008 14:36:21 -0500, Scott Ullrich [EMAIL PROTECTED]
wrote:
On Tue, Nov 25, 2008 at 2:34 PM, mikel [EMAIL PROTECTED] wrote:
Please Scott
The origin of this probelms is that i can´t configure pptp client with
my
ISP
] iirc.
That will work.
Surely after that configure the wan interface as the one you need it for.
I have something in plan for 2.0 to allow doing this...
On Tue, Nov 25, 2008 at 8:38 PM, mikel [EMAIL PROTECTED] wrote:
But this is using openvpn, and I need pptp
On Tue, 25 Nov
Some ideas?
Do you understand me?
On Tue, 25 Nov 2008 20:50:52 +0100, mikel [EMAIL PROTECTED] wrote:
But... (sorry for my english) why i have to link the configuration ?
Why is the purpose of pptp section in web interface? It purpose isn´t
to
connect to ISP via pptp to obtain
interface...
Thanks, I hope to resolve near n the future... :)
On Tue, 25 Nov 2008 15:27:45 -0500, Chris Buechler [EMAIL PROTECTED]
wrote:
On Tue, Nov 25, 2008 at 4:50 AM, Mikel Jimenez [EMAIL PROTECTED] wrote:
??
There is no plan to resolve this issue? dhcp-pptp?
I don't think
(fixed address) in my pfsense
box...:
Original Message
Subject: Re: [pfSense Support] pptp help!!
Date: Tue, 25 Nov 2008 22:01:40 +0100
From: mikel [EMAIL PROTECTED]
To: support@pfsense.com
okay.I going to make the question by other side.
How do you make PPTP
OK
so explain me please the purpose off pptp wan interface.
In practical/reallife scenario please
On Tue, 25 Nov 2008 16:11:59 -0500, Scott Ullrich [EMAIL PROTECTED]
wrote:
On Tue, Nov 25, 2008 at 4:09 PM, mikel [EMAIL PROTECTED] wrote:
Sorry, there are some mistakes
In native English... this is my problem:
http://osdir.com/ml/security.firewalls.pfsense.user/2006-08/msg00046.html
Why is that so strange?
On Tue, 25 Nov 2008 16:29:03 -0500, Scott Ullrich [EMAIL PROTECTED]
wrote:
On Tue, Nov 25, 2008 at 4:22 PM, mikel [EMAIL PROTECTED] wrote:
OK
or BSD Perimeter teams be able
to
help with this buy buying a support package? I think direct contact is
going to be the only solution to this...
Curtis LaMasters
http://www.curtis-lamasters.com
http://www.builtnetworks.com
On Tue, Nov 25, 2008 at 4:28 PM, mikel [EMAIL PROTECTED
-lamasters.com
http://www.builtnetworks.com
On Tue, Nov 25, 2008 at 4:11 PM, mikel [EMAIL PROTECTED] wrote:
In native English... this is my problem:
http://osdir.com/ml/security.firewalls.pfsense.user/2006-08/msg00046.html
Why is that so strange?
On Tue, 25 Nov 2008 16:29:03
.
Is clear my bad English explanation?
On Tue, 25 Nov 2008 17:40:23 -0500, Scott Ullrich [EMAIL PROTECTED]
wrote:
On Tue, Nov 25, 2008 at 5:39 PM, mikel [EMAIL PROTECTED] wrote:
I can´t believe how it can be so defficult...
when you buy a common house router, and ii fyou have
Dear Crish/Scot/Developers
I t will be possible modify this patch to adapt to 1.2RCx and 2.0?
http://www.mail-archive.com/[EMAIL PROTECTED]/msg01766.html
thanks, I wait your response
On Wed, 26 Nov 2008 00:18:19 +0100, mikel [EMAIL PROTECTED] wrote:
thanks
But sorry, I´m
---BeginMessage---
Hello
Is possible to configure captive portal with ldap authentication?
I have a linksys wrtg54 in my LAN, acting as AP. Is possible to
configure this AP (with the default firmware or DD-wrt/openwrt) to
authenticate to captive portal of pfsense?
Thanks
---End
Chris Buechler escribió:
On Thu, Nov 20, 2008 at 7:09 AM, Mikel Jimenez [EMAIL PROTECTED] wrote:
This is my problem!!!
http://osdir.com/ml/security.firewalls.pfsense.user/2006-08/msg00046.html
This patch is ok?
That was before 1.0 was released even, that's quite a bit different
from
Chris Buechler escribió:
On Mon, Nov 17, 2008 at 3:08 PM, mikel [EMAIL PROTECTED] wrote:
What does it mean that?
http://doc.pfsense.org/index.php/Can_I_use_pfSense%27s_WAN_PPTP_feature_to_connect_to_a_remote_PPTP_VPN%3F
I can´t act as a client in a PPTP conection to an ISP
Chris Buechler escribió:
On Mon, Nov 17, 2008 at 3:08 PM, mikel [EMAIL PROTECTED] wrote:
What does it mean that?
http://doc.pfsense.org/index.php/Can_I_use_pfSense%27s_WAN_PPTP_feature_to_connect_to_a_remote_PPTP_VPN%3F
I can´t act as a client in a PPTP conection to an ISP
What does it mean that?
http://doc.pfsense.org/index.php/Can_I_use_pfSense%27s_WAN_PPTP_feature_to_connect_to_a_remote_PPTP_VPN%3F
I can´t act as a client in a PPTP conection to an ISP?
On Tue, 11 Nov 2008 20:48:32 +0100, mikel [EMAIL PROTECTED] wrote:
Hello
On Tue, 11 Nov 2008
.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Commercial support available - https://portal.pfsense.org
Yes, Yes, the connection, not a server
--
Mikel Jimenez Fernandez
Irontec, Internet y
Hello
In a Wan PPTP client connection what I have to put in local address BOX??
Please help me, is very important for my live.
--
Mikel Jimenez Fernandez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
Hello
On Tue, 11 Nov 2008 13:40:23 -0500, Chris Buechler [EMAIL PROTECTED]
wrote:
On Tue, Nov 11, 2008 at 1:22 PM, Mikel Jimenez [EMAIL PROTECTED] wrote:
Hello
In a Wan PPTP client connection what I have to put in local address
BOX??
I don't know as I don't use PPTP WANs
Mikel Jimenez escribió:
Hello
I am configuring Wan interface with pptp client, and a dude:
What I have to put in local ip addres box?
my fixed ip is 64.22.55.44 (this is the Ip that ISP give me with the
user and password off pptp connection)
Thanks
Any idea
Hello
I have installed openvpn client export utility in Pfsense 1.2.1 but it
no appears in the web interface. How can I run it?
--
Mikel Jimenez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
OK
But it is available in packets...
And via console or alone? I want easy way to provide to clients acces to
my VPN. Vpn client export utility is my best friend. How can I do
without installing 1.3?
Chris Buechler escribió:
Mikel Jimenez wrote:
Hello
I have installed openvpn client
Hello
Is possible to install bash interpreter in pfsense?
--
Mikel Jimenez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional
Hello
Is secure to put pfsense 1.2.1 in production enviroment?
Thanks
--
Mikel Jimenez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
-
To unsubscribe, e-mail: [EMAIL PROTECTED
.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Mikel Jimenez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
Hello
Is possible to enable http antivirus in pfsense? like clamav in ipcop...
--
Mikel Jimenez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
-
To unsubscribe, e-mail: [EMAIL PROTECTED
When it would be stable?
Is instalable from GUI or is an aparta package?
Thanks!
On Thu, 16 Oct 2008 21:47:49 +0400, Sergey [EMAIL PROTECTED] wrote:
Hi
Havp(HTTP Antivrus proxy) package testing in progress.
- Original Message -
From: Mikel Jimenez [EMAIL PROTECTED
.
Is possible from the GUI?
--
Mikel Jimenez
Irontec, Internet y Sistemas sobre GNU/LinuX - http://www.irontec.com
+34 94.404.81.82
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Is possible to define firewall rules and shapping rules on openvpn
interfaces?
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hello
Is posible to define traffic shapping rules for tap0 interface (or tun0)
if I create ainterface OPT1 linked to tap0?
And firewall rules for tap interfaces?
I think, my problem is taht, openvon traffic is encapsulated entirely
throught 1194 udp, and if a make video streaming or web
When is going to be posible to put pfsense 1.3 in production in my job?
What is the development status of pfsense 1.3?
For openvpn clients, there is a method for doing certificates via web?
actually I do with easy-rsa
-
To
Eugen Leitl escribió:
On Sun, Sep 21, 2008 at 02:21:57PM +0200, Mikel Jimenez wrote:
When is going to be posible to put pfsense 1.3 in production in my job?
When it's ready.
What is the development status of pfsense 1.3?
http://blog.pfsense.org/
For openvpn clients
Mikel Jimenez escribió:
Hello
I have a Openvpn server in Debian.
All the servers of my job are conected to this vpn (serves are in
diferent locations).
I want to put the PfSense in this VPN. I go to the web interface,
Openvpn, client and I put de certificate, the key, the CA cert and
give
Hello
I have a Openvpn server in Debian.
All the servers of my job are conected to this vpn (serves are in
diferent locations).
I want to put the PfSense in this VPN. I go to the web interface,
Openvpn, client and I put de certificate, the key, the CA cert and give
the ip and the port of the
Ron Blanchett escribió:
for starters you need to configure it from the server tab to run an
openvpn server.
On Thu, Aug 7, 2008 at 12:11 PM, Mikel Jimenez [EMAIL PROTECTED] wrote:
Hello
I have a Openvpn server in Debian.
All the servers of my job are conected to this vpn (serves
81 matches
Mail list logo