Tim Nelson wrote:
Sorry, I think I misread your response to my original post which you misread...
;-)
I am not concerned about the multiple local devices PPTP out to the same remote PPTP
server scenario. I was really just asking if the devices can PPTP outbound when the
local PPTP server is
On Wed, Jul 30, 2008 at 6:26 PM, DLStrout [EMAIL PROTECTED] wrote:
Bill, Anyone,
Would it be possible to get notified when you all feel this issue is
resolved and ready for -re-testing??
I'd welcome the opportunity to dive into 1.3 A2X, but unfortunately we are
short on standalone server
On Wed, Jul 30, 2008 at 7:30 PM, Ted Crow [EMAIL PROTECTED] wrote:
As an additional note, I've already tried the following to no avail:
- tcp/udp tweaking (no change)
Shouldn't be necessary anyway. Most of those settings are only
relevant when the firewall is the endpoint of the connection.
On Thu, Jul 31, 2008 at 12:58 AM, Anil Garg [EMAIL PROTECTED] wrote:
I would love to try the new 1.2.1 but there are so many images
Which one should be tested as most stable.
They're built once a day. Most days RELENG_1_2 doesn't change, and any
changes that do occur are minor. Just pick
On Thu, Jul 31, 2008 at 9:38 AM, Sean Cavanaugh
[EMAIL PROTECTED] wrote:
I have a 1.2-RELEASE setup that runs perfectly fine. I wanted to install
1.2.1 on it to try it out
but I cannot get the system to upgrade the firmware at all. Thru the web
interface i get the usual
hoops about the file
On Thu, Jul 31, 2008 at 3:01 AM, Beat Siegenthaler
[EMAIL PROTECTED] wrote:
A bit Off-Topic...
You can find no Information about DNS-Cache Poisoning at ZyXEL's Website. As
manufacturer of NAT-Serializers this is poor behavior.
Wow, indeed it is. I would suggest contacting them, I'm sure you
On Sat, Aug 2, 2008 at 7:15 PM, Tortise [EMAIL PROTECTED] wrote:
Re: Any chance your rule is doing OS detection?
Gosh I thought you were joking, however wise to first check the rule, bearing
in mind your responses are invariably well founded,
sure enough the ability to limit the OS is
On Sat, Aug 2, 2008 at 9:06 PM, Tortise [EMAIL PROTECTED] wrote:
Chris
I am not sure what you are getting at, I think so. (how else?)
Meaning you're connecting to a port forward using the outside IP from
your LAN interface. NAT reflection is a kludge, I would suggest just
directly connecting,
On Sat, Aug 2, 2008 at 7:20 PM, Scott Ullrich [EMAIL PROTECTED] wrote:
On Sat, Aug 2, 2008 at 7:18 PM, Michel Servaes [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Any idea as why the squidguard won't start ?
As soon as I add an url to download the blacklists, the
Bastian Schern wrote:
Hi,
I'm very happy with the pfSense Project. Very great job. Thanks to all.
But I have some Problems to configure the TrafficShaper for multiple
LANs.
It's only compatible with two interface systems (LAN and WAN) in 1.2.
You'll have to wait for 1.3 for this.
Bastian Schern wrote:
Chris Buechler schrieb:
[...]
It's only compatible with two interface systems (LAN and WAN) in 1.2.
You'll have to wait for 1.3 for this.
Okay.
What happens if I configure TrafficShaper only for VoIP-Interface and
WAN and a big traffic is going from LAN to WAN?
Does
On Wed, Aug 6, 2008 at 8:59 AM, Johann Spies [EMAIL PROTECTED] wrote:
I am investigating the possibility to use pfsense as our next
enterprise-level firewall. I am new both to pfsense and openbsd
(coming from a Linux background).
Our users pay for internet traffic per Mb. Some of them use a
On Thu, Aug 7, 2008 at 12:11 PM, Mikel Jimenez [EMAIL PROTECTED] wrote:
Hello
I have a Openvpn server in Debian.
All the servers of my job are conected to this vpn (serves are in diferent
locations).
I want to put the PfSense in this VPN. I go to the web interface, Openvpn,
client and I put
On Sat, Aug 16, 2008 at 8:52 AM, DLStrout [EMAIL PROTECTED] wrote:
Is there a special list/forum for 1.3 Alpha/Alpha questions ... just don't
want to muddy the water here with alpha testing questions.
There's a board on the forum, but you're welcome to post here too. If
posting here just make
Aliet Santiesteban Sifontes wrote:
Hi, all I'm using a new installed pfsense 1.2.1 with three attached
newtoks, wan, lan and optional 1, I have defined rules on lan
interface to allow all outgoing connections on that interface, but
everything is blocked, a test in dns server query shows this on
On Wed, Aug 20, 2008 at 11:56 AM, Aliet Santiesteban Sifontes
[EMAIL PROTECTED] wrote:
Found part of the problem, I installed a clean pfsense, and setup
again the three interfaces.
WAN-- Connected to our isp trought a /30 private newtork
OP1-DMZ-- With the public range address assigned by our
On Wed, Aug 20, 2008 at 6:12 PM, Tim Nelson [EMAIL PROTECTED] wrote:
I probably shouldn't introduce any further issues here... but aren't there
issues having a 192.168.1.0/30 and a 192.168.1.0/24 on the same router? If
you ping 192.168.1.1 or 192.168.1.2 from your router, what interface will
On Thu, Aug 21, 2008 at 11:19 AM, Tim Nelson [EMAIL PROTECTED] wrote:
I posted this a few days ago and haven't gotten any response. Am I the only
one who wants to prioritize OpenVPN traffic? :-)
As mentioned, I do not wish to shape the traffic inside the OpenVPN tunnel,
just the tunnel
On Thu, Aug 21, 2008 at 12:06 PM, Curtis LaMasters
[EMAIL PROTECTED] wrote:
Sure you can.
Outbound only, traffic coming in over OpenVPN is automatically allowed in 1.2.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
On Fri, Aug 22, 2008 at 8:33 AM, Fuchs, Martin
[EMAIL PROTECTED] wrote:
Hi !
At one of my systems I have a strange issue, the file-system runs out of
space...
So is there the possibility to have some ls combination or else that can
check fort he biggest files in the fs instead of having me
On Fri, Aug 22, 2008 at 10:59 AM, David Meireles [EMAIL PROTECTED] wrote:
you can use the switch -h (human readable). Also, try the following
combination, and increase the value at your taste
du -h --max-depth=1
Which is the same as du -hd1 that I suggested. :)
On Fri, Aug 22, 2008 at 4:18 PM, Aliet Santiesteban Sifontes
[EMAIL PROTECTED] wrote:
Hi list I'm currently migrating our dns server to new binds releases
due to daminsky vulnerability, but I'm hitting a rock because of the
disable of edns protocol, to do this test first I disable disable the
On Sun, Aug 24, 2008 at 12:47 PM, chris [EMAIL PROTECTED] wrote:
Is it possible to update multiple dyndns hosts with the Dynamic DNS service?
Not with 1.2, it's in 1.3.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
On Fri, Aug 22, 2008 at 10:11 PM, Aliet Santiesteban Sifontes
[EMAIL PROTECTED] wrote:
Chris, here I attached the capture file, you can see this with
wireshark or etehreal, you will see the problem.
Looks like the remote server is sending that back, and it doesn't have
anything to do with your
On Tue, Aug 26, 2008 at 2:08 PM, Atkins, Dwane P [EMAIL PROTECTED] wrote:
Will I have to change all my routing to make these changes? I want to do
202.0 – 205.250.
Hard to say, depends on how this is configured in other parts of your
network. If you expect to use a /21, your interface has to
On Wed, Sep 3, 2008 at 6:18 PM, JJB [EMAIL PROTECTED] wrote:
Hello,
We have servers on our SHARED_DMZ interface and we would like to give
priority to http requests to those servers from our web server over all
other traffic. The bandwidth usage is tiny, a few kbits every few minutes.
These
On Thu, Sep 4, 2008 at 4:04 PM, Atkins, Dwane P [EMAIL PROTECTED] wrote:
Does anyone have a recommendation for the DHCP default lease time? We
have a Captive Portal Idle Timeout of 30 minutes and a Hard timeout of
720 minutes. Our DHCP lease is 43300 seconds or a little more than 12
hours.
On Thu, Sep 4, 2008 at 10:03 PM, Atkins, Dwane P [EMAIL PROTECTED] wrote:
What is the Maximum lease time on the DHCP server? It say that the
lease time is for clients that ask for a specific expiration time.
Should that be set as well?
Yeah set that to the same. It likely won't be used.
On Thu, Sep 4, 2008 at 11:58 PM, JarekVB [EMAIL PROTECTED] wrote:
Hello List.
Here is my situation. I have been using pfSense for the last year and
didn't have any problems till about 2 months ago.
I change a job and decided that I needed to renew my IP to make sure
that my co-worker does
On Fri, Sep 5, 2008 at 12:34 AM, JarekVB [EMAIL PROTECTED] wrote:
So i change the Rules to be:
Proto | Source | Port | Destination | Port | Gateway |
Schedule | Description
--++---+-+---+-+--+
TCP |*
On Fri, Sep 5, 2008 at 10:17 PM, BSD Wiz [EMAIL PROTECTED] wrote:
man O man still getting blocked,
tried calling my VoIP phone from my cell phone and the traffic was blocked
again by the default drop all rule. below is the log entry of the blocked
traffic.
WAN 216.181.136.7:5065
On Wed, Sep 10, 2008 at 6:06 PM, Joseph L. Casale
[EMAIL PROTECTED] wrote:
If I wanted some number x of hosts to be accepted to use a forwarded
port, is not possible to enter a list of source ip's, or must I make a rule
for each
host?
You can create an alias with the list of source IPs then
On Thu, Sep 11, 2008 at 11:21 AM, Randy Schultz [EMAIL PROTECTED] wrote:
Heya,
We use PFSense here, much to our delight. We are currently working on
bringing up another to work in parallel.
We use a lot of aliases, and some of the aliases are fairly big. The
mouse-over is cool however
On Fri, Sep 12, 2008 at 10:13 PM, Glenn Kelley [EMAIL PROTECTED] wrote:
Greetings
I have a transparent firewall running - (finally)however the only thing not
working behind the firewall is dns resolution for servers behind the system
doing a lookup.
This caused all types of issues w/ mail
On Thu, Sep 11, 2008 at 11:35 PM, Glenn Kelley [EMAIL PROTECTED] wrote:
On our latest install of pFsense - (thanks for everyones help w/ the
transparent bridge - ended up being the nic cards were not liked much by the
system )
Now we are unable to install packages - and get the error message
On Sat, Sep 13, 2008 at 11:22 AM, sp4rc [EMAIL PROTECTED] wrote:
Hello list members
I am running 1.2-RELEASE embedded on an alix2d3 board.
This is what my network layout looks like:
http://img257.imageshack.us/my.php?image=networkgu3.jpg
The Linksys router is running in router-mode and
On Sun, Sep 14, 2008 at 6:57 AM, sp4rc [EMAIL PROTECTED] wrote:
Thanks for your reply. I changed the Natting configuration. A first test
I have made yesterday worked. But today I can not log in to my sipgate
account anymore from the DMZ segment. (Although it works using ekiga
from the LAN
On Wed, Sep 17, 2008 at 4:55 PM, Matias Surdi [EMAIL PROTECTED] wrote:
Thanks for your help Wilson.
That's not exactly what I'm trying to do.
I've both DSL router on the same phisical WAN interface (with a switch,
obviously).
Then, on these DSL routers I've some port redirections to the
On Wed, Sep 17, 2008 at 5:43 PM, Matias Surdi [EMAIL PROTECTED] wrote:
If I've more than one IP address on each of my internet connections (now
each one on his own interface), Will I be able to do Port Forwardings for
all the IPs?
yes
On Wed, Sep 17, 2008 at 6:20 PM, Anil Garg [EMAIL PROTECTED] wrote:
Is there a place to check what is new on the stove for 1.3 release. Ah
goodies.
A number of blog posts cover some things. More will be added with time.
http://blog.pfsense.org/?tag=13-new-features
On Wed, Sep 17, 2008 at 6:55 PM, Joe Laffey [EMAIL PROTECTED] wrote:
I have pfsense set up with a WAN, a LAN, a DMZ, and a WIFI NIC (4 NICs). I
would like to be able to use OpneVPN to connect from the WAN and access
hosts on both the LAN and the DMZ (encrypted through the vpn).
Is this
On Fri, Sep 19, 2008 at 7:29 AM, Paul Mansfield
[EMAIL PROTECTED] wrote:
Tim Nelson wrote:
Any ideas on what I can do to decrease the effect OpenVPN is having on the
traffic? All suggestions welcome and appreciated!
a wild thought, but could you have a problem with MTU? try reducing it
on
On Tue, Sep 23, 2008 at 10:40 AM, Derrick Conner [EMAIL PROTECTED] wrote:
For some reason, some of the messages in here get sent to junk mail.
Gmail has been sending about 10-20% of the list messages to spam the
past week or so for me. I changed my filter for the lists to never
move to spam,
On Mon, Sep 22, 2008 at 12:06 PM, Tim Nelson [EMAIL PROTECTED] wrote:
I recently ran into an issue where one of our client's laptops would/could
not get an IP address from one of our boxes running pfSense 1.2-RELEASE.
Connecting via wireless or wired made no difference and other machines
On Wed, Sep 24, 2008 at 1:43 PM, Matias Surdi [EMAIL PROTECTED] wrote:
Finally, we've migrated to 1.2.1 RC1 and seems to be working, at least for
now.
But, we are seeing that the CPU keeps on 50% use, and a top shows that it's
being used by interrupt.
That's indicative of a maxed out box.
On Wed, Sep 24, 2008 at 11:27 AM, Matias Surdi [EMAIL PROTECTED] wrote:
The console is absolutely frozen.Can't do anything.
That's one of two things:
1) Hardware problem, usually RAM, possibly any number of other things.
2) FreeBSD bug specific to your hardware. First I'd try 1.2.1, and if
it
On Wed, Sep 24, 2008 at 3:23 AM, R. Th. Boots [EMAIL PROTECTED] wrote:
Hello,
As Pfsense is derived from Monowall and monowall has recently, in the
1.3beta12, incorporated ipv6, I was wondering how difficult it is going to
be to port the changes in monowall to pfsense?
The two are vastly
On Wed, Sep 24, 2008 at 5:57 AM, Paul Mansfield
[EMAIL PROTECTED] wrote:
Chris Buechler wrote:
Gmail has been sending about 10-20% of the list messages to spam the
http://www.robtex.com/rbl/
try wacking in IP addresses of relays and see what turns up
Only one mail server sends out mail
On Fri, Sep 26, 2008 at 7:51 PM, Koray AGAYA [EMAIL PROTECTED] wrote:
Hi All;
I installed all freebsd ports collection under /usr/ports/*.* But I didnt
use make install command How Can I do work it ? Please help me
You can't. Use pkg_add.
On Fri, Sep 26, 2008 at 7:17 PM, Alfred Sawaya [EMAIL PROTECTED] wrote:
Hello,
I've some troubles with pfsense : I would like to enable the DHCP server
on one of my interface (xl0). I've 3 interfaces : 2 LAN (fxp0 and xl0),
1 WAN (rl0).
I do everything right to enable DHCP but I've this in
On Fri, Sep 26, 2008 at 10:36 PM, Alfred Sawaya [EMAIL PROTECTED] wrote:
Sure :
Config file of my interfaces :
interfaces
... LAN and WAN ...
opt1
ifxl0/if
descrDINIAE/descr
bridge/
ipaddr192.168.22.1/ipaddr
subnet24/subnet
gateway/
On Sat, Sep 27, 2008 at 3:48 PM, Scott Ullrich [EMAIL PROTECTED] wrote:
On Sat, Sep 27, 2008 at 3:15 PM, Chris Bagnall [EMAIL PROTECTED] wrote:
We use pfSense in client environments. We use ISPs that offer IP6 support
at no extra charge.
Does anyone know how much £/€/$ would be needed to
On Sun, Sep 28, 2008 at 2:22 PM, Alfred Sawaya [EMAIL PROTECTED] wrote:
Of course, this interface was enabled when i've tested the DHCP Server.
I've disabled it after... So, It doesn't work when the interface is enabled
That message from dhcpd means the interface does not have an IP
assigned,
On Wed, Oct 1, 2008 at 6:18 PM, BSD Wiz [EMAIL PROTECTED] wrote:
pfSense 1.2.1 RC1
only add-on package installed is iperf.
I have rules to allow allow traffic out on port 80 and 443. I have also(just
to be sure) allowed *ALL* traffic out from my static ip on my macbook.
Problem is I can't
On Wed, Oct 1, 2008 at 7:00 PM, Tim Nelson [EMAIL PROTECTED] wrote:
Are you blocking any ICMP traffic? PMTU (MTU path discovery) relies on ICMP
to automagically determine the proper MTU...
On nearly all of my installations, I'm blocking EVERYTHING including ICMP on
the WAN and PMTU still
On Wed, Oct 1, 2008 at 9:23 PM, BSD Wiz [EMAIL PROTECTED] wrote:
do you guys think i should revert back to version 1.2 and test it?
I would say there isn't a good chance that would change anything, but
someone seems to be reporting a similar problem on the forum that
reportedly didn't exist in
On Wed, Oct 1, 2008 at 11:55 PM, BSD Wiz [EMAIL PROTECTED] wrote:
yep, i looked at it using tcpdump. i just see syn packets going out the
door, i never get any syn-acks back.
22:50:47.417326 IP unixbox.gnet.49330 subaru.com.http: S
3917131801:3917131801(0) win 65535 mss 1460,nop,wscale
On Thu, Oct 2, 2008 at 12:38 AM, BSD Wiz [EMAIL PROTECTED] wrote:
i know, i just want to check out the new wrx's and sti!!
tried messing with the mtu without any luck.
ok, here is tcpdump running on my pfsense firewall(unixbox.gnet). you can
see my request to subaru.com and then the reply
Paul Mansfield wrote:
BSD Wiz wrote:
I never get a response from the firewall therefore I cannot connect via
telnet over port 80. Telneting to the site from the de works but not
from the client machine.
it sounds a bit like the automatic bogons blocking list has subaru in it.
That
On Fri, Oct 3, 2008 at 10:57 AM, Vivek Khera [EMAIL PROTECTED] wrote:
I've read a lot about how windows and linux are vulnerable, but not
much info regarding FreeBSD. Does anyone know how worried we should
be? Any comment on possible corrective measures being implemented by
the dev team?
On Fri, Sep 26, 2008 at 11:14 AM, Paul Mansfield
[EMAIL PROTECTED] wrote:
Rob Terhaar wrote:
I know that the rule label too long bug has been around in varying
500 keep state label IPSEC: RDI -2nd lan - outbound isakmp
try taking out the '', I have been bitten by a bug with it not quoting
On Tue, Oct 7, 2008 at 9:24 AM, Tonix (Antonio Nati)
[EMAIL PROTECTED] wrote:
General question to developers:
which are usually problems which make PF sense failover to anoter unit?
The most common cause of failing over when it shouldn't is switches
that hose or block multicast.
Can an
2008/10/8 Paul Mansfield [EMAIL PROTECTED]:
icmp echo request on DMZ interface,
yes (in a firewall rule)
as well as a route to LAN on DMZ
which should be handled by the systems' default routes, assuming
that's pfSense.
machines, and advanced NAT so that LAN isn't natted to DMZ
No, only
On Thu, Oct 9, 2008 at 7:28 AM, Ronald L. Rosson Jr. [EMAIL PROTECTED] wrote:
Can someone please point me to the proper person to get in contact with
concerning the forums. Once I have logged in and try to post or modify one
of my existing posts I keep getting this error.
Session verification
On Fri, Oct 10, 2008 at 3:34 PM, JJB [EMAIL PROTECTED] wrote:
Hello,
We just migrated our vpn users to our pf sense firewall. We have dual
firewalls (CARP) and dual wan links - a 3mbit bonded t1 link and a 10mb dsl
link. (not load balanced - a LAN router is determining what is going to
which
2008/10/11 Curtis LaMasters [EMAIL PROTECTED]:
A static route on pfsense for the 2.x network sending traffic to 0.245
should do the trick unless I'm missing something.
And also check Bypass firewall rules for traffic on the same
interface on the Advanced page since this will end up being
On Sat, Oct 11, 2008 at 11:11 PM, Bill Marquette
[EMAIL PROTECTED] wrote:
On Sat, Oct 11, 2008 at 12:39 PM, Chris Buechler [EMAIL PROTECTED] wrote:
2008/10/11 Curtis LaMasters [EMAIL PROTECTED]:
A static route on pfsense for the 2.x network sending traffic to 0.245
should do the trick unless
On Sun, Oct 12, 2008 at 9:52 PM, Mikel Jimenez [EMAIL PROTECTED] wrote:
Is possible to define firewall rules and shapping rules on openvpn
interfaces?
In 1.2 no, in 1.3 it will be.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
On Tue, Oct 14, 2008 at 2:59 PM, BSD Wiz [EMAIL PROTECTED] wrote:
To be clear, both boxes lans are different subnet of course but the WANs are
on the same subnets.
If they're on the same ISP with privately addressed WANs that will
work, if they allow routing between customers. If it's two
On Wed, Oct 15, 2008 at 12:20 PM, Mikel Jimenez [EMAIL PROTECTED] wrote:
Hello
Is possible to redirect requests to xx port to aaa.bbb.ccc.ddd:xx?
I have 192.168.1.0 LAN, my proxy is in 192.168.1.40 and pfsense LAN
interface is 192.168.1.100.
I want that, the clients (gateway 192.168.1.100)
On Wed, Oct 15, 2008 at 6:13 PM, Alfred Sawaya [EMAIL PROTECTED] wrote:
Chris Buechler a écrit :
Yes and no. You can add a port forward on LAN that will accomplish
this. But it isn't source-specific, so the box you redirect the
traffic to will have to reside on another interface otherwise its
On Wed, Oct 15, 2008 at 6:37 PM, Alfred Sawaya [EMAIL PROTECTED] wrote:
yep, so you just have to add a rule from proxy:80 - any = pass and put
it before the rule any:80 - proxy:81, no ?
No because they're NAT rules not firewall rules and you cannot exclude
anything on a single interface from
On Thu, Oct 16, 2008 at 6:12 AM, David Barbero [EMAIL PROTECTED] wrote:
Not exactly, this will not happen if redirects all lan traffic except the
traffic from the proxy:
rdr on $int_if proto tcp from !192.168.1.40 to any port 80 - 192.168.1.40
port PROXY_PORT
Yes but pfSense does not let
On Mon, Oct 20, 2008 at 6:08 AM, Mikel Jimenez [EMAIL PROTECTED] wrote:
Hello
Is secure to put pfsense 1.2.1 in production enviroment?
I think the others who replied may have misunderstood your intent, it
appears you aren't a native English speaker, and may have intended to
ask if it's safe,
On Tue, Oct 21, 2008 at 8:49 PM, Nathan Eisenberg
[EMAIL PROTECTED] wrote:
Hello,
I am looking at deploying a pair of virtual load balancers for a very
specific application. I was wondering if anyone has managed to get PFSense
installed and running under XEN in either para or full
On Wed, Oct 22, 2008 at 12:37 PM, Tim Nelson [EMAIL PROTECTED] wrote:
Those were my 'assumptions' as well... :-)
I was hoping someone could point me in the direction of any sort of 'soft
limit' imposed by OpenVPN itself as was presented with IPSEC.
Nothing that anyone knows of.
On Wed, Oct 22, 2008 at 9:58 PM, Graham Freeman
[EMAIL PROTECTED] wrote:
I've been meaning to post a follow-up to my similar post from last week...
We had huge problems with traffic shaping that I was only able to resolve by
switching to m0n0wall v1.3b15 (based on FreeBSD 6.x, vs. the
On Wed, Oct 22, 2008 at 10:19 PM, Glenn Kelley [EMAIL PROTECTED] wrote:
not sure where I could find this answer --- googled it of all things...
when do we expect 1.3 to be released?
http://doc.pfsense.org/index.php/When_Will_A_Release_Occur
On Wed, Oct 22, 2008 at 11:14 PM, Tim Nelson [EMAIL PROTECTED] wrote:
Maybe someone could update the content over at
http://doc.pfsense.org/index.php/When_Will_The_pfSense_Book_Be_Released ?
Hey, I just put an update on the blog a few days ago. :)
On Wed, Oct 22, 2008 at 11:19 PM, Tim Nelson [EMAIL PROTECTED] wrote:
A few days ago? Over two weeks ago... and some of us are losing sleep, going
bald, unable to concentrate, etc as a result of the wait... :-)
sheesh, guess it has been that long. I'll have another update up in a
couple weeks
JJB wrote:
http://www.psc.edu/networking/projects/tcptune/
I'm wondering if any of this freebsd tuning info is relevant to
pfsense, has it already been done, are there any benefits to setting
any of these things
Don't bother, these things are all only relevant to the endpoints of TCP
On Fri, Oct 24, 2008 at 5:29 PM, JJB [EMAIL PROTECTED] wrote:
Your architecture is somewhat unclear - do I correctly surmise that
you have a pfSense server *somewhere* on a 3/3 connection, and that
several users connect to it via OpenVPN?
two pfsense servers using CARP for failover with a
On Fri, Oct 24, 2008 at 11:12 PM, Tim Nelson [EMAIL PROTECTED] wrote:
I stumbled upon a new open source firewall product this evening. Ever heard
of Fyrewall? Some information from the Freshmeat project page at
http://freshmeat.net/projects/fyrewall/?branch_id=76300release_id=287163 :
On Fri, Oct 24, 2008 at 11:51 PM, RB [EMAIL PROTECTED] wrote:
You beat me to the translation... Looking at their live demo (yes,
they have one running in a VM)
Which is going to be rooted in short order if they don't lock it down
significantly more. They attempted to do so, but didn't do
On Sun, Oct 26, 2008 at 9:54 AM, DLStrout [EMAIL PROTECTED] wrote:
Is there a default password to decrypt the config.xml file in the latest
1.3AA?
I recently updated 1.3Ax2 and now get prompted for a password to decrypt the
config.xml and if I CTRL-C out the box will only come up in single
On Mon, Oct 27, 2008 at 2:14 PM, Robin Kauffman [EMAIL PROTECTED] wrote:
Hi-
My previous post was incorrect; 1:1 nat in fact works provided that
traffic for all IPs is sent to the firewall's public-facing MAC address.
However, if the route is merely '1.2.3.4/24 dev linktofw' from the
On Mon, Oct 27, 2008 at 7:56 AM, Paul Mansfield
[EMAIL PROTECTED] wrote:
in general, I've noticed that the interface setting makes no difference
to what happens when using a gateway IP.
It does - it opens the anti-spoofing rules appropriately and generates
NAT rules according to which
On Mon, Oct 27, 2008 at 5:08 AM, Steve Harman
[EMAIL PROTECTED] wrote:
Hi!
The subject line says it all really. ;-) Are we able to add more than two
DNS servers in the pfSense DHCP server?
There only appear to be two input boxes in the web interface but I wondered
if perhaps multiple
On Tue, Oct 28, 2008 at 1:20 PM, JJB [EMAIL PROTECTED] wrote:
That is interesting - is there something unique about running pfsense on
vmware that is different from running directly on hardware?
No, this problem happened on both physical and virtual machines. There
could be something specific
On Tue, Oct 28, 2008 at 3:59 PM, [EMAIL PROTECTED] wrote:
What will the migration path look like from 1.2 to 1.2.1?
First Question:
On an embedded system (Soekris Net5501), will I need to flash the CF
card from scratch or will I be able to use the firmware 'feature' on the
GUI? If the
On Tue, Oct 28, 2008 at 1:18 PM, JJB [EMAIL PROTECTED] wrote:
1. Were all the known 1.2.1 bugs resolved last weekend as you hoped in the
above message?
As far as we know, yes. Still one thing with grub to find a solution
for, that's the last remaining 1.2.1 item.
2. Would you consider
On Tue, Oct 28, 2008 at 5:45 PM, Michel Servaes [EMAIL PROTECTED] wrote:
When I'm going to install 1.2.1 tomorrow evening, do we still belong to this
usergroup, or should one subscribe to another feed ?
I believe another feed is available for the 1.3 branch, isn't it ?
There isn't a different
On Tue, Oct 28, 2008 at 10:01 PM, Chris Flugstad [EMAIL PROTECTED] wrote:
After booting from the live cd, and then installing to the HD, it starts to
boot, bios goes by then bsd looks like its gonna boot, but then characters
just stream the page really fast. It booted fine from the CD
On Tue, Oct 28, 2008 at 10:16 PM, Craig Silva
[EMAIL PROTECTED] wrote:
Having a look at 1.2.1 but can't see a full install for embedded 9maybe I'm
blind) - only an update for RC1 - last time I tried to update it failed, so
had to revert to 1.2 release.
There isn't a different full install
On Tue, Oct 28, 2008 at 10:29 PM, Craig Silva
[EMAIL PROTECTED] wrote:
Will have a look but trying to install onto wrap so the only way I know how
to do this is to flash an image
Use VMware and USB redirection, CF then shows up as a hard drive.
On Wed, Oct 29, 2008 at 12:53 AM, Chris Flugstad [EMAIL PROTECTED] wrote:
Installed with GRUB and now GRUB loads, then FREEBSD default startup, it
starts to go , thing spins and then i get the same screen of random
charchters streaming down the screen.
Not the boot loader then. Try 1.2.1.
Mikel Jimenez wrote:
Hello
I have installed openvpn client export utility in Pfsense 1.2.1 but it
no appears in the web interface. How can I run it?
You can't in 1.2.1.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
clear the upstream ARP cache.
On Wed, Oct 29, 2008 at 4:43 PM, Michel Servaes [EMAIL PROTECTED] wrote:
I backed up my config.xml, took another computer, added the same network
configuration... installed pfSense 1.2.1 (build of today).
Restored config.xml, re-installed packages (within restore
On Wed, Oct 29, 2008 at 12:05 PM, Eugen Leitl [EMAIL PROTECTED] wrote:
On Wed, Oct 29, 2008 at 05:00:40PM +0100, Mikel Jimenez wrote:
OK
But it is available in packets...
And via console or alone? I want easy way to provide to clients acces to
my VPN. Vpn client export utility is my best
On Wed, Oct 29, 2008 at 5:27 PM, Eugen Leitl [EMAIL PROTECTED] wrote:
On Wed, Oct 29, 2008 at 05:15:59PM -0400, Chris Buechler wrote:
Not even that is possible, well not without backporting all the user
manager and OpenVPN changes in 1.3 (you'd be much, much better off
just running 1.3
501 - 600 of 1503 matches
Mail list logo