is it an actual disconnect between the LAN and WAN interface or is it that the WAN interface becomes unresponsive? if its an internal disconnect you should still be able to ping an outside source from the firewall even if systems on the LAN cant. if its the WAN interface itself, nothing would respond. are you sure you are running the correct MTU settings on the interface? I can def see why you would want to run TCPDump on the box now.
> Date: Thu, 16 Aug 2007 19:32:25 +1200> From: [EMAIL PROTECTED]> To: > support@pfsense.com> Subject: [pfSense Support] LAN / WAN Disconnections > continue in 1.2-RC1, Intel Pro/1000GT NICs with 370M RAM> > >>Buy hardware > that's not faulty. pfsense is *way* more robust than what it seems to be for > you. what network interfaces do you> >>have? if other than broadcom or Intel, > switch to Intel.> > In frustration I have purchased 2 new Intel Pro/1000GT > NIC's. They have lasted almost 48 hours before the internal disconnection > > between the LAN and WAN recurred yet again..... The state table is reported > as having showed 56 entries on index.php. Fixed by > rebooting. Nothing else. > (Cheaper cards have lasted longer!)> > Surely we can now conclusively say > this is not a NIC or hardware issue? This happens for me on completely > different machines with > >= 256M RAM.> > I have most recently been running > 1.2-RC1, pretty much since it was released. it teased me by running fine for > 2 weeks, before > reproducing the same problems.> > One of my colleagues has > now abandoned pfSense, as it has proven to be unreliable for him.> > I do not > want to, however the current reliability is also unsustainable for me.> > Is > there any way I can assist to fix this problem?> > Kind regards> David > Hingston> > > > > ----- Original Message ----- > From: "Tortise" <[EMAIL > PROTECTED]>> To: <support@pfsense.com>> Sent: Saturday, July 21, 2007 10:23 > AM> Subject: Re: [pfSense Support] Programming pfSense to Reboot and Dump LAN > / WAN traffic> > > Thank you Vivek> > >> connect both systems to a hub and > run tcpdump on the other machine logging all traffic some place.> > Yes they > are already on a LAN with a switch. I didn't realise TCPDump could be run > from another machine other than the one being> dumped from. From what you > suggest it can. I'll study it up and see if I can get it to! (Unless someone > here knows the syntax for> this well and can just roll it off?)> > >>Buy > hardware that's not faulty. pfsense is *way* more robust than what it seems > to be for you. what network interfaces do you> >>have? if other than broadcom > or intel, switch to intel.> > We (3 of us) believe this is not a hardware > issue. 3 of us are on the same ISP here in NZ, and experiencing the same > issues for> many months. The ISP uses much the same Motorola Cable modem to > interface into our static IP's. The same fault occurs using> completely > different hardware here also. I have another pfSense box running at > alternative premises connected to quite a different> ISP and that box just > goes, in line with what we believe we should be expecting. Swapping the boxes > also suggests it is not a> hardware problem as they all work at the > alternative ISP / venue.> > I find running Monowall also has the same > experience here, - the same Monowall box is stable for months off site. I > have been> tempted to post to the monowall list also, cross posts are > considered bad etiquette and I presume the monowall folks are also on> both > lists, I have refrained. (Is this correct?)> > It suggests to me there is > something about our ISP which is a problem, perhaps their hardware or perhaps > something about their> traffic. Clearly this should not be the case, but the > onus falls on us (rightly or wrongly) to prove this.> > It also suggests to > me there is a vulnerability in FreeBSD as the problem occurs in both Monowall > and pfSense with this cable ISP.> > I'd prefer my firewall not need random > rebooting. We'd all like to help within our power and ability to move this > forwards as> FreeBSD and its children (pfSense and Monowall) are largely > fantastic!> > Kind regards> David Hingston> > > > > > ---------------------------------------------------------------------> To > unsubscribe, e-mail: [EMAIL PROTECTED]> For additional commands, e-mail: > [EMAIL PROTECTED]> > > > > ---------------------------------------------------------------------> To > unsubscribe, e-mail: [EMAIL PROTECTED]> For additional commands, e-mail: > [EMAIL PROTECTED]> _________________________________________________________________ Recharge--play some free games. Win cool prizes too! http://club.live.com/home.aspx?icid=CLUB_wlmailtextlink