PFsense Client? Server? Dial In? You have not given enough information on your request. Plenty of information on the wiki - http://doc.pfsense.org/index.php/Main_Page And also external blogs such as -http://blog.stefcho.eu/?p=492 Google “pfsense openvpn” and you get loads of tutorials that will fit your needs
From: [email protected] [mailto:[email protected]] On Behalf Of Gagan VERMA Sent: 19 September 2012 06:08 To: [email protected] Cc: [email protected] Subject: [pfSense] Re : List Digest, Vol 13, Issue 21 Hi, Please help how can i implement openvpn in pfsense -- Sincere Regards Gagan Verma Assistant Manager - IT [Description: Image removed by sender.] AuthBridge Research Services Private Limited | 2nd Floor, Plot No 123, Udyog Vihar, Phase-IV, Gurgaon - 122016 | Tel: +91-124-4609800 | Mobile: +91-9818477979 [email protected]<mailto:[email protected]> | www.authbridge.com <http://www.authbridge.com/> 2008 AuthBridge Research Services Private Limited. All Rights Reserved. This email is intended solely for the person or organisation to which it is addressed. It may contain privileged and confidential information. If you are not the intended recipient, you are prohibited from copying, disclosing or distributing this email or its contents (as it may be unlawful for you to do so) or taking any action in reliance on it. If you have received this email by mistake, please delete it. Then advise the sender immediately by reply email to [email protected]<mailto:[email protected]>. An email reply to this address may be subject to monitoring for operational reasons or lawful business practices. ________________________________ From: [email protected] MailId : [5741848] To: [email protected] Subject: List Digest, Vol 13, Issue 21 Date: 18 Sep 2012 02:15:29 pm Send List mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit http://lists.pfsense.org/mailman/listinfo/list or, via email, send a message with subject or body `help` to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of List digest..." Today`s Topics: 1. Re: extra packages (Vieri) 2. Re: Traffic Shaping/QOS options with OpenVPN, tunnels ([email protected]) 3. IP address range (Vieri) 4. Re: IP address range (Fuchs, Martin) 5. Re: IP address range (Chris Buechler) 6. Re: IP address range (Fuchs, Martin) 7. Re: extra packages (Chris Buechler) 8. firewall rules: destination host or network (Vieri) 9. Re: firewall rules: destination host or network (Seth Mos) 10. Re: IP address range (Vieri) ---------------------------------------------------------------------- Message: 1 Date: Mon, 17 Sep 2012 09:08:31 -0700 (PDT) From: Vieri <[email protected]> To: pfSense support and discussion <[email protected]> Subject: Re: [pfSense] extra packages Message-ID: <[email protected]> Content-Type: text/plain; charset=us-ascii --- On Mon, 9/17/12, Jim Pingle <[email protected]> wrote: > http://doc.pfsense.org/index.php/Installing_FreeBSD_Packages Great! Thanks, I missed that page. Vieri ------------------------------ Message: 2 Date: Mon, 17 Sep 2012 12:49:00 -0400 From: "[email protected]" <[email protected]> To: [email protected] Subject: Re: [pfSense] Traffic Shaping/QOS options with OpenVPN, tunnels Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Thanks Ermal. I feared that was the case. Is there any other way to prioritize certain traffic going over the OpenVPN tunnels? I am trying to resolve some voice and dns issues. Jonathon ------------------------------ Message: 3 Date: Mon, 17 Sep 2012 12:54:14 -0700 (PDT) From: Vieri <[email protected]> To: [email protected] Subject: [pfSense] IP address range Message-ID: <[email protected]> Content-Type: text/plain; charset=us-ascii Hi, Can I specify an IP address range in firewall rules or alias? If so, how? I know I can set `network` aliases but sometimes it`s simpler to just specify a range such as <firstipaddr>-<lastipaddr> instead of using masks. Vieri ------------------------------ Message: 4 Date: Mon, 17 Sep 2012 20:16:28 +0000 From: "Fuchs, Martin" <[email protected]> To: pfSense support and discussion <[email protected]> Subject: Re: [pfSense] IP address range Message-ID: <[email protected]> Content-Type: text/plain; charset="iso-8859-1" Hi ! This is not possible until now... So you have only the possibility to achieve this with subnetting... (in the alias table) Regards, martin -----Urspr?ngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Vieri Gesendet: Montag, 17. September 2012 21:54 An: [email protected] Betreff: [pfSense] IP address range Hi, Can I specify an IP address range in firewall rules or alias? If so, how? I know I can set `network` aliases but sometimes it`s simpler to just specify a range such as <firstipaddr>-<lastipaddr> instead of using masks. Vieri _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list ------------------------------ Message: 5 Date: Mon, 17 Sep 2012 15:22:14 -0500 From: Chris Buechler <[email protected]> To: pfSense support and discussion <[email protected]> Subject: Re: [pfSense] IP address range Message-ID: <caomxwmvmgtrdz1+kpuy5gq+vn9ns6tkf+xdeylmld_koxfd...@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 On Mon, Sep 17, 2012 at 2:54 PM, Vieri <[email protected]> wrote: > Hi, > > Can I specify an IP address range in firewall rules or alias? > If so, how? > > I know I can set `network` aliases but sometimes it`s simpler to just > specify a range such as <firstipaddr>-<lastipaddr> instead of using masks. > You can put a range in the network alias and it auto-expands to the proper CIDR range(s). Read the text description on that page. ------------------------------ Message: 6 Date: Mon, 17 Sep 2012 20:42:38 +0000 From: "Fuchs, Martin" <[email protected]> To: pfSense support and discussion <[email protected]> Subject: Re: [pfSense] IP address range Message-ID: <[email protected]> Content-Type: text/plain; charset="iso-8859-1" Yes... Correct... I also did not see ;-) Sorry... -----Urspr?ngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Chris Buechler Gesendet: Montag, 17. September 2012 22:22 An: pfSense support and discussion Betreff: Re: [pfSense] IP address range On Mon, Sep 17, 2012 at 2:54 PM, Vieri <[email protected]> wrote: > Hi, > > Can I specify an IP address range in firewall rules or alias? > If so, how? > > I know I can set `network` aliases but sometimes it`s simpler to just > specify a range such as <firstipaddr>-<lastipaddr> instead of using masks. > You can put a range in the network alias and it auto-expands to the proper CIDR range(s). Read the text description on that page. _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list ------------------------------ Message: 7 Date: Mon, 17 Sep 2012 21:07:46 -0500 From: Chris Buechler <[email protected]> To: pfSense support and discussion <[email protected]> Subject: Re: [pfSense] extra packages Message-ID: <caomxwmwjepftg5km8b7gatysualfp9b07feqgmdlmfgd-rg...@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 On Mon, Sep 17, 2012 at 8:19 AM, Vieri <[email protected]> wrote: > Hi, > > Apart from installing packages from the web configurator, is it possible to > do a "native" package installation with any of the FreeBSD methods found in > the following link (at my own risk, of course)? > Yes. http://doc.pfsense.org/index.php/Installing_FreeBSD_Packages ------------------------------ Message: 8 Date: Mon, 17 Sep 2012 23:23:57 -0700 (PDT) From: Vieri <[email protected]> To: [email protected] Subject: [pfSense] firewall rules: destination host or network Message-ID: <[email protected]> Content-Type: text/plain; charset=us-ascii Hi, I`m having trouble understanding a very simple concept. Suppose I have several interfaces, eg. lan, wan, dmz, corp2. Most public IP addresses are in `wan` but some may be accessible through `corp2`. Let`s say I would like to add a firewall rule for a specific destination. I can create an alias or specify a network or single host but how do I apply a rule from lan to a specific host in wan? eg. lan single host 10.215.144.48/32 can access 8.8.8.8/32 through `corp2` but cannot access 8.8.8.8/32 through `wan`. Should that be done only through static routing? Thanks, Vieri ------------------------------ Message: 9 Date: Tue, 18 Sep 2012 10:26:22 +0200 From: Seth Mos <[email protected]> To: pfSense support and discussion <[email protected]> Subject: Re: [pfSense] firewall rules: destination host or network Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Op 18-9-2012 8:23, Vieri schreef: > Hi, > > I`m having trouble understanding a very simple concept. > > Suppose I have several interfaces, eg. lan, wan, dmz, corp2. > Most public IP addresses are in `wan` but some may be accessible through > `corp2`. > Let`s say I would like to add a firewall rule for a specific destination. > I can create an alias or specify a network or single host but how do I apply > a rule from lan to a specific host in wan? > eg. lan single host 10.215.144.48/32 can access 8.8.8.8/32 through `corp2` > but cannot access 8.8.8.8/32 through `wan`. > > Should that be done only through static routing? Firewall rules are top down. Make a allow rule for that single host and a block rule below that. Cheers ------------------------------ Message: 10 Date: Tue, 18 Sep 2012 01:43:07 -0700 (PDT) From: Vieri <[email protected]> To: pfSense support and discussion <[email protected]> Subject: Re: [pfSense] IP address range Message-ID: <[email protected]> Content-Type: text/plain; charset=us-ascii --- On Mon, 9/17/12, Chris Buechler <[email protected]> wrote: > > Can I specify an IP address range in firewall rules or > alias? > You can put a range in the network alias and it auto-expands > to the > proper CIDR range(s). Read the text description on that > page. Thanks! It does work OK from the web configurator. However, I need to do a massive import of alias and firewall rules via xml. If I define the following in the xml: <aliases> <alias> <name>WHATEVER</name> <address>10.215.144.1-10.215.148.33</address> <descr><![CDATA[this is a test]]></descr> <type>host</type> </alias> </aliases> and try to import it, there`s no error message but if I look at the imported alias in the web UI I can see that it didn`t auto-expand to the CIDR ranges. Is there a way to auto-expand after import? (maybe from the shell?) Anyway, it`s not such a big deal because I`m generating the xml file myself so I can actually do the conversion/expansion myself prior to importing. Vieri ------------------------------ _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list End of List Digest, Vol 13, Issue 21 ************************************ . Do not Remove: [HID]20120918141528679[-HID] [Description: Image removed by sender.]
<<inline: ~WRD000.jpg>>
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
