On Thu, Jul 28, 2016 at 11:19 AM, Paul Galati wrote:
> I noted installed packages
> I backed up my configuration xml, 2.2.4
> I replaced hard disk with SSD
> Installed fresh 32-bit 2.3.2
> Installed packages
> imported config
>
> The 3 openvpn clients logged back in with no problem and tunneled VO
On Thu, Jul 28, 2016 at 8:10 AM, scorpions floripa
wrote:
> Good Morning
>
>
> The dhcp in secondary carp is even distributing IP with the active
> master . Anyone know how to solve this ?
>
It's not a problem, that's how it's supposed to work.
___
pfSe
On Wed, Jul 27, 2016 at 8:53 AM, WolfSec-Support wrote:
> Hi Jim
>
> Many thanks for your hint.
> Well it is still not working.
>
> See:
>
Updating repositories metadata...
> Updating pfSense-core repository catalogue...
> pfSense-core repository is up-to-date.
> Updating pfSense repository c
On Tue, Jul 26, 2016 at 7:43 PM, Volker Kuhlmann wrote:
> On Tue 26 Jul 2016 09:41:37 NZST +1200, Karl Fife wrote:
>
>> Interesting how it failed: The fried port 'simply' broke
>> connectivity for the interface's LAN segment. Everything else
>> continued to work. I kinda didn't believe the repor
We are happy to announce the release of pfSense® software version 2.3.2!
This is a maintenance release in the 2.3.x series, bringing a number
of bug fixes. You can find all the details on the blog.
https://blog.pfsense.org/?p=2108
___
pfSense mailing li
On Fri, Jul 15, 2016 at 2:08 PM, Marc R. Meshurle Jr. wrote:
> x.x.x.x is the PFSense and y.y.y.y is the Cisco
>
> Jul 16 00:05:54 charon: 11[IKE] deleting IKE_SA con2000[673]
> between x.x.x.x[x.x.x.x]...y.y.y.y[y.y.y.y]
> Jul 16 00:05:54 charon: 11[IKE] received DELETE for IKE_SA
> con2000[6
On Fri, Jul 15, 2016 at 11:32 AM, Marc R. Meshurle Jr.
wrote:
> I'm having an issue connecting to a Cisco ASA5520 with IPSEC. The vendor with
> the Cisco states that Phase 1 is good, but dropping out on Phase 2. We've
> matched the Phase 2 proposals up and it still fails on the Phase 2 side. I'v
On Tue, Jul 12, 2016 at 3:12 PM, sp1b0t wrote:
> Hello
>
> You can connect more than 255 clients in a server ppoe pfsense?
>
Not without hacking the source, though that should work if you do so.
No limitation in the underlying mpd that runs the PPPoE server, people
apparently run thousands of sim
On Tue, Jul 12, 2016 at 3:10 PM, sp1b0t wrote:
> Hi.
> You can create 2 servers on the same interface pppoe?
No. Wouldn't be possible to differentiate which should answer.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support
On Thu, Jul 7, 2016 at 1:16 PM, Bill Arlofski wrote:
> On 07/07/2016 08:09 AM, Jon Gerdes wrote:
>> Bill
>>
>> I maybe off target here but the IPSEC widget used to cause php-fpm
>> daemon to die after a few days.
>>
>> I haven't looked into it since but removing that widget fixed it for me
>> on t
On Wed, Jun 29, 2016 at 8:27 AM, Jean-Laurent Ivars
wrote:
> Hello Piba (and anyone else…)
>
> Sorry for not having answered before…
>
> To answer you questions, firstly, I’m not in a datacenter, only a client
> offices with different ISP.
>
> I agree with you double NAT is bad but you can’t alwa
On Fri, Jun 24, 2016 at 5:35 PM, Richard A. Relph wrote:
> Brand new pfSense user here… setting up a VMWare system after upgrading it to
> 2.3.1_5, doing a reset to factory config, and restarting the web configurator.
> I get to this point:
>
>
> and what I want to say is have this pfSense instan
On Fri, Jun 24, 2016 at 12:46 PM, Karl Fife wrote:
> Scaling down the update frequency on the traffic graphs seems to
> meaningfully reduce utilization. Many other widgets don't appear to have
> have settings for their poll intervals. Are there other settings hidden
> away reduce the update fre
On Fri, Jun 24, 2016 at 6:15 PM, Cheyenne Deal wrote:
> Is there a list of working crypto cards for x86 and 64bit PC versions of
> pfsense 2.3 release line?
https://www.freebsd.org/releases/10.3R/hardware.html#crypto-accel
Though AES-NI is your best bet at this point.
___
On Fri, Jun 24, 2016 at 1:01 PM, Karl Fife wrote:
> We've entered the wonderful world of the traffic limiters. Specifically, we
> put FACEBOOK subnets through a comparatively skinny pipe. This is done to
> make it JUST a bit too painful to look at kitten photos, but perfectly
> suitable to look a
On Thu, Jun 23, 2016 at 11:55 AM, Karl Fife wrote:
> Ever since upgrading to 2.3, I notice that the CPU utilization is uncommonly
> high when a browser is pointed at the Status / Dashboard.
>
> Naturally, this is the php-fpm process. Each instance of php-fpm runs at
> between 8 and 40% of my 1.8g
On Tue, May 31, 2016 at 2:46 AM, Daniel Eschner wrote:
> Hi There,
>
> i get since some days a couple of errors:
>
> May 31 09:42:40 gw01 charon: 08[KNL] unable to query SAD entry
> with SPI c6bce4d4: No such file or directory (2)
> May 31 09:42:49 gw01 charon: 08[KNL] unable to query SAD entry
On Wed, Jun 1, 2016 at 8:00 AM, Jason Pyeron wrote:
>> -Original Message-
>> From: On Behalf Of Jim Thompson
>> Sent: Tuesday, October 02, 2012 19:24
>> Subject: [pfSense] Turning UDP broadcast into a unicast on another
> interface
>>
>> Without writing a small program? No, I can't think
On Thu, May 26, 2016 at 6:03 AM, Olivier Mascia wrote:
> LAN Interface (lan, igb0)
> Status up
> MAC Address 00:08:a2:09:58:96
> IPv4 Address10.32.0.1
> Subnet mask IPv4255.255.0.0
> IPv6 Link Local fe80::1:1%igb0 (???)
> IPv6 Address
On Fri, May 27, 2016 at 10:00 PM, Walter Parker wrote:
> Hi,
>
> I just plugged a small WDC USB 2.0 hard drive into my pfSense firewall as
> an external, second drive and everything booted:
> da1 at umass-sim1 bus 1 scbus7 target 0 lun 0
> da1: Fixed Direct Access SCSI device
> da1: 40.000MB/s tr
On Tue, May 24, 2016 at 8:08 AM, Pete Boyd wrote:
> I have a pfSense 2.3.0_1 which has had an issue connecting to
> pfsense.com to check for updates for years. That's not the issue, as far
> as I believe. Perhaps its LAN and WAN are mistakenly the wrong way
> around. It routes between two LANs. An
On Tue, May 24, 2016 at 6:47 PM, Jeppe Øland wrote:
> Is the "NanoBSD filesystem is mounted r/w" a temporary thing until you fix
> these issues?
>
No. The issue is some flash media is really slow to rw->ro mount. We
used to carry a forcesync patch to forcefully un-mount it without the
drive sayin
On Tue, May 24, 2016 at 2:47 PM, Karl Fife wrote:
> On 5/24/2016 2:30 PM, Chris Buechler wrote:
>>
>> On Tue, May 24, 2016 at 2:25 PM, WebDawg wrote:
>>>
>>> On Tue, May 24, 2016 at 2:18 PM, Chris Buechler wrote:
>>>
>>>> On Tue, May 24, 20
On Tue, May 24, 2016 at 2:25 PM, WebDawg wrote:
> On Tue, May 24, 2016 at 2:18 PM, Chris Buechler wrote:
>
>> On Tue, May 24, 2016 at 1:28 PM, WebDawg wrote:
>> > On Tue, May 24, 2016 at 11:34 AM, Chris Buechler
>> wrote:
>> >
>> >> On Tu
On Tue, May 24, 2016 at 1:28 PM, WebDawg wrote:
> On Tue, May 24, 2016 at 11:34 AM, Chris Buechler wrote:
>
>> On Tue, May 24, 2016 at 5:33 AM, OSN | Marian Fischer wrote:
>> > Hi list,
>> >
>> > when i try to update one carp member from 2.3_1 to the
On Tue, May 24, 2016 at 11:57 AM, Olivier Mascia wrote:
>> Le 24 mai 2016 à 17:56, Doug Lytle a écrit :
>>
>>> Is the IPv4 requirement something thats planned to be removed in future
>>> releases?
>>>
>>> I don't assume many people have adopted IPv6 yet.
>>
>> Ensuring stable, robust and complete
On Tue, May 24, 2016 at 5:33 AM, OSN | Marian Fischer wrote:
> Hi list,
>
> when i try to update one carp member from 2.3_1 to the latest update (2.3.1)
> it fails after
>
> # snip
> Updating pfSense-core repository catalogue...
> Unable to update repository pfSense-core
> Updating pfSense reposi
On Thu, May 5, 2016 at 3:11 PM, Bob Gustafson wrote:
> On 05/05/2016 02:35 PM, Larry Rosenman wrote:
>
>> On 2016-05-05 14:23, Bob Gustafson wrote:
>>>
>>> On 05/05/2016 02:05 PM, Jim Thompson wrote:
>
> On May 5, 2016, at 6:26 AM, Paul Mather
> wrote:
>
> On May 5, 2016, at 9
On Tue, May 3, 2016 at 5:43 AM, Philipp Tölke wrote:
> Hi everyone,
>
> just FYI, I also had to un-check "Address Pool" for our vpn with
> "Static-IP-Overrides".
>
You probably should just set it back to net30 as noted in my last post
in this thread.
__
On Mon, May 2, 2016 at 5:43 PM, Olivier Mascia wrote:
> Sorry, top-posting this time.
>
> Capturing on WAN(x:y:z:d8ff::2/64), link-local = fe80::250:56ff:febf:7014 (is
> MASTER), I can see:
>
> 00:15:27.653423 IP6 (hlim 255, next-header VRRP (112) payload length: 36)
> fe80::250:56ff:febf:7014 >
On Sun, May 1, 2016 at 3:01 AM, Odhiambo Washington wrote:
> But he doesn't force anyone to install this. I see no reason to ban him
> from posting or even the forum. Open Source was for the willing, IIRC.
>
Not saying he can't do it. He can't use our resources to promote it,
for the reasons I po
On Sun, May 1, 2016 at 1:58 AM, Luiz Gustavo S. Costa
wrote:
> 2016-05-01 3:35 GMT-03:00 Chris Buechler :
>
>> people's systems. He's been told again to not post about this to our
>> lists or forum, next time it's a ban.
>
> that is ... do not talk any m
On Sun, Apr 17, 2016 at 1:01 PM, WebDawg wrote:
> On Fri, Apr 15, 2016 at 12:39 PM, Luiz Gustavo S. Costa <
> luizgust...@luizgustavo.pro.br> wrote:
>
>> Hello,
>>
>> Who wants to go now testing the pf2ad update to pfSense 2.3 can now
>> apply the script with the following command:
>>
>> fetch -q
On Thu, Apr 28, 2016 at 10:21 AM, Adam Thompson wrote:
> OK, I'm lost... In v2.3, what service, and/or where in the GUI, should I go
> to make pfSense act as a slave (authoritative) DNS server?
>
No such capability. Neither dnsmasq nor unbound are authoritative
servers. The tinydns and BIND pack
On Tue, Apr 26, 2016 at 7:38 AM, Olivier Mascia wrote:
>> Le 26 avr. 2016 à 00:37, Olivier Mascia a écrit :
>>
>> It looks like as soon as I bring IPv6 to the party, my secondary starts
>> thinking it's MASTER instead of BACKUP. Sometimes on the WAN side, sometimes
>> on the LAN, sometimes both
On Tue, Apr 26, 2016 at 8:49 AM, Randy Morgan wrote:
> This is not a group for advertising weight loss products, I hope this is not
> going to become a discussion group that allows advertising of this type.
>
I unsubscribe every address that spams the list. Only emails from
subscriber addresses m
On Wed, Apr 20, 2016 at 4:53 PM, Olivier Mascia wrote:
>>> I must be tired or something but I have a strange thing with IPv6 on a new
>>> box I just setup.
>>>
>>> Have a x:y:z:d800::/56 routed to me.
>>> WAN is static IPv6 on x:y:z:d800::1/64, gateway is
>>> x:y:z:d800::::: (not
On Fri, Apr 15, 2016 at 12:31 PM, Karl Fife wrote:
> I'm bringing this up in the off chance that it is a bug. I think it might
> be expected behavior but want to bounce it off a few others.
>
> I have an installation with two fiber uplinks. Each uplink has an IP on the
> ISP's single WAN subnet
On Wed, Apr 13, 2016 at 6:11 PM, Rosen Iliev wrote:
> Hi guys,
>
> Just upgraded my embedded pfsense to 2.3.
> I have problems getting to the box (web or ssh) it just time outs.
> On the web I sometime I get Nginx 504, sometime, just nothing.
> Eventually I got logged in, try to check what's going
On Thu, Apr 14, 2016 at 1:57 PM, WebDawg wrote:
> On Thu, Apr 14, 2016 at 1:53 PM, J. Echter <
> j.ech...@echter-kuechen-elektro.de> wrote:
>
>> Am 14.04.2016 um 19:32 schrieb J. Echter:
>> > Hi,
>> >
>> > here, everything works as expected. :)
>> >
>> > But i have a upgrade running since round ab
On Wed, Apr 13, 2016 at 4:53 AM, Olivier Mascia wrote:
> Hello,
>
> I had a 2.3 RC installed and (mistakenly) let it auto-upgrade some hours ago.
> It went straight to some 2.3.1 DEV instead of 2.3 REL as I expected (my
> mistake). Is there any appropriate way to come back to 2.3 REL other than
On Wed, Apr 13, 2016 at 5:12 AM, Olivier Mascia wrote:
> Reading this: https://doc.pfsense.org/index.php/Open_VM_Tools_package
> after package installation and reboot,
>
> ps uxawww | grep vmware
>
> gives me this output which differs from the doc.pfsense.org article:
>
> root55265 0.0 0.2
On Wed, Apr 13, 2016 at 5:46 PM, David White wrote:
> I just upgraded to 2.3, and internet seems to be working fine, but the
> webConfigurator is failing.
>
> pfSense is running on some older x86 hardware. Checking the system.log, I
> see this entry:
>
> php-cgi: rc.bootup: The command '/usr/local
On Wed, Apr 13, 2016 at 5:17 PM, Steve Yates wrote:
> I should restate/clarify that I was looking at the
> https://doc.pfsense.org/index.php/2.3_New_Features_and_Changes
> page which mentions the package system changed but doesn't specifically
> mention the below
Good point, I added that to the
On Wed, Apr 13, 2016 at 6:08 AM, mayak wrote:
> hi all ,
>
> openvpn will fail on v2.3 if you are using `client specific overrides` where
> `iroute` and `push route` are being used:
>
> if the `tunnel network` is:
> 10.16.52.8/30
>
> and the `advanced section`:
> iroute 172.16.32.0 255.255.255.0;
On Wed, Apr 13, 2016 at 1:48 PM, Steve Yates wrote:
> The release notes don't mention specific package compatibility
Yes it does.
"Packages
The list of available packages in pfSense 2.3 has been significantly
trimmed. We have removed packages that have been deprecated upstream,
no longer have
On Tue, Apr 12, 2016 at 4:50 PM, Pete Boyd wrote:
> What is the change in 2.3.0 that means that Firefox 38 ESR now gives me
> this message when trying to login using the GUI on 2 of 3 systems I have
> upgraded from 2.2.6 so far, via OpenVPN:
>
> "Secure Connection Failed
> The connection to X.X.X.
On Wed, Feb 10, 2016 at 3:47 PM, Romain Lapoux
wrote:
> I am not agree, because how do you explain that all works correctly when I
> disable only the firewall feature in pfSense ?
>
Because stateful firewalls must see both directions of traffic. If
you'd just fix your routing so reply traffic co
On Sun, Feb 7, 2016 at 12:24 PM, Romain Lapoux
wrote:
> My last test in conservation optimization, if I upload files with 4 parallel
> connections, it drop each in less 10 seconds.
> (And don't free them on backend server, they stay ESTABLISHED in netstat.
>
More than likely because one or more
On Fri, Jan 15, 2016 at 11:59 PM, Steve Yates wrote:
> I don't like leaving things not fully stable so I bit the bullet and
> clicked "Remove Enable/Disable changes in the current Category" so it would
> at least sync. To my surprise it did not help, even after doing it on
> router2 as
On Tue, Dec 22, 2015 at 3:48 AM, Victor Padro wrote:
> Blog's greatest public annoucement.
>
> Error establishing a database connection
>
Oops, fixed.
> On Tue, Dec 22, 2015 at 3:04 AM, Chris Buechler wrote:
>
>> pfSense® software version 2.2.6 is now available. T
On Thu, Dec 17, 2015 at 2:17 AM, Mário Barbosa wrote:
> Hello everyone,
>
> I'm getting this notice every time I try syncing two pfsense routers.
>
> "An error code was received while attempting XMLRPC sync with username
> admin http://192.168.4.2:80 - Code 6: The requested method didnt return
> a
pfSense® software version 2.2.6 is now available. This release
includes a few bug fixes and security updates. You can find all the
details in the release announcement on our blog.
https://blog.pfsense.org/?p=1971
Happy holidays, everyone!
Enjoy,
Chris
_
On Fri, Dec 11, 2015 at 9:14 AM, C. R. Oldham wrote:
> Greetings,
>
> We've recently replaced both our routers with pfSense. I am using tinc for
> site-to-site VPN and OpenVPN for clients to connect.
>
> Since some of our support engineers often end up onsite with customers, I
> want to enable Op
It's there and it works (from the LAN subnet to the LAN subnet is
skipped). Check the first config entry in /var/etc/ipsec/ipsec.conf.
On Mon, Nov 23, 2015 at 11:08 AM, Nicolas Fabris
wrote:
> Hi folks! How are you?
>
> Nobody?
>
> Thksss!!!
>
> Lic. Nicolas A. Fabris
> Seguridad
On Wed, Nov 11, 2015 at 9:47 AM, Wade Blackwell wrote:
> Good morning list,
>I recently upgraded to *2.2.5-RELEASE * (amd64) on a VMware stack
> and noticed that my Wan latency shot up by about 100ms rtt. Nothing else on
> the box had changed. I reverted to a pre-upgrade snapshot and the l
On Wed, Oct 28, 2015 at 6:35 PM, Ceylan BOZOĞULLARINDAN
wrote:
> Hello,
>
> I am working for three days on add pdo_mysql and mysqli extensions on
> pfsense 2.2.4 php. But i didn't. I need to connect database with using
> mysqli or pdo instead of mysql. Let me explain to you what i have tried;
>
>
On Mon, Oct 26, 2015 at 12:26 PM, Edward Holcroft wrote:
> Hello list
>
> I am setting up my second pfSense box, with a view to eventually replacing
> 20 Pelink Balance routers on my network.
>
> The first one works great and I have IPSec tunnels working between it and
> all the Peplink sites. Now
On Thu, Oct 22, 2015 at 4:19 PM, WebDawg wrote:
> On Wed, Oct 21, 2015 at 9:52 PM, Frank Lowe
> wrote:
>
>> I am trying to do this now. I have Pfsense working in proxmox. I now have
>> an Openstack cloud controller running comput and neutron(single host) I am
>> now trying to figure out how to
>>
On Thu, Oct 8, 2015 at 7:31 AM, Lorenzo Milesi wrote:
> hi.
> My office pfsense happily works with an IPv6 tunnel since months.
> right now I'm preparing a new server in my lab, and it's running pfSense
> 2.2.4.
> I don't have IPv6 enabled on this new box, nor DHCP of any kind
> (relay/server),
On Thu, Sep 17, 2015 at 6:58 AM, Tom Fanning wrote:
> Quick question regarding the unbound resolver.
>
> I can't find it documented anywhere how often unbound refreshes the DHCP
> leases table.
>
Instantaneously, normally. There is this situation though where it's
not instantaneous, you can have
On Mon, Sep 14, 2015 at 5:41 PM, Erik Anderson wrote:
> Hello all -
>
> We're running 2.2.4.
>
> We have a domain override in our DNS Forwarder for our Active
> Directory domain. Is there any way to provide multiple IP addresses
> for this override? For obvious reasons, I'd like to provide both of
On Sun, Aug 23, 2015 at 9:28 AM, Adrian Zaugg wrote:
>
> Adding the three lines
>
> dnssec
> dnssec-check-unsigned
>
> trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
>
> to dnsmasq in pfSense makes dnsmasq dnsssec aware. Is there
On Thu, Aug 13, 2015 at 4:50 PM, Rainer Duffner wrote:
>
> Mine is a 2D1 (apparently) and has only 128 MB RAM - which apparently is too
> little these days.
> Since 2.2.4, I get a warning in the GUI - but because I do nothing fancy with
> it, I don’t see any slowdowns.
> Memory-usage and all oth
Hey Seth,
On Fri, Aug 7, 2015 at 6:57 AM, Seth Mos wrote:
> Hi,
>
> Only to reply to myself here, but it appears that pfSense 2.2.4 is back
> to the problem I had on pfSense 1.2 in 2008.
>
> A cursory investigation on a test node it appears that it fails to load
> all SPD entries. Both the output
On Thu, Jul 30, 2015 at 5:34 PM, Rainer Duffner wrote:
> php: rc.bootup: New alert found: pfSense requires at least 128 MB of RAM.
> Expect unusual performance. This platform is not supported.
>
> I have an Alix board:
>
>
> CPU: Geode(TM) Integrated Processor by AMD PCS (431.65-MHz 586-class CPU
On Thu, Jul 30, 2015 at 12:54 PM, Ted Byers wrote:
> How do we deal with this:
>
> TCP/IP Initial Sequence Number (ISN) Reuse Weakness
>
Ask your scanner vendor. That check blindly trusts OS identification
in a case where it's just making a guess at the OS (of OpenBSD 4.0 as
the closest match, bu
On Wed, Jul 29, 2015 at 2:18 PM, Edward Josette Ortega Salas
wrote:
> Hi!.
>
> Yes, it was quick:
>
> - For setkey -D its took: 0.253u 0.276s 0:31.37 1.6% 93+178k 0+0io 0pf+0w
> - And for setkey -DP: 0.017u 0.008s 0:00.02 50.0% 204+408k 0+0io 0pf+0w
>
>
> And.. we are talking about 157 vpn, So
On Wed, Jul 29, 2015 at 7:59 PM, Ray wrote:
> Hi,
>
> I run pfSense on a few ALIX boxes, usually as tunnel end and as access
> point. When I can plug one of these machines into any (wired) network, I
> have easy access to my home network through the private WLAN the ALIX
> provides.
>
> This works
On Sat, Jul 25, 2015 at 8:06 AM, Juan Bernhard wrote:
> Hi list, first I want to congratulates all pfsense developoers for this
> magnificent piece of software.
>
> I think I found a simple bug:
> I configuring a pfsense in a single server to replace a cisco 2821 and an
> asa 5520, and at the mome
On Fri, Jul 24, 2015 at 8:11 PM, Ryan Coleman wrote:
>
>> On Jul 24, 2015, at 7:18 PM, Ted Byers wrote:
>>
>> On Fri, Jul 24, 2015 at 6:29 PM, Chris Buechler wrote:
>>
>>> On Fri, Jul 24, 2015 at 5:20 PM, Ted Byers wrote:
>>>> This is an extern
On Fri, Jul 24, 2015 at 5:20 PM, Ted Byers wrote:
> This is an external scan. We forward ports such as 443 and 22 to specific
> Ubuntu machines. But both sshd and apache have been configured to accept
> only TLS1.2
>
In the case of forwarded ports it's the Ubuntu machines that are
triggering it
On Fri, Jul 24, 2015 at 3:51 PM, Ted Byers wrote:
> I have checked our installation of our website (a classic protected LAN
> with a DMZ formed by two pfsense machines serving as our inner and outer
> firewall, and one machine in the DMZ and the rest behind the inner
> firewall) using a PCI scanne
On Tue, Jul 21, 2015 at 2:39 PM, Zach Underwood wrote:
> Lastnight/this morning we upgraded pfsense from 2.1.4 to 2.2.3
>
> We are having problems will ssh and siproxd. We are unable to ssh to the
> box and ssh on the service tab will not start.
>
Is this nanobsd or a full install?
Try to run /u
On Thu, Jul 16, 2015 at 4:22 PM, Ryan Coleman wrote:
> For those of us with IPsec needs: is there an update on the release of 2.2.4?
> I’m avoiding upgrading my secondary firewall because I cannot afford to lose
> some basic VPN functionality.
>
Right now we're working through some of the last
On Tue, Jul 14, 2015 at 5:20 AM, Joy wrote:
> Hi,
> i am using latest version of pfsense 2.2.3 after upgrade from 2.1.5.
> In 2.1.5 my layer 7 filtration was working perfectly while enabling the
> same in 2.2.3 not allowing traffic to go outside. Please let me know what
> could be the solutio
On Sat, Jul 11, 2015 at 10:13 AM, Doug Lytle wrote:
> Everyone,
>
> I talked a small automotive shop into replacing their aging pfSense computer
> with a GA-J1900N-D3V. They purchased an all-in-one unit from mini-box.com
>
> http://www.mini-box.com/SYS-M350-Gigabyte-J1900N-D3V-picoPSU-90-60W
> ht
On Fri, Jul 3, 2015 at 3:16 AM, Микаел Бак wrote:
> Hi list,
>
> I run pfsense nanobsd (1g) on an old PC Engines ALIX board with 256MB RAM.
>
> After upgrading to v2.2.3 my only installed package "OpenVPN Client Export
> Utility" and its dependencies disappeared.
>
> I tried to reinstall it, but n
On Thu, Jul 2, 2015 at 1:31 PM, Paul Upson wrote:
> I recently purchased this device and am now trying to load pfSense onto it
> using a usb stick. Each time the load fails with the following error.
> Mounting from cd9660:/dev/iso9660/PFSENSE fails with error 19. I found a
> post that said to add
On Sat, Jun 27, 2015 at 7:27 PM, Ryan Clough wrote:
> Check your Timezone on the System::General Settings page. After I upgraded
> it had been reset to Africa/Abidjan.
2.2.3 got updated tz data. That's what would happen if you were using
a timezone that's no longer included in the tz data. The sy
For those who aren't on the announce list and don't follow the blog:
https://blog.pfsense.org/?p=1810
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
On Thu, Jun 11, 2015 at 12:10 PM, Mehma Sarja wrote:
> Hi all,
>
> If available open source, can someone point me to the source directory for
> the pfs dashboard?
>
For 2.2.x:
https://github.com/pfsense/pfsense/tree/RELENG_2_2/usr/local/www
___
pfSense
On Wed, Jun 3, 2015 at 4:19 AM, İhsan Doğan wrote:
> Hi,
>
> I'm running IPv6 on my LAN interface and I'm experiencing some
> weird IPv6 Router advertisement issues. When I look at at Router
> Advertisement Daemon configuration, only the prefix and the DNS
> domain should be sent:
>
> # Automatica
On Mon, May 4, 2015 at 1:25 AM, Volker Kuhlmann
wrote:
> I noticed that after a re-install of 2.2.2 (with sections of config file
> from 2.1.5 and several reboots) syslog to remote was not sending any
> data.
>
> The settings at
> https://fw.site/diag_logs_settings.php
> were all correct (Remote S
On Wed, Apr 29, 2015 at 1:22 PM, Christoph Hanle
wrote:
> On 28/04/15 22:34, Christoph Hanle wrote:
>> Hi,
>> we are getting crazy with one tunnel
>> our system pfSense 2.2 failover cluster
>> other side a bigger Juniper.
>> VPN with 6 tunnels was up.
>> the 7th tunnel (10.2.2.55) fails.
>> the af
On Fri, Apr 24, 2015 at 12:55 PM, Gregory K Shenaut
wrote:
> On Apr 24, 2015, at 09:55 , Adam Thompson wrote:
>>
>> It's not a routing issue, it's a bug/mis-feature in FreeBSD's IPSec stack.
>> See
>> https://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_
On Thu, Apr 16, 2015 at 7:53 AM, Vick Khera wrote:
> On Wed, Apr 15, 2015 at 6:50 PM, Bob Gustafson wrote:
>
>> Today - except for the initial clicks, the process was totally automatic
>>
>> 14:21 Started uploading new version
>> 14:36 logging started on new version (?)
>> 14:37 started reinst
Details on the blog: https://blog.pfsense.org/?p=1705
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
gt;
> -Ursprüngliche Nachricht-
> Von: List [mailto:list-boun...@lists.pfsense.org] Im Auftrag von Chris
> Buechler
> Gesendet: Dienstag, 14. April 2015 03:38
> An: pfSense Support and Discussion Mailing List
> Betreff: Re: [pfSense] best way to change WAN interface af
On Sat, Apr 11, 2015 at 1:46 PM, Martin Fuchs wrote:
> Hi !
>
> Does anyone have any experience with changing WAN-interfaces ?
>
> We migrated out CARP-cluster from one provider to another.
>
> On em1 we have provider-old and
>
> On em7 we have provider-new.
>
> The old provider will switch off hi
On Sat, Apr 11, 2015 at 10:14 PM, Jim Thompson wrote:
>
> George Neville-Neil and I presented a paper at AsiaBSDcon last month. Slides
> and paper are attached.
Attachments exceeded the list's size limit and somehow got dropped in
approving the post, they're available here:
https://files.pfsens
This should be fixed. mailer-daemon@ ended up as a list member in
mailman, AFAICT from day one of this list, but in the past few days
ended up being spoofed to send a couple viruses to the list. Those
messages bounced for a number of people, and mailman can't
differentiate between what type of boun
On Thu, Apr 2, 2015 at 8:05 PM, Peder Rovelstad wrote:
> Looks like this is probably Snort associated. Same symptom on another site
> just now traffic from Akamai. I'll figure it out. Thanks for reading.
>
That would add up. Where nothing replies to traceroute like you were
showing, either it'
On Mon, Mar 30, 2015 at 6:40 AM, Adam Thompson wrote:
> OpenVPN is good at getting unicast IP traffic from A to B, but it's difficult
> to, say, run OSPF over it.
There are reasons, but that's not one of them. Lots of people run OSPF
over OpenVPN.
___
On Thu, Mar 26, 2015 at 8:19 PM, Bryan D. wrote:
> On 2015-Mar-26, at 4:01 PM, Chris Buechler wrote:
>> Go to System>Advanced, System Tunables, and add a new tunable there.
>> Name net.key.preferred_oldsa, value 0, then save and apply changes.
>> That have any impact
On Mon, Mar 23, 2015 at 9:34 AM, Christopher CUSE wrote:
>
> On 03/23/2015 03:03 PM, mayak wrote:
>>
>> On 03/22/2015 12:38 AM, Bryan D. wrote:
>>>
>>> We've had a pfSense-to-pfSense "always on" IPsec VPN connecting 2 offices
>>> since 2008 (pfSense 1.2 IIRC) and it's:
>>> - been ultra reliable (i
On Tue, Mar 24, 2015 at 8:27 AM, Vick Khera wrote:
> On two of my firewalls upgraded to 2.2.1, I see three options in
> Advanced->Admin Access menu serial communications menu:
>
> Serial Terminal *Enables the first serial port with 115200/8/N/1 by
> default, or another speed selectable below.* No
On Thu, Mar 19, 2015 at 12:48 PM, Gregory K Shenaut
wrote:
> Hi, I have a system with two sites. One of the sites has two WAN connections,
> the other one. I have an IPSEC tunnel passing all traffic between the two
> sites. I'm having some difficulty with site-to-site access. I can ping
> anyth
There's nothing to go on to offer any worthwhile suggestions. IPsec
logs best place to start.
On Mon, Mar 23, 2015 at 6:02 PM, Bryan D. wrote:
> FWIW, since my original report, I've noticed some other things:
>
> - since it's not yet "deployed," the v2.2.1 (at both ends) site-to-site IPsec
> VPN
On Thu, Mar 19, 2015 at 8:01 AM, Jim Pingle wrote:
> On 03/19/2015 06:27 AM, Amit Saxena wrote:
>> I am working on pfsense firewall as well as configured as a Opnevpn server
>> I got the information that "Freak vulnerable" so i want to know it
>> affected to Pfsense box
>> My pfsense Detail
>>
>>
1 - 100 of 467 matches
Mail list logo
