-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Kyle Marek
Sent: Thursday, February 15, 2018 10:38 AM
To: pfSense Support and Discussion Mailing List ; Eero
Volotinen
Subject: Re: [pfSense] Configs or hardware?
> This is silly. I shouldn't have to replac
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Marco
Sent: Sunday, February 11, 2018 2:30 PM
To: list@lists.pfsense.org
Subject: Re: [pfSense] Port forwards don't work on one machine
> I ran a wireshark on the destination and it received packets when
> “
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Marco
Sent: Sunday, February 11, 2018 2:30 PM
To: list@lists.pfsense.org
Subject: Re: [pfSense] Port forwards don't work on one machine
> I ran a wireshark on the destination and it received packets when
> “
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Chris L
Sent: Sunday, February 11, 2018 1:43 PM
To: pfSense Support and Discussion Mailing List
Subject: Re: [pfSense] Port forwards don't work on one machine
> What interface is that taken on? Take one on
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
Volotinen
Sent: Sunday, December 17, 2017 11:02 AM
To: pfSense Support and Discussion Mailing List
Subject: Re: [pfSense] pfsense crashing
> Need to test that tomorrow. Just wondering how to attach rem
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
Volotinen
Sent: Sunday, December 17, 2017 5:28 AM
To: pfSense Support and Discussion Mailing List
Subject: [pfSense] pfsense crashing
> After updating and restoring config to my SG-8860, it goes to end
-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero
Volotinen
Sent: Saturday, November 25, 2017 5:35 AM
To: pfSense Support and Discussion Mailing List
Subject: [pfSense] pfsense openvpn speed?
> We are running pfsense 2.3 on netgate sg-8860.
>
> Devi
While working on another issue I noticed that on the lan interface which
does not have dhcp relay enabled, the pfsense box is receiving and
retransmitting
dhcp requests.
In this case, the dhcp server itself lies on the same vlan and interface that
the client exists on hence the relay is not enabl
> The two are unlikely to be related.
>
> The "pf wedged" message can happen in some race conditions if multiple
> actions are happening, attempting to hit pf in the same way at the same
> moment. In most cases it's noteworthy but otherwise harmless.
I had made several rule additions, removals and
> A few years ago, we built a number of such units for customers, and for
> our own use. 4x 10GbE NIC ports on 2 NICs, 4x 1GbE NIC ports on 2
> NICs. LAGed (actually multiple LAGs, typically ~4 per unit). Units
> handled multiple gigabit inbound speeds without issue for a long time
> (custome
> Check your states table size.
Low, right now it is only at %0.002 full and while I don't have that info
from the time of the failure I think it is safe to say it wasn't much different.
Thanks,
jlc
___
pfSense mailing list
https://lists.pfsense.org/mai
I have a site that has grown significantly over time and the role pfsense plays
went from only providing internet and vpn connectivity to routing between 2
dozen vlans at gig speeds. We are considering replacing the hardware and aren't
sure if the site is at the point where dedicated equipment is i
I recently received an error that the pf table was wedged and had been reset
while making changes. A few days later, a vlan stopped passing dhcp traffic
and filter reload did not resolve it, I actually had to reboot the unit.
Has anyone seen this, are there configurations known to produce this beh
Does a facility exist to bypass the UI and invoke a static config for an
openvpn server?
I do not see a means through the web ui to create a configuration which permits
static
addressing in subnet mode?
Thanks,
jlc
___
pfSense mailing list
https://list
I have a 2.2.6 appliance with a server running topology subnet with a pool
defined (172.31.1.0/24) which has "Address Pool" unchecked and a ccd for
a client with a 'push "ifconfig 172.31.1.42 255.255.255.0"' directive.
When a 2.3 client connects, it simply takes the next ip after server. In the
l
> hi joseph,
>
> i use for this scenario two pfsense appliance.
>
> the devices are two apu.1d4 with 4 gb ram,
> 16 gb msata harddisk and 3 nics.
>
> internal network ( about
> 30 vlan ) vlan s are on the core router with default gateway pfsense
> appliance.
>
> for internet access i have tw
I need to replace a single appliance with a pair for failover. Internally,
the units will have a single nic with several vlans which also performs
routing for each segment. Externally however, the wan interfaces
have a known fixed ip but it is assigned dynamically. Not optimal but
I do not have an
> I have a server that includes the rrddata element when choosing not backup
> this data
> and duplicates it when you do backup rrd data. I had a look through the issue
> tracker and
> did not see anything open or recent that is related.
>
> Anyone seen this before?
Had a chance to look at this
I have a server that includes the rrddata element when choosing not backup this
data
and duplicates it when you do backup rrd data. I had a look through the issue
tracker and
did not see anything open or recent that is related.
Anyone seen this before?
Thanks,
jlc
__
> So 1 out of 3 upgrades failed to re-assign the NICs? What are you saying?
Sorry, none of the systems I have access to reference the nics by mac, I'd
expect that to be done by the operating systems facilities anyway.
What did work was simply renaming the equivalent nic names and their usage
in o
> The new hardware has new MAC Addresses - they are assigned based on the MAC
> and not LAN1, LAN2 and LAN3.
Not from the two systems I just checked...
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
I had to restore a config from a 2.1.4 system to new hardware. The original
system had
vlans and as expected the restore prompted to re-assign the opt interfaces as
the nic
types were different but I had to reset the vlans first. After rebooting, it
kept asking for
the wan/lan assignment and aft
> I assume this is why snapshots.pfsense.org is offline (or at least not
> answering) right now?
In the release announcement are links to upgrade binaries, not all the mirrors
are populated
yet, find one. In the same rel announcement is an upgrade guide link that
explains how to
perform the upg
> Hello,
> Thanks, but I believe what you are referring to is only an option for an
> OpenVPN connection. I am referring to Mobile IPSEC, as described at:
> http://doc.pfsense.org/index.php/Mobile_IPsec_on_2.0
Oops, my bad. Check 'Provide a list of accessible networks to clients' in
the Mobile
> Is there any way to change this so only traffic destined for the pfSense
> LAN is routed through the mobile IPSEC connection?
Certainly, uncheck 'Redirect Gateway', define 'Local Network' as required and
push only the applicable additional routes to the client if any...
jlc
> lan1 192.168.9.0 <---> pfsense1 (client openvpn) <--> pfsense2
> (server openvpn) <--> lan 2 192.168.8.0
> /var/etc/openvpn/server1.conf
> route 192.168.9.0 255.255.255.0
> push "route 192.168.8.0 255.255.255.0"
This looks right.
> /var/etc/openvpn-csc/fw-target
>
> iroute 192.168.9.0 255.2
>We are setting up a site to site OpenVPN network with a main office
>and several remote sites. I'm looking for advice how to route the
>sites connected to a main site where a Asterisk VoIP call manager
>resides. The phones at the sites are Cisco and if I understand the
>technology VoIP calls must
>You don't want MTU, you want MSS clamping.
Appreciate the confirmation, some reading and trial and error had me try this
and I am
running at a value of 1360 which has more than tripled my outbound throughput.
How does this affect the similar settings available in an Openvpn instance
passing
th
We switched providers and are utilizing a 3 way bonded dsl setup aggregated
behind a Mikrotik unit.
I am seeing some less than expected throughput and certain types of connections
like rdp/rsync are hanging and need to be restarted.
The provider suggested to enable an MTU on the wan link to 1460
>I did see the issue and I had the theory in my head, I just didn't know
>how to do it with VMWare. So I create a new virtual network, set the
>VLAN ID to ALL (4095), and it will pass all the VLANs available on the
>physical port?
Yup, they are now available as tagged vlans to any vNic plugged in
>I'm currently trying to configure pfSense firewall in a VMWare machine.
> There is apparently a limit of 10 vNICs on Vsphere 5, but I would need
>this firewall to access 11 networks. Since all the networks in VMWare
>are already tagged vlans, I don't really how to overcome this limit.
Don't see
>For each tunnel with different ip ranges it's neccessarry to use a unique
>OpenVPN server.
I don't, I have several remote sites that connect to one instance, each has its
its own /30 assigned via client configs. There are rules defined with
source/dest
that control which sites see what on which
>If you just need to utilize the IPs, couldn't you use a Virtual IP? If they
>are reserved,
>I don't see a reason setting them up statically on your side would be an issue.
>-Tim
Becuase the crappy isp (Telus) only grants access once the IP is fetched from a
dhcp
server.
As far as I know, you
I have a situation where I need a multiple wan ip addresses, the site has
several
reserved ip’s handed out by a dhcp server, but they all share the same gateway.
I'm not aware of any way this with multiple opt interfaces, a virtual ip won't
work
as far as I know since its needs it ip dynamicall
34 matches
Mail list logo
