Categories

• TNSR

  Discussions about TNSR

  TNSR Announcements

  Feedback

  Installation and Upgrades
  97
  Topics
  306
  Posts

  

  The VMware vmxnet3 PMD does not support setting virtual MAC addresses, which is currently required in order for VPP's VRRP plugin to work properly. You might be able to work around it by manually going into vppctl and setting promiscuous mode on the interface directly there, but there isn't a vpp API function to set that yet, so TNSR can't set it automatically.
• pfSense® Software

  Discussions about pfSense Software, click a category below

  Messages from the pfSense Team

  General pfSense Questions

  Installation and Upgrades

  Firewalling

  NAT

  HA/CARP/VIPs

  L2/Switching/VLANs

  Routing and Multi WAN

  Traffic Shaping

  DHCP and DNS

  IPv6

  IPsec

  OpenVPN

  Captive Portal

  webGUI

  Wireless

  SNMP

  Documentation

  Development

  Gaming

  Virtualization

  Hardware

  Bounties

  Retired
  94803
  Topics
  561091
  Posts

  

  You can solve that with some carefully crafted NAT rules, but you are better off removing that config and using the HAProxy package instead. Since it's a real proxy, it would not have that issue. The built-in load balancer has been removed from 2.5.0, so it's a dead end to start with it now.
• pfSense Packages

  Discussions about pfSense software packages

  Cache/Proxy

  IDS/IPS

  Traffic Monitoring

  pfBlockerNG

  ACME

  FRR
  14706
  Topics
  94242
  Posts

  C

  You have to put this line in general -> show advanced options -> "Custom Options (Before Auth)"
• pfSense International Support

  Discuss pfSense in other languages

  Chinese

  Deutsch

  Español

  Français

  Indonesian

  Italiano

  Russian

  Nederlands

  Norwegian

  Portuguese

  Polish

  Romanian

  Swedish

  Turkish
  38552
  Topics
  242348
  Posts

  

  @dpirralha said in Página Web com Instabilidade: PFSense está no Brasil. Ainda lembrei-me de que uma rede com uma rota tão grande.... vale a pena CDN https://www.cloudflare.com/cdn/
• Official Netgate® Hardware

  Information about hardware available from Netgate

  982
  Topics
  6752
  Posts

  N

  @DrPhil You cant filter traffic on the same interface since it is not passing through pf. You need to put guest clients on another interface. Even then, you cant stop them from seeing each other. (unless they are on wifi with client isolation enabled)
• Netgate Announcements

  Information about hardware available from Netgate

  3
  Topics
  13
  Posts

  

  The support from Netgate is excellent. I have had 1 failure on an SG-1100 which was turned around to Australia within a month.
• Off-Topic & Non-Support Discussion

  Feel free to talk about anything and everything here

  Forum Feedback

  Community Job Board
  2672
  Topics
  14274
  Posts

  

  @blackfoot said in How to prepare my network for Google Meet Conference: @bmeeks These are the WAN rules I just added. The three "PASS" rules below. I got your point, I will just let everything pass in the firewall for a while. I am still trying to familiarize this Firewall conf. Thank you for your help, appreciate it alot. You should not need ANY user-added rules on your WAN. The stateful inspection engine of the firewall will handle allowing reply traffic through. Users are not connecting to your school. Everyone is connecting to Google's systems for Meet. In pfSense you configure rules for traffic "inbound" into an interface, not "outbound" from an interface. You should be able to remove all three of your manually added rules on the WAN. That would greatly increase your security. With the pfSense out-of-the-box configuration, Google Meet should work just fine. You would not need to do anything except assign the LAN and WAN interfaces during the setup wizard. You might need to change the LAN IP netblock depending on what was previously in place at your school.