1. Home
  2. Off-Topic & Non-Support Discussion

Subcategories

  • Discussions and feedback related to this forum

    612 Topics
    3k Posts
    stephenw10S
    Yeah I usually nuke the content entirely these days just to make it cleaner but I think only admin can do that. I can at least clean that up.

  • Community Hiring and For Hire postings related to jobs that require pfSense software skills

    29 Topics
    117 Posts
    w0wW
    @sef1414 Name it "run.sh", copy to pf and chmod according documentation https://docs.netgate.com/pfsense/en/latest/development/boot-commands.html#shell-script-option You will see messages in the system log like those quoted in the script after logger command.
Log in to post
Load new posts
  • H

    PfSense on large home network (What do you run on your Home Network)

    5
    0 Votes
    5 Posts
    3k Views
    Z
    Running a few vlans general access NAS/SAN network guest wireless dmz test lab wan total nodes is less than 20 with a number of them being vm's. As the pfsense box is a VM I've only got vlans 1,3, and 6 going physical.
  • C

    General Article discussing the State of Network Security

    14
    0 Votes
    14 Posts
    5k Views
    C
    @craigduff: In your opinion are big corporates running pfsense? Or do you think companies are now swaying more towards an open source solution? When i have worked for big companies in the city they all seem to be running Cisco or Juniper etc… Iv been a pfsense fan now for 3 years now and love it! And would always implement pfsense when i can. For basic filtering and routing Pfsense does a great job ….. add in the fact it has many useful plug-ins its a Ideal Platform for home or small businesses with micro budgets. But if your top priority is security, corporations will use Cisco, Juniper ...etc. because you have more security options but they may use Pfsense as DMZ's etc.....behind them to save a few dollars. If security isn't there top priority I suppose some corporations may use them on the front line of defense to save some dollars. If your a true security expert and spend 8 hours a day 7 days a week managing a pfsense Firewall I suppose you could by using snort and the firewall filters maintaining a set of custom rules to defend the network. It would be a never ending process new rules every day being added. But this is why you subscribe to a professional security firm selling subscriptions which allow you accesses to there custom rules for just a few thousand dollars a year. One of the nice things about Pfsense is the fact you pick your own hardware ..... Old computer you just retired, or buy a new state of the art computer system.
  • I

    Automatic Authentication Proxy squidGuard and releasing web access for groups AD

    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • V

    Email clients not working properly

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    C
    Whats your email setup? Do you have exchange, pop or Imap server? I personally use Exchange and i havent had this problem.
  • N

    Merge forum users

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    C
    We can't do either of those, SMF doesn't offer a means of doing so. At least short of manually changing the database which we're not going to do. We can delete one account so that name could be used under a different account, though users can delete their own accounts and we've never done that for anyone.
  • N

    Several Questions about PFSense

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    johnpozJ
    sure you can add nics to your pc..  Then sure use those as network segments - you can put in as many nics as your pc will handle.  I have currently 4 assigned to my vm of pfsense.  wan, lan, wlan and dmz. I just run an AP off my wlan segment..  Just never saw the point of using a wireless card in the router as your AP.  Just use a normal AP or wireless router as AP and connect it to that network segment.  Pfsense and wireless not a good fit of as of yet from everything read on the forums. wireless cards normally don't make good AccessPoints anyway.
  • E

    Blocking DNS queries to external resolvers

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    P
    Those instructions look good. To let some systems "out" to use another external DNS server/s: Add an alias "ExternalDNSallowed" (or some such name). Add all the LAN IP addresses of systems that are allowed to use an external DNS directly. Add an alias "PermittedDNSservers" (or some such name). Add the IP addresses of external DNS servers you allow to be used (e.g. 8.8.8.8 and 8.8.4.4) Add a firewall rule on LAN permitting IPv4, TCP+UDP, source "ExternalDNSallowed", destination "PermittedDNSservers", port 53. Move the rule up before the wildcard rule that blocks everything to port 53.
  • N

    Unable to communicate with www.pfsense.com - Tried a few suggestions but …

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    N
    Hello again, After thinking a bit more (should have done that before), I found the solution: I added an outbound NAT mapping to NAT source IP network 10.60.0.0/16 to the public virtual IP. The reason is that when I ping 8.8.8.8 using the WAN1 interface, pfSense uses the WAN1 private IP as its source IP. However, there was no NAT mapping this IP to the public IP. So, I understand that the pfSense box (always?) uses the WAN interface when accessing the internet. I wrongly assumed that all traffic originating from the pfSense box would use the localhost 127.0.0.1 IP address as its source IP, which would then be NATted to the specified public IP address. Thanks for all help.
  • C

    PfSense androidGUI app (a work in progress)

    Locked
    22
    1 Votes
    22 Posts
    20k Views
    C
    Not had time to look at this project recently, been playing with the pfsense webconfiguration instead. Anyway here is an updated apk > https://dl.dropboxusercontent.com/u/12367642/Pfsense.apk (you will have to uninstall the previous verion if you have it) Changelog: Added Arp page Added Authentication page Added Table page Finished the Status > Interfaces page (untested) Improved UI of the services page Added validation to the wake on lan page
  • S

    For Sale: Fabiatech FX5620 with 2.0.3 - $75 + shipping

    Locked
    1
    0 Votes
    1 Posts
    3k Views
    No one has replied
  • T

    Nic card failure

    Locked
    13
    0 Votes
    13 Posts
    5k Views
    stephenw10S
    @tadleymansions: I certainly have learned an awful lot over the last few days and am resolved to learn more about pfsense. Not all bad then.  ;) Thanks for signing off. Steve
  • L

    RAID 10?

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    P
    As you have discovered, RAID protects against failure of the drives. A RAID controller failure brings down the whole thing! To avoid that you need dual-channel disks that can connect to multiple controllers and software that knows how to handle the multiple paths to disks… Then if the multiple RAID controllers are on the same system bus, failure of that bus brings it all down... You need multiple hosts, each with fibre-channel (or whatever) controllers to dual-ported disks, and clustering ability... The numbering of disk allocation in RAID will depend on the particular firmware implementation. e.g. a 4 disk RAID10 set might have disk 1+3 mirrored (set A) and 2+4 mirrored (set B). Then the logical blocks are striped across set A and set B. In that case you can lose 1 disk from set A  and 1 disk from set B and users don't notice. But if you lose 2 disks from set A, or 2 disks from set B, you are dead. So, you can't lose just any 2 drives. The other hassle with RAID is that the firmware usually writes some custom stuff at the start of the disks, and the ordinary boot block is not where it would be on an ordinary disk. So, even if you are just doing RAID1 (mirrored pair), and the RAID controller has died, you can't just plug 1 of the disks into an ordinary disk controller and have it boot - this can be VERY annoying when trying to get something up and running temporarily.
  • D

    Benchmark of pf / ipfw / forwarding on FreeBSD-HEAD

    Locked
    1
    0 Votes
    1 Posts
    6k Views
    No one has replied
  • M

    PfSense getting some shine on pcper.com podcast

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • P

    OT: Smart Homes & Wired vs. Wireless

    Locked
    14
    0 Votes
    14 Posts
    6k Views
    T
    I would highly recommend going with the fiber run.  I have done installs with even shorter runs using fiber.  I would agree with a larger pipe, that way if you need to pull additional fiber, you have the room to do that.  Make sure they put a pull string in that conduit. As far as the rooms go, I truly feel that wired is a better solution.  I have wireless in the house, which is great for some basic thing.  However, when you start streaming HD/Blue Ray movies across wireless, you will have buffering issues.  I've also tried the Ethernet over Power adapters, which work some, but again when you get to the HD videos you start to buffer. My wife and I are planning on building a house in the next couple of years.  I'm planning on running a minimum of two runs to each room, some with 4-6 runs.  I won't be running any coax in the house.  You may be asking why so many runs.  My family has no traditional TV in our house, which means we stream everything.  Then I also run a VOIP systems.  The next house will be automated along with Video Cameras for the security system.  Don't get me wrong, I am not your average computer person in the home.
  • L

    Vlans

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    M
    Maybe your provider wants to add their own VLan tag to your traffic and but leave your Ethernet frame in tact. This is called QinQ. Sounds like they are dividing your traffic up for you so that you can have CoS. We do this at Comcast for our Metro Ethernet Service.
  • F

    FreeBSD 8.4 + pfSense 2.1 ?

    Locked
    17
    0 Votes
    17 Posts
    9k Views
    jimpJ
    I doubt we'll be changing things just to change them. A GUI refresh isn't entirely out of the question, but if that happens it would probably be a part of some other major GUI-impacting change (we may suddenly decide to move from PHP to Python for some reason, or move to some sort of MVC framework), and not just because we felt like redesigning the GUI. We like to focus on making things work properly, and we try not to break things unless they're actually broken/unusable. Opinions on that vary, but it's mostly a bikeshed discussion. Getting volunteers to code the GUI changes isn't quite that simple. In an ideal world, sure, but in the real world, you may have plenty of volunteers and very little follow-through, or people will disappear leaving code abandoned. If something of that scale is to be done, it would have to be closely handled/managed by the core team with assistance from the community in places. Any of those kinds of changes would likely be a couple versions out though. We have some other significant work to do in the meantime, but in a version or two we'll be looking for more things to change/implement as the major tasks like updating the base OS, wireless updates, and IPv6 and such are completed.
  • S

    PfSense Deployment Success Story

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    M
    That is some serious equipment  :P
  • C

    Is http://www.pfsense.org/ down?

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    C
    Server is back again… I am able to install packages now... Thanks for doing magic.  ;D
  • M

    DNS Nameserver Spoofability Test

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.