@Bob-Dig said in VLAN possible with virtual Switches in Hyper-V?:

@Mats said in VLAN possible with virtual Switches in Hyper-V?:

The first one is to create a trunk adapter and then assign Vlans in PFSense. This had some issues on 2012R2 but is rock solid on 2016. I do use this config myself

I had absolute no success with that.
xxCapture.PNG

Also is it normal that if you add those virtual NICs, that you lose the normal NIC? And then have to use vlan on everything?

And also I am using VMware WS on the other side (Client), which probably making things worse.

The "normal" nic is vlan 0 so that should be doable. I did not have a VM with that config at the moment so I couldn't test it.

You can try method2 and see if that works for you. If it does we know the issue is with the trunking of the adapter

I have no idea, I've never tried them. I know some VPN services can use IPSec, most are OpenVPN only though.

Personally I consider all those VPN services of limited use at best. Setting up your own VPN server that you control is better in many ways.

Steve

This is going to be the attacker's machine if you want to have an internal pentesting environment.

I mean I realise this is off-topic but I don't think you'll get much love for dropping pfSense. 😉

The one area where a device like that might be a better choice is if you need to connect multiple games consoles to the same game/server from behind it. For some reason I've yet to understand the networking code in many consoles/games appears to be straight out of 2002. They often use fixed source and destination ports and cannot cope with that being changed. Hence the need to set outbound NAT rules with fixed ports for games consoles. They often also require inbound connections be allowed directly and that often means UPnP. A terrible idea in a security product.
The actual issue appears to be the fact that miniupnpd, the UPnP daemon used in pfSense, does not support 'masquerade' for FreeBSD/pf. It does in Linux which is what almost every other sogo router is using.
See: https://redmine.pfsense.org/issues/7727#note-3

If that is something that may apply you could always try OpenWRT on whatever hardware you're running pfSense on.

Steve

It's an old topic but my mum taught me to thank people who help ,)
I forgot about this topic until I needed help again, how typical.

Tnx John, I realized that indeed not all apartments need the same SSID, the grouping function is really handy.
Radius was not an option due to the requirement of enterprise WPA and headless clients.

akuma1x, thanks, I did indeed replace all APs with unifi. I bought a cisco smart switch which enabled me to selectively route the VLANs over the wires into the apartments. I only realized too late that these modern PlayStations have wifi as well ;)

Streaming, yeah, work in progress.

Ok. The first, and probably hardest, part of this 'assignment' is defining what SD-WAN actually is.

Steve

Yeah.... I'm not taking that bet! 😁

The ping depends on how far the server is from your location. So lets say your in turkey and connect to a server in germany, youre likely to get a good ping but not is you connect to melbourne

Thanks to all.

Look at Redmine, and the Github repos (on the RELENG_2_4_5 branches) and see what's there.

The snapshots are automated and on a timer. There will not be a per-snapshot set of release notes.