I believe I’m having this issue, and have been for some time now. I always wondered why sometimes PPP would drop, and I’d drive out to site only to do a reboot and everything works. Sometimes I’d even have people put on site reboot for me, but it wouldn’t work. Is there any update on this issue?
Below log is newest on top, so read in reverse.
Feb 21 09:25:12 ppp 98216 [wan] IFACE: Down event
Feb 21 09:25:08 ppp 98216 [wan] IPV6CP: LayerDown
Feb 21 09:25:08 ppp 98216 [wan] IPV6CP: SendTerminateReq #38
Feb 21 09:25:08 ppp 98216 [wan] IPV6CP: state change Opened --> Closing
Feb 21 09:25:08 ppp 98216 [wan] IPV6CP: Close event
Feb 21 09:25:08 ppp 98216 [wan] IPCP: LayerDown
Feb 21 09:25:08 ppp 98216 [wan] IPCP: SendTerminateReq #76
Feb 21 09:25:08 ppp 98216 [wan] IPCP: state change Opened --> Closing
Feb 21 09:25:08 ppp 98216 [wan] IPCP: Close event
Feb 21 09:25:08 ppp 98216 [wan] Bundle: Status update: up 0 links, total bandwidth 9600 bps
Feb 21 09:25:08 ppp 98216 [wan_link0] Link: Leave bundle "wan"
Feb 21 09:25:08 ppp 98216 [wan_link0] LCP: state change Opened --> Stopping
Feb 21 09:25:08 ppp 98216 [wan_link0] LCP: peer not responding to echo requests
Feb 21 09:25:08 ppp 98216 [wan_link0] LCP: no reply to 5 echo request(s)
Feb 21 09:24:58 ppp 98216 [wan_link0] LCP: no reply to 4 echo request(s)
Feb 21 09:24:48 ppp 98216 [wan_link0] LCP: no reply to 3 echo request(s)
Feb 21 09:24:38 ppp 98216 [wan_link0] LCP: no reply to 2 echo request(s)
Feb 21 09:24:27 ppp 98216 [wan_link0] LCP: no reply to 1 echo request(s
After months of testing and overwhelming positive feedback, it's clear the drivers I compiled work more than ok for most environments.
Early on, I contacted carlmeek to see if he needed help testing the new drivers, and to see if they met the bounty requirements. Having just gone through considerable upheaval in their environment (which the other versions helped somewhat), he was reticent to introduce these new drivers before they got more mileage from other users and there was more feedback: he had a solution that seemed stable enough. Since then, I've sent other PMs after it became even more clear that the new drivers work much better than all prior solutions, and that Heartbleed and other security patches were integrated into pfSense (requiring updating all pfSense installations), but I've gotten no replies.
I devoted considerable time and resources chasing this bounty (the "fix" seems simple once you figure it out and look backwards, but it is very time and resource intensive to try different things to figure it out). And I've kept trying to integrate the drivers into the 2.1.x ISO build process, with moderate success, so they can be distributed as part of an official release. However, w/o the hope of ever winning the bounty, I can't afford to devote enough time to integrating the drivers into the 2.1.3+ build process in a timely manner (specially given that at this rate, pfSense 2.2 with native hyperv support might be released by then, rendering all my efforts moot).
I haven't had a chance to test it first hand, but it seems that 2.2 is coming along nicely, and that we might see a release sooner than later. Then again, it might take months, and we don't know yet what features and configuration changes might need tweaking between 2.1.x and 2.2.
So, in the mean time, I'll try and keep working on the ISO integration for 2.1.x, if only to give the community options, but if carlmeek comes back, or if there are other commercial users willing to replenish the bounty, it would enable me to devote more time and resources to the 2.1.x driver integration ISO build.
Sounds like a lot of work. I would wait for FREEBSD 10 based release really. Have you been poking around the 2.2 alpha?
Hereby I cancel this bounty - thank you anyways to Stefan H. who replied by PM/email and offered his help.
I'm cancelling, because I got the solution up and running under shorewall. Sorry pfSense - it's been nice with you.
Why do people not get this?? Why would you set a GATEWAY on a LAN firewall interface?? I just don't get it – but every single day there are like multiple posts where this is the problem!!
A gateway is an address a device uses to get OFF the network its on.. pfsense has this on its WAN -- this is how it gets to the internet. Is there some address on its lan segments that it can use to get off that segment? Then why would you set a gateway?
Devices on your lan segment would use the IP address of pfsense lan interface - this is how they GET off the lan segment. They say hey I need to to talk to something 192.0.2.42 that is not on 192.168.x.0/24 -- where should I send this traffic. Oh my gateway (pfsense) it will know where to send it!! Pfsense gets this traffic and says oh -- I don't have any interfaces in that network, so I will send it out my gateway (internet). I knows this because of its routing table.
What I don't understand is people wanting to setup a complicated VM setup with multiple network segments, multiple internet connections and don't understand even the basic concepts of what a gateway is.. Just blows my mind!!
As to figured out -- no your not even close.. Why do you have 192.168.100.1 em3 interface (dmz)?? Thought you said already that was your modems address.. Why would you set a gateway of 192.168.1.99 for DMZ?
Why do you have 2 physical interfaces connect to your esxi vswitches? lan and dmz?? Do you really have that much bandwidth - are you teaming? To what switch? I would break out your vmkern to its own interface if not its own segment for security.
If you want to setup some time for a Team Viewer session I would be happy to get it working for you - as to your bounty.. That can be donated to pfsense.
Adding to that . Pretty much when I enable the traffic shaper everything is slow. Browsing sites is slow. When I remove the shaper everything is fast but when torrents run nothing can be browsed. My connection is 50/10 comcast biz
X-Cron-Env: <shell= bin="" sh="">X-Cron-Env: <path= etc:="" bin:="" sbin:="" usr="" sbin="">X-Cron-Env: <home= var="" log="">X-Cron-Env: <logname=root>X-Cron-Env: <user=root>Warning: filesize(): stat failed for /var/squid/cache/swap.state in /usr/local/pkg/swapstate_check.php on line 47</user=root></logname=root></home=></path=></shell=>
Network Config Sub Tab
Wizard/Basic Sub Tab
Advanced Sub Tab
Would you want the advanced tab to be more like a conf file blob? Like NUT without pfsense GUI abstraction?
Moving it out of the XML is an option but maybe just using the as is portion as the basic tab would be more efficient considering bounty amount
Anything else more specific you would like to add or expand upon?
I'd donate some bucks from my personal purse ($50?) if l2tp ipsec gets implemented (and is compatible with Win7/8, OSX, iOS and Android). I'm currently using a Zywall which does l2tp/ipsec and is compatible with all those platforms - i'd like to replace that Zyxel hardware.
I need a feature, either CLI or GUI, that allows me to configure to drop every package that has a TCP-option with kind 30.
Iptables e.g. has a command line switch –tcp-option xx that matches every package with a tcp-option of kind xx.
Since I need it only for MPTCP-packages, it is not necessary (but it would be nice) to work with all kind of TCP-options, it can also be hardcoded to work only with kind 30.
Hello, I have been working on it a bit and have been able to put together something like this so far.
List Radius server status for selected zone. For each zone it will get the Authentication Protocol, all the Radius IPs (upto 4 per zone), and Auth Port if entered (1812 default) and Secret Key for each IP. I have not yet added an ability to change the username and password (just using test//testing123). It should be possible though. It also logs the data to /tmp/radiusstatus.log
Screen shot for Services -> Captive Portal
and the resulting Status -> Captive Portal page
(my radius server was down during the test haha) If you would like I can probably add a tab in Status for Radius Servers if you would like to keep the status of Captive Portals and the Radius Servers separate. Also from what I tried, you need to add the freeradius package. (I only added the FreeBSD one, might be better to add the pfSense one for more control.)
Let me know if you are interested and if so how you would prefer it. Also if I do end up finishing it for the bounty I would like to be able to provide the changes to everyone.
the thread listed above, i checked that, i had added an additional post to it to make it connect to ipvanish servers, all u need to do is enable AON and then use firewall rules to route selected traffic out of it
When single user is connected it gets all the bandwidth.
When 2 users are connected the bandwidth gets 1/2, as soon as socket of one users disconnects the other gets total speed.
for 3 users 1/3 . The speed variation depends on socket timeout delay. Usually it is so minimum that it will not be noticeable.
Nice. I can give you 50$ for a tutorial to do just that.
If you also know how to do a fair share, but need a greater compensation, just ask.
I need the tutorial to be a step by step text with screenshots, or a step by step video with subtitles.
I'd prefer you to distinguish the procedure to limit upload from the procedure to limit download.
The one I need the most it the upload limit.
Edit: that's because I may not always need to limit the download