• Logging Question

    4
    0 Votes
    4 Posts
    1k Views
    stephenw10S

    Good to know, I had no clue as you said.  ;)

    So I take it you disabled local logging because you were using an external syslog server and expected that to continue to function?

    Steve

  • WAN link goes down every 12 hours (DHCP related?)

    9
    0 Votes
    9 Posts
    3k Views
    V

    Well, my WAN has been up for "1 Day 00 Hour 27 Minutes 31 Seconds". I guess this means (knock on wood) it's not a pfSense issue but rather either a bug in the USB NIC, Comcast, or a combination of the two. I suppose it could be a USB subsystem bug as well but I doubt that. I might try  freebsd-net@freebsd.org, or Bill Paul who, according to the man page, authored the axe driver to see if I can pin down exactly what's happening before I change ISPs.

  • My First Install - Daft question

    2
    0 Votes
    2 Posts
    1k Views
    L

    Ctrl+Z

  • Using Nano pfSense in HD disk?

    6
    0 Votes
    6 Posts
    2k Views
    C

    yea exactly!

  • Bridged pfsense stop to pass traffic

    16
    0 Votes
    16 Posts
    4k Views
    S

    @stephenw10:

    Having a shared IRQ should not prevent the NICs from working. Having disabled msix for all pci devices it's likely to have more of an effect (I would have thought) but even so it shouldn't stop all traffic.
    I am unsure of your network configuration from your description and I have only experimental experience with a CARP setup so I can't really tell you what would happen. Since you will be thousands of miles away getting it wrong would be very bad so I would have to advise waiting for another opinion.  :-
    In the mean time giving us a network diagram would help greatly.

    Steve

    Thanks, Steve.
    You're right, that having a shared IRQ should not lead to such results. Reading/googling further, I think next step is to exclude CARP interface from the bridge. As I stated, that is an old, inherited setup, and all 3 NICs are members of the bridge.

  • How to disable all ipv6 adressing/networking through the console?

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Multi-Wan, Single Gateway, Multi-Lan

    4
    0 Votes
    4 Posts
    1k Views
    stephenw10S

    Exactly the gateway is the same so the routing becomes a problem. Hmm, I've seen this solved recently but I can't remember where.  ::)

    Perhaps try manual outbound NAT rules rather than firewall rules.

    Steve

  • I cannot get certificate to install

    2
    0 Votes
    2 Posts
    2k Views
    T

    Just wanted to post a followup.

    This is a problem with reissuing a rapidssl certificate via namecheap.
    If anyone else has this issue, contact namecheap and ask them to allow you to reissue the cert directly from Geotrust's interface rather than their own (they may have to enable a link for you as well).

  • Bogon MD5 mismatch

    4
    0 Votes
    4 Posts
    2k Views
    J

    Is this even relevant any more?  I was under the impression that all blocks had been allocated except the RFC1918 private addresses and the RFC3927 link-local addresses.

  • Recommend a good free syslog server with a gui?

    15
    0 Votes
    15 Posts
    15k Views
    jimpJ

    @newbieuser1234:

    i setup security onion.  i was a bit confused on the setup. how can it block port scans, etc via snort if it's on the local network and not in bridge mode between the isp and the router.  jimp, do you guys just use the elsa piece of it or do you use snort with it.  I thought pfsense was far easier to configure.

    I don't think we use it for snort, but for other things. I'm not 100% clear on how snort works with it in that kind of setup.

    The ELSA part is of more interest than snort on there for me.

  • Squid: howto seperate subnets from each other?

    11
    0 Votes
    11 Posts
    3k Views
    stephenw10S

    Neither did I until I stumbled across it by accident one day and was forced to think about it.
    I don't think I've ever tested it on a box running Squid though so your situation may be different.

    That's what I meant by VPN-over-DNS, hiding an encrypted tunnel inside dns queries. I have never looked into blocking/detecting it, mostly because last time I looked into setting it up it was not trivial. However I see that Softether supports it so maybe it will be more common: http://www.softether.org/1-features/1._Ultimate_Powerful_VPN_Connectivity#1.6.VPN_over_ICMP.2C_and_VPN_over_DNS%28Awesome!%29
    I assume to do this you still need to actually own a domain though.  :-\

    I'd be interested in any thoughts.

    Steve

  • MOVED: 3g Dongle Will Not Show Up in PPP

    Locked
    1
    0 Votes
    1 Posts
    605 Views
    No one has replied
  • How to log the firewall's logs and then search?

    3
    0 Votes
    3 Posts
    1k Views
    D

    @stephenw10:

    There was a similar thread recently: http://forum.pfsense.org/index.php/topic,62819.0.html

    Steve

    Thanks for that mate.

    If anyone is interested I have built my self a small VM with 80GB hdd.
    Running Centos on there and it's running rsyslog which logs all the firewall data to /var/logs/syslog/firewall.log

    In turn I can grep for addresses and ports on this and have to say it works very nicely.

    I have the option "show raw filter logs" enabled and this does give quite a comprehensive view of all the traffic hitting my firewall.

    For now this will do me nicely but if I feel I need anything else then I'll have another look at that thread.

  • Intel Nic (em) High Cpu Usage

    14
    0 Votes
    14 Posts
    5k Views
    S

    Yeah my network is configured in a weird way i.e my way (it aint easy!)
    Yep you're abs right, it's not behind pfsense, but kinda like "dmz" configured by someone before (now have to configure dmz "properly")

    we're still trying to figure what the hell it sent out!  Thanks to you i was able to pin it!
    Thank you steve and Good day!  :)

  • Kernel: arpresolve: can't allocate llinfo for 192.168.100.1 (cable modem)

    9
    0 Votes
    9 Posts
    19k Views
    J

    @jimp:

    There are many posts here on the forum about that. Search for 192.168.100.1 or the llinfo error and you'll turn up several useful discussions.

    http://forum.pfsense.org/index.php?topic=54171.0
    http://forum.pfsense.org/index.php?topic=56330.0
    http://forum.pfsense.org/index.php?topic=62964.0
    http://redmine.pfsense.org/issues/2704

    Since you mentioned in this post http://forum.pfsense.org/index.php/topic,62964.0.html that with v2.1 might be better I will wait for the final version.
    At least I know what its causing my issue so I know how to fix it.

  • Configuring PFsense with six distinct public C class

    2
    0 Votes
    2 Posts
    1k Views
    Z

    Depends on switching, bandwidth throughput, ect…

    Low bandwidth + managed switches = Assuming the networks are on separate vlans, a pair of interfaces and using vlan separation.
    Low(100MB)/Medium(1GB) bandwidth + unmanaged switches = 7 interfaces one for each network + one to the Cisco.
    1GB+ then a LAAG configuration or 10GB nics.

    Why not just use pfSense as the firewall and default gateway?  ...wouldn't be the first time a 5xx/2xxx/3xxx series router was replaced by a pfSense box;)

  • New user needs help with pfsense VPN and WiFi

    4
    0 Votes
    4 Posts
    2k Views
    stephenw10S

    Ah, two different interpretations of the VPN requirement.
    When you said home country did you mean where your pfSense will be or somewhere else you previously lived?

    Steve

  • MOVED: Transparent proxy don't work properly

    Locked
    1
    0 Votes
    1 Posts
    594 Views
    No one has replied
  • MOVED: quelque information sur Pfsense

    Locked
    1
    0 Votes
    1 Posts
    484 Views
    No one has replied
  • Pfsense for multiple servers and ip's

    4
    0 Votes
    4 Posts
    1k Views
    M

    there will be no problem with the amount of ip, just in case be sure have the same segment on the lan and the network mask, read about nat 1to1 or just in case that have less ip but have mores services, port forwarding

    cheers

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.